How to Install Root Certificates
I'm trying to get Safari to recognize websites that use cacert.org SSL encryption. I tried the following precedure, which did not work:
http://www.mecking.net/2011/02/installing-cacert-root-certifcates-on-ios/
I can get the certificates to show up under "Profiles" but this has no effect in Safari and it always tells me "Cannot Verify Server Identity". I tried messing around with the "iPhone Configuration Utility" and got the same results that way.
I have nokia 6300 s40v3 and when I tried to open cert.html it showed format unknown.
What should I do. Can you tell me the format of bookmark so that can rename it to cer.(format)
sir please give some guidense its very urgent
reply at *******
MODERATOR'S NOTE:
Personal details removed by a moderator. We kindly ask you not to share your personal e-mail address or any other personal information publicly on this forum. This is for your personal safety and privacy.
Message edited by Aikin19
Similar Messages
-
Having problem getting installed root certificate to work
We have a recerse proxy set up with an SSL certificate singed by our local CA. We are trying to connect to this reverse proxy from iPad over 3G connection.
Initially, we received the error "Safari cannot open the page because it could not establish a secure connection to the server". Reading up on this, realized that we needed to install the CA root certificate as a trusted root on the device.
Got iPhone Configuration utility, set up a configuration profile for the sole purpose of installing the certificate, added the certificate through Credentials section, and assigned the profile to the device. I can see the certificate updated to the device through General>Profiles and can confirm that it IS the root certificate used to general the SSL certificate on the proxy.
Even after application to the iPad (tried on iPhone also), attempt to access our proxy server from the iOS device fails with the same error.
It is interesting to note, that on a personally owned iPad, instead of the error noted, I received a pop-up indicating the certificate was unknown, and I was presented with options to "Cancel, Details, Continue". Clicking on "Details", I was allowed to view the certificate properties, and ALSO had a button to "Accept". Hitting "Accept" installed the certificate as trusted, and I get through the proxy server just fine. Only problem now is that if I *want* to re-create the prompt, I have no way, as I've found no way to remove certificates from the iPad unless installed via configuration profile.
We've checked and double-checked, and the certificates all "line up" to the correct CA.
Any ideas where I night be going wrong?
Thanks!New clue....
I only have the problem of not connecting to the proxy server if I'm using a 3G connection. If I turn on wi-fi, connect to an access point, the installed root certificates do their job, and I connect just fine.
Anyone know of potential problems with SSL certificates over 3G? -
How to install SSL certificate on the second ACE in the HA pair
Hi,
I'm struggling to figure out how to install a certificate (.p7b and .crf) on my second ACE in a HA pair.
On ACE01 i generated a CSR and gave the details to our SSL provider, they provided the certificates and i imported them. All good there.
How can i install the same SSL on ACE02 if i haven't generated a CSR on my backup devicde, or do i generate a CSR and import the same certificate?
Since bringing the ACE's into HA all contexts have sync'd and the backup ACE is in 'hot standby' state. But one context fails the sync and i think this is because the SSL certificate is not installed correctly on the second ACE02.
Anybody got any ideas, suggestions?
CheersHi,
If you already have the cert and key on the Active ACE, then you just need to export them using "crypto export ..." command from Active ACE and then import to the standby ACE using "crypto import ..."
Regards,
Siva -
HOW TO INSTALL ROOT (Authority) CERTIFICATES ON S4...
Recently i bought a 6500 Classic and stupidly deleted my Authority Certificates.
After trwaling the net for info on how to re-install certificates i couldnt find an answer apart from NO YOU CANT DO THIS.
Well to that i say NUTS!!! because you can and i will show you how by simply following these steps.
1. Create a New Folder on your desktop and call it whatever you like.
2. Open notepad on your computer.
3. Copy the text below into the Notpad file. (I got this from some website as they were using it for smething else but it does work so thanks to them or thanks to you if this is yours)
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Install root CA</title>
</head>
<body>
<p>
<a href="der1.cer">Download a CA Cert1</a>
<a href="der2.cer">Download a CA Cert2</a>
<a href="der3.cer">Download a CA Cert3</a>
<a href="der4.cer">Download a CA Cert4</a>
<a href="der5.cer">Download a CA Cert5</a>
<a href="der6.cer">Download a CA Cert6</a>
<a href="der7.cer">Download a CA Cert7</a>
<a href="der8.cer">Download a CA Cert8</a>
<a href="der9.cer">Download a CA Cert9</a>
<a href="der10.cer">Download a CA Cert10</a>
<a href="der11.cer">Download a CA Cert11</a>
</p>
</body>
</html>
4. Save the Notpad file as type ALL FILES but when naming it just call it cert.html and save it to the folder you created on your desktop earlier.
5. Now downlaod the Root Certificates you need to the same folder on your Desktop.
6. When saving the first Certificate to the folder call it der1 ((make sure not to take out the file extension eg .cer)) then the second der2, third der3 and so on and so on till you get to der11. (Dont worry this will not rename the certificate when it installs on your phone.)
Example of what the files in your Desktop folder should be called der1.cer, der2.cer etc etc.
7. Now transfer the whole folder from your Desktop to your Mobile phone. (I did this by using Nokia PC Suite.)
8. When the folder with the certificates and hmtl we made have been transfered to you phone navigate using your phone to that folder.
9. Go into the folder and open the cert.html file. (Your browser will now open a page with 11 download links available)10. Now all you have to do is click on each link and accept each certificate remembering to save and they will install on your phone. (On my 6500 Classic i can check this by Navigating through my phone to Menu>Settings>Security>Authority Certificates)
Notes:- Some errors you may receive when trying to download the certificates through your phone browser may be Already Exists, Expired Certificate and the most annoying is Corrupted Certificate.
Already Exists - Shouldt allow you to save (DO NOT SAVE IF IT ALLOWS YOU)
Expired Certificate - (DO NOT SAVE)
Corrupted Certificate - Install the certificate on your computer first, then go to Tools>Internet Options>Content>Certificates.
(save the certificate to other people tab) Browse for the certificate you installed then export it in DER format to the Desktop Folder you created then start process over again to get it onto your phone.
Remember to delete any certificates as you go that you have already installed so you dont get mixed up.
Any issues reply and i will do what i can to help and if anyone has Hutchinson 3G Root Certificates please let me know.
Thanks.
Message Edited by andyhardie on 15-Jul-2009 04:05 PMI have nokia 6300 s40v3 and when I tried to open cert.html it showed format unknown.
What should I do. Can you tell me the format of bookmark so that can rename it to cer.(format)
sir please give some guidense its very urgent
reply at *******
MODERATOR'S NOTE:
Personal details removed by a moderator. We kindly ask you not to share your personal e-mail address or any other personal information publicly on this forum. This is for your personal safety and privacy.
Message edited by Aikin19 -
How to install a certificate in OC4J
Hi I want to connect a server from a java method in Jdeveloper (from local machine) using api which needs a certificate to be installed in the caller.
I have installed the certificate in my machine by clicking the certficate file and clicking the Install Certificate option.
But still the error is comming. Do I need to add the certificate somewhere in Jdeveloper? How?
The error message is:-
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=userx,ou=employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
javax.naming.CommunicationException: simple bind failed: ldapu.xyz.gov.sg:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=non-employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=non-employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
javax.naming.CommunicationException: simple bind failed: ldapu.xyz.gov.sg:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
Creating ldapContext for user =>uid=dbc13,ou=employee,o=xyz,c=sg
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
javax.naming.CommunicationException: simple bind failed: ldapu.xyz.gov.sg:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
[Ljava.lang.StackTraceElement;@193385dsg.gov.xyz.ldap.base.LDAPException: Unable to connect to the server.[simple bind failed: ldapu.xyz.gov.sg:636]
Thanks in advance
Sam
Edited by: Sam on Nov 16, 2010 9:50 PMHi. To SSL comunication between the local machine and remote server with jndi, only need install or register the ca-certificate with keytool in the local machine. This instructions can help you:
/oracle/oas/10.1.3.1/soa/jdk/bin/keytool -import -keystore /oracle/oas/10.1.3.1/soa/jdk/jre/lib/security/cacerts -trustcacerts -file /oracle/certificates/DcDg04Cert2.cer -alias alias_name -storepass store_pass
Bye. -
Installing Root Certificate? 10.4.11 Where do I look for this.
Hello, I am setting up a new email (Entourage 2004) account and am getting Error #156 "cannot connect to server because you have no root certificate installed." What the heck is that? Never heard of it. Someone at Midphase told me to sign up for an SSL certificate but I don't know what that means. Really would appreciate some input. Thanks!
Okay Dave, I see. But, are you saying I have to call my ISP for a trusted cert? Not my host for my site but my guys for how I get on the internet which in my case is toast.net Right? Will they have a clue as to what I'm talking about? T.
-
How to install client certificate in Jdeveloper 10.1.3.41.57
Hi,
We need to connect to another website by presenting client certificate. This certifficate is provided by this website and password is required. Though I tried to tried to launch the JSP that redirects the page to the URL to connec to that website, and I imported the certifcate to the browser, I am still asked credential to connect.
I was told by other people I need to install the client certificate on the server.
My question is that how I install this client certificate on Jdeveloper 10.1.3.41.57 and launch JSP to connect to that website?
the certificate is like xxx2_x.509Cert.pfx.
Please help
Thank you.
jfuFirst, thank you so much for your reply. Yes, it works. I did converted pfx to JKS successfully.
i use keytool -list to view this JKS file. I can see the content. The chain length is 2.
However, I got error same error message when I tried to use above command to import JKS to cacerts under jdk/jre/lib/security/; if I add -storetype pKCS12, I got another error keytool error: java.io.IOException: DerInputStream.getLength(): lengthTAg=109, too big.
Please help.
Thanks,
Jfu
Edited by: 872272 on Sep 20, 2011 8:58 AM -
How to install SSL Certificates automatically in Client machine
Hi All
I have installed Certificates for SSL in Planning server machine for Planning Web services.While connneting to Server through excel-addin from client machine it is not connecting
Error is bleow:
"The underlying connection was closed : could not establish trust relationship for the SSL/TLS secure channel" and then getting the following error
"The PerformancePoint Server System is currently unavailable"
I got it this is due to Certification not installed in client machine.
So i tried to install certificate through IE web browser ..i typed webservices links ..i.e https://servername:443 in address box
..not admin console link.Because if i connect to Admin console then i connect to Planning server it is not showing me the dialog box " Security Alert "
So typed direcly webservices in address box.Then "Security Alert" dialog box opened ,In that i clicked "View Certificate" button and installed manually.Then this problem solved.
But i want to check this is a way to install cerficate in the client machine or there is any other way to do it automatically...
Please help me to solve this..
Thanks
AbdulAbdul,
The problem seems to be that the certificate authority that created your certificate is no trusted by Windows.... That process of installing the root certificate in the clients machines should not be needed if the ceritifcate is obtained from the right ceritifcate authority...
Where did you purchased your certificate from?
Regards,
Pablo Barvo - MSFT -
How to install personal certificate on N95?
Hi,
Does anyone know how to install a personal certificate on the N95? I need to connect to my office WLAN using Radius authentication. I have tried to bluetooth the .cer file to the phone and it does not recognize the file or install it. I am familiar with all of the WPA settings (EAP-Peap-MSCHAP v2....etc) which do not work or seem to work without the personal cert.
Thanks,
GregI also need to import a personal certificate on a N95 for synchronization with the company exchange server.
I tried to import thru bluetooth in a .p12, .cer format. I tried also to modify the certificate with openSLL.
It seems that is not possible to import personal certificate exported from the exchange server on a N95!!
The support site answered me just to import it in a .p12 format. I'm not dummy, I know what I did, I just become a message that the file is corrupt, but I can use this certificate on all other mobiles!
I will change to a Sonyericsson P1, or do someone know how to solve the problem? Also the support didn't tell me when there will be a version 13 of the firmware, if the problem is known and if is possibile to downgrade to version 10. -
How to Install CA Certificates in B2B
Hello
I am new to B2B and I got CA and trusted certificates from our client. I used KeyStore tool and loaded all CA and trusted certificates and generated .jks file and used in the B2B certification section. With this I am able to connect to the client server and able to send the files successfully. But Client saying that they are not able to connect to my server and getting below error. They are saying that to install CA and trusted certificates. Can anybody guide us how to install them?
HTTPClientMethodService resumed with error.
HTTPClientAdapter [GWW_HTTP_CLIENT_ADAPTER_N2-3]
ServiceStartTime [2015-01-16 14:47:50.37]
ServiceEndTime [2015-01-16 14:47:50.586]
SessionToken [GWW_HTTP_CLIENT_ADAPTER_N2-3_HTTPClientAdapter_node3AC2_142144127032096:3845756]
HTTP Status Code: 404
HTTP Reason Phrase: Not FoundConfiguring Commercial certificates on weblogic server
http://weblogictips.wordpress.com/2008/07/27/configuring-commercial-certificates-on-weblogic-server/
How to debug SSL issues with weblogic server
http://weblogictips.wordpress.com/2010/05/11/how-to-debug-ssl-issues-with-weblogic-server/
Steps to create self sign certificates for weblogic server
http://weblogictips.wordpress.com/2008/07/27/steps-to-create-self-sign-certificates-for-weblogic-server/
thanks,
sandeep -
Complete list of pre-installed root certificates in Java keystore?
I need a complete list of from which version and update of JDK, J2SE, Java SE etc different root certificates are pre-installed in the keystore.
Someone that can help?levhal wrote:
No.
What I need is a list of when the different root certificates was supported by Java. An example could be:
"Thawte Premium Server CA" was preinstalled since J2SE 1.3
"GlobalSign Root CA" was preinstalled since J2SE 1.4.2 update 16Write to Sun/Oracle since I doubt if anyone visiting this site has such a list or has access to the information required to create such a list. -
How to Install Server Certificates
1) Sun Web Server -> Admin Console -> Server Certificates
2) Bunch of steps to get to "Step 3: Enter Certificate Data"
Paste the following in the textarea:
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQCv8WAOuA5eohKYuHo0Us7riIDy50a9/mmtSmkR3Libd1Kv51IE
7nE86bnsEYGG6JRxnDI207DAQ2k1UZxonoJ3D24K0g==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIBuzCCASSgAwIBAgIGARatBajmMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNVBAMM
w/1y6NyccF7+/7nIntaT
-----END CERTIFICATE-----3) Finish up the rest of the steps.
I get:
An error has occurred
com.sun.web.admin.exceptions.AdminException: ADMIN4112: No Private key foundWhat did I do wrong?It seems you didn't generate the certificate based in a certificate request generated via the webserver console.
The full steps to install a certificate are:
1. Create the certificate database in webserver console(Sun Web Server -> Admin Console -> Server Certificates). You must enter a passphrase.
2. Create a certificate request in webserver console.
3. Sign the certificate request and generate the certificate with your CA (can be verisign)
4. Install the certificate in webserver.
Hope it helps. -
How to instal wupos certificate in iphone 5s
i have installed a certificate of wupos in 5s but it is giving an error "not trusted" after installation
well, is the certfiicate self signed? if it's not issued and signed by a legitimate CA, what you're seeing is normal.
-
How to install maintenance certificate and License with solution Manger?
Hi all,
Is this possible to install maintenance certificate and License with solution Manger atomatically ?
Regards,
NeniHi Swaroop,
There is a feature in SAP Solution manager through which we can instal the licenses.
Please see below links,
http://help.sap.com/saphelp_sm70ehp1_sp23/helpdata/en/41/42b6397c604278b6626f3d570c98c8/content.htm
http://help.sap.com/saphelp_sm70ehp1_sp23/helpdata/en/89/a7c08d740c4cffb491f98801f17d30/content.htm
Thanks,
Jagadish. -
How to install SSL certificate on Mac OS X 10.8.3 Server 2.2
Hi,
In eairler versions of !0.8 / OS X Server 2.2 your where able to install a purchased SSl certificate in the
Hardware >> Profile Manager Server >> Settings >> SSL Certificate Edit
I've just done a clean install of 10.8.3 and OS X Server 2.2 but there is no "SSL Certificate Edit" available.
How do I install my purchased certificate?
Thanks,
Johnsorry for hijacking but I have a related question to do with certificates.
I had to set up virtual domains manually instead of through the GUI and the server ssl site is now locked to a certificate that is about to expire and no longer needed, I can't change the certificate in the web gui because it was created manually, I can't delete the certificate because it is assigned to the server ssl website and I can't manually edit the conf files to point to a different certificate becasue it breaks it, any ideas?
Maybe you are looking for
-
followed support steps (sudo) to recover itunes sync authorization "permission error" but did not work
-
I really messed up Mail, now how do I fix it?
(Please pardon the long explanation) Where I was: PowerMac G4, running OSX 10.3.9, Mail 1.3.11 All working well. Burned a back-up DVD of my Mail Library and preference files. Where I went: MacPro G5, running OSX 10.5.8, Mail 3.6 How I got there: Star
-
E-mail alerts not working properly
I have a problem with my Tour which has put me in some awkward situations- like in court and work meeting- not good. The e-mail alert makes an audible noise even when the setting is programmed for silent. My original Tour worked fine at first, and af
-
I'm a teacher and I use my .Mac for a class website. My "blog" is a daily review of the day's classwork and homework. I always print the blogs out to post in my classroom. However, when I do, the print out does not match what I see on my computer. Th
-
Coding in form created in screen painter
I have created a form in screen painter.How can I do coding in this form.I have added a save button in the form.How can I fire the click event on this button.The file created has extension srf and it can not be opened in asp.net.