I can't generated a CSR for a wildcard certificate

Similar Messages

• Generate CSR for Third-Party Certificates

  Hi All,
  i have an issue when i tried to Generate CSR for Third-Party Certificates,
  i follow step by step in the document of cisco until this step:
  3.
  Now that your CSR is ready, copy and paste the CSR information into any CA enrollment tool.
  In order to copy and paste the information into the enrollment form, open the file in a text editor that
  does not add extra characters. Cisco recommends that you use Microsoft Notepad or UNIX vi. Refer
  to the website of the third−party CA for more information on how to submit the CSR through the
  enrollment tool.
  After you submit the CSR to the third−party CA, the third−party CA digitally signs the certificate and
  sends back the signed certificate via e−mail.
  4.
  Copy the signed certificate information that you receive back from the CA into a file.
  This example names the file CA.pem.
  my issue is where i sould copy and paste the CSR information into any CA enrollment tool. i just have done create mykey.pem and myreq.pem in my folder OpenSSL\bin
  Please help and Thanks you.
  Regards,
  Jasa

  you have to do more steps using openssl.
  before you obtain the third−part certificate, you have to copy that on a notepad text, and you have to obtain an intermediate and root certificate from the company that gives you the certificate.
  Then you have to copy and paste on a notepad or gedit:
  SSL (the certificate that they give you)
  Intermediate (the certificate that you obtain from the company that gives you the certificate)
  Root (the certificate that you obtain from the company that gives you the certificate)
  name the text file like: allcerts.pem
  then... you have to run this commands:
  C:\OpenSSL\bin>openssl pkcs12 -export -in allcerts.pem -inkey mykey.pem -out All-certs.p12 -clcerts -passin pass:yourpassword -passout pass:yourpassowrd
  C:\OpenSSL\bin>openssl pkcs12 -in All-certs.p12 -out finalcert.pem -passin pass:yourpassword -passout pass:yourpassword
  Then you are going to have a file named: finalcert.pem, thats the one you have to update to the WLC. please note that on those lines "yourpassword" is the password you use when you create the certificate and its going to be the same that you have to use for upload to WLC.
  Note that you have to use openssl version 0.9.8 because its the only version thats WLC support
  If you have doubts please contact me.
  Have fun!

• Need to generate a CSR for a new Lync 2013 Edge server

  I am upgrading my Lync 2010 Edge to 2013. Part of the process is exporting all the certificates on the 2010, some public, and eventually importing them into my 2013 Edge. I have a problem with one certificate that was generated by our internal CA for the
  2010 server itself named servername.domain.local. Since my new Edge will be renamed to the same name as the old Edge, I was planning on exporting this certificate but the private key can't be exported. The option is grayed out.
  I need to therefore figure out how to get a certificate on my new Edge. No Lync software has been installed yet. What is the best way to generate a CSR so I can manually create a certificate on my internal CA. Since I don't have access to the internal CA
  from the DMZ, I need to do it this way. I am thinking maybe the MMC but maybe Windows PowerShell? Once I get the CSR generated, I will figure out how to create a certificate on my internal CA.
  I know I can do it during the Lync install but I wanted to have it ready on the server when installing.

  The option is most likely grayed out, because the private key was not marked as exportable.
  Now, you can either request the certificate by using the Deployment Tool and requesting the certificates, selecting offline and then manually copying the CSR to your Internal CA (and the certificate back)
  Or you can use Powershell and do a Request-CsCertificate (see here: http://technet.microsoft.com/en-us/library/gg425723.aspx)
  Try something like this: Request-CsCertificate -New -Type Internal -ComputerFqdn "lyncedge.domain.com" -FriendlyName "Internal Edge"
  -Template jcila -PrivateKeyExportable $True -DomainName "edge.domain.com" -Output C:\path\test.req​
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer"
  Georg Thomas | Lync MVP
  Blog www.lynced.com.au | Twitter
  @georgathomas
  Lync Edge Port Check (Beta)
  This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Can we generate two invoice  for same product in two different currency

  dear all gurus,
  actually we are in export sales
  so we are generating export invoice.
  my client is asking for another invoice in INR too this is called comercila invoice
  with this i ve to generate the ARE form
  so how to do this three things
  1.export invoice in foreign currency
  2.commercial invoice in INR
  3.ARE form with referance to this export sales
  with regards
  subrat

  Hi Subrat,
  I really dont know how this scenario can be handled.
  2invoices for the same order is not allowed legally also. So if the user is asking for it, may be first they need to discuss this with their legal department.
  If they say ok, then you may think of only an output, where you can change the values with a standard exchange etc. But having 2invoices in the system of different currencies for a single sales order will lead to lot of problems in reporting.
  Can somebody throw some light on this, on how to enable this without any problems.

• How can I generate PDF bookmarks for change bars?

  I want to generate PDF bookmarks for text that is marked by change bars when I save as PDF from structured Framemaker 7.1. That way the proofreader can go directly to the pages that contain change bars and proof only that text.

  Adding to Arnis' reply:
  It is also possible to generate PDF bookmarks for change bars through FrameMaker-to-Acrobat TimeSavers + Presentation Assistant, as follows:
  Change bar has to use a unique color, with a known RGB value
  A PDF layer is created automatically based on the specified RGB value, containing all change bars (layer can be set as initially hidden and/or as a non-printing one)
  A generic bookmark can be created automatically for each change bar. Since this is not related to the specific text being indicated, the bookmark text has a user-controlled label, optionally autonumbered (eg "Change Bar #1", "Change Bar #2", etc).
  After setting the different parameters above, the process is entirely automatic (results are present as soon as the file is Save as PDF or distilled into a PDF).
  If this approach is of interest, I can set up sample FM + PDF files.
  A different approach -- based on custom markers inserted, with unique text and note attributes -- resulting in Quick-Access Bookmarks, is discussed/demonstrated at http://www.microtype.com/ImprovePDF06.html .
  Shlomo Perets
  MicroType * http://www.microtype.com
  FrameMaker/Acrobat training & consulting * FM-to-Acrobat TimeSavers/Assistants
  1-hour webinar (free), starting 10am PDT | 1pm EDT | 5pm UTC/GMT:
  Thursday, Sept. 10: Liven up your PDFs with FrameMaker-to-Acrobat TimeSavers/Assistants 
  https://student.gototraining.com/register/8019702938678710980

• Solution Manager can't generate  installation key  for Netweaver 2004s

  I am trying to generate installation key for a new installation of
  Netweaver 2004s or 7.0 and the Solution Manager only display SAP ECC
  5.0 or 6.0 in the field production version, when i am trying do create
  a new system landscape. My Solution Manager is 4.0 release and support
  package 10. The keys generated by ECC 5.0 or 6.0 doesn't work.

  That is because SAP has not released an ECC 7.0
  NW2004s is also refered to as 7.0.  It appears that you are confusing this with ECC 5.0 and ECC 6.0
  A NW2004s installation can contain an ECC5.0 or ECC 6.0, just like it can contain a CRM 5.0 or SRM, or EP, et cetera
  The generated keys probably do not work because you have wrong hostname or instance number entered.

• Can not generate the passcode for wiki

  hi All,
  I am using wc11.1.1.3, I try to config wiki according to wc document, when I want to generate the passcode for wiki, the document said:
  1.Start Fusion Middleware Control Console. For information, see Section 6.1, "Displaying Fusion Middleware Control Console."
  2.Right-click the domain in which Oracle WebCenter Wiki and Blog Server is deployed. Next, select Security and then click Credentials.
  While just at this step, I got the error msg like this:
  Can not search all credentials from credential store
  JPS-01049: ??????: javax.naming.directory.InvalidSearchFilterException: invalid attribute description; remaining name 'cn=oracle.wsm.security,cn=CredentialStore,cn=portalDomain,cn=JPSContext,cn=jpsroot_wc'
  I am using oid11g as credential store, I checked oid and confirm that 'cn=oracle.wsm.security,cn=CredentialStore,cn=portalDomain,cn=JPSContext,cn=jpsroot_wc' exists.
  Does anybody has suggestion on this?
  Best regards

  Read this and this.

• Problems generating right CSR for Callmanager 10 - cisco messes up values, Bug?

  Hi,
  we wanted to install our official SSL certificates for the Callmanager, presence and Unity Connection.
  I had to regenerate the web-security from the console following the instructions.
  All values are in the correct order:
  orgunit orgname locality state
  "IT OfficeNet" "Filmakademie Baden-Wuerttemberg GmbH" Ludwigsburg Baden-Weuerttemberg
  But in the certificate for tomcat cisco changes values! What the heck?!
  OU=set,O=web-security,L=IT OfficeNet
  but it should be from my understanding:
  OU=IT OfficeNet,O=Filmakademie Baden-Wuerttemberg GmbH,L=Ludwigsburg
  Any idea, what's going wrong? Why is call manager etc messing things like this up? 
  The point is, we do need the name in the format O=Filmakademie Baden-Wuerttemberg GmbH,C=DE for our DFN PKI PCA. And no we don't do it the microsoft way!
  Thnaks for any hint and regards . Götz Reinicke

  Hello Götz,
  I cannot recreate that issue. Did you use the below command to change the Tomcat certificate?
  admin:set web-security "IT OfficeNet" "Filmakademie Baden-Wuerttemberg GmbH" Ludwigsburg Baden-Weuerttemberg
  WARNING: This operation creates self-signed certificate for web access (tomcat) with the updated organizational information.  However, certificates for other components (ipsec, CallManager, CAPF, etc.) still contain the original information. You may need to re-generate these self-signed certificates to update them.
  Regenerating web security certificates please wait ...
  WARNING: This operation will overwrite any CA signed certificate previously imported for  tomcat
  Proceed with regeneration (yes|no)? yes
  Successfully Regenerated Certificate for tomcat.
  You must restart services related to tomcat for the regenerated certificates to become active.
  admin:show web-security
    Version: V3
    Serial Number: 133081466728708197270872537923747420964
    SignatureAlgorithm: SHA1withRSA (1.2.840.113549.1.1.5)
    Issuer Name: L=Ludwigsburg, ST=Baden-Weuerttemberg, CN=cucm-c.mpagacz.local, OU=IT OfficeNet, O=Filmakademie Baden-Wuerttemberg GmbH, C=PL
    Validity From: Mon Oct 27 20:05:41 CET 2014
             To:   Sat Oct 26 21:05:40 CEST 2019
    Subject Name: L=Ludwigsburg, ST=Baden-Weuerttemberg, CN=cucm-c.mpagacz.local, OU=IT OfficeNet, O=Filmakademie Baden-Wuerttemberg GmbH, C=PL
  -Mateusz

• How can I generate preview movies for entire project file?

  I have an entire project organized into a single project file. Is there a way to generate preview movies for the entire project so that an editor is always working from rendered files?

  Look at source code in PreviewExporter plugin.
  robcole.com - PreviewExporter

• Is there a way to change the CSR for install SSL Certificate for CCMADMIN

  HI there,
  Our customer want a solution for the https failure on CCMAdmin and CCMUser sites.
  For that, I have exported a csr to buy a ssl certificate from verisign.
  The problem is the csr includes fqdn an not just the servername
  But the users just have to type in the servername to reach the server.
  Is there a way to export a csr which include as common name only the server name without changing the domain settings in the cucm?
  thanks
  Marco

  Hi
  You can go to the server via SSH, and enter the 'set web-security' command with the alternate-host-name parameter:
  Command Syntax
  set web-security orgunit orgname locality state country alternate-host-name
  Parameters
  • orgunit represents the organizational unit.
  • orgname represents the organizational name.
  • locality represents the organization location.
  • state represents the organization state.
  • country represents the organization country.
  • alternate-host-name (optional) specifies an alternate name for the host when you generate a
  web-server (Tomcat) certificate.
  Note When you set an alternate-host-name parameter with the set web-security command,
  self-signed certificates for tomcat will contain the Subject Alternate Name extension with
  the alternate-host-name specified. CSR for Cisco Unified Communications Manager will
  contain Subject Alternate Name Extension with the alternate host name included in the CSR.
  Typically you would still use an FQDN, but a less specific one (e.g. ccm.company.com)...
  Regards
  Aaron
  Please rate helpful posts...

• Can I generate an executable for OS9 using LV7.1 in OSX

  Hi,
  I recently upgraded my G4 Mac to OSX and LV7.1.
  Some of the machines that I'm developing executables for still run OS9.
  So, what I would like to know is if is a way I can generate executables for OS9 from LV7.1?
  Thanks,
  Dave.

  Dave,
  Sorry this is not possible. ClassicMacOS is only supported until LV7.0 so you need to save your VIs in LV7.1 explicit for LV7.0 and use a LV7 in your Classic environment. Take the ''for previous version'' saved VIs to Classic LV7 and build the app there... et voilà ...you will have a stand alone for the good old MacOS987. What other environment lets you compile stand alones for two entirely different platforms?
  Thanks for supporting LV on the Apple !
  Urs
  Urs Lauterburg
  Physics demonstrator
  Physikalisches Institut
  University of Bern
  Switzerland

• How to generate / renew CSR for Cisco AppSpace technology

  Hi all,
  I'm not align on AppSpace technology and CSR renewing and I'd like to know from the community some steps in order to renew our certificate used by  AppSpace.
  Exist some simple steps to perform this renew?
  I have to contact our Certificate Authority in order to do this or I can do it by myself?
  Many regards.

  Hi all,
  I'm not align on AppSpace technology and CSR renewing and I'd like to know from the community some steps in order to renew our certificate used by  AppSpace.
  Exist some simple steps to perform this renew?
  I have to contact our Certificate Authority in order to do this or I can do it by myself?
  Many regards.

• Can i generate more than 1 library for 2 ipods?

  I have a mini ipod and just bought a nano ipod for someone else. We are using the same computer. how can i generate another library for his use?

  Candice,
  Welcome to Apple Discussions.
  How to use multiple iPods with one computer.
  JJ
  Don't steal music !! Just a statement, not an accusation

• How can I generate SSL Keys from a Oracle 9iAS server version 1.0.2.2.0

  How can I generate SSL Keys for use on Oracle 9iAS server
  version 1.0.2.2.0. I have tried using the open_ssl method but
  was unsuccessful.

  <?xml version="1.0" encoding="UTF-8" ?>
  <nodes>
  <node>
  <category_id>3</category_id>
  <parent_id>2</parent_id>
  <name>Mobile</name>
  <is_active>1</is_active>
  <position>1</position>
  <level>2</level>
  <children>
  <node name="Nokia" category_id="6" parent_id="3" is_active="1" position="1" level="3">
  <node name="Nokia N79" category_id="7" parent_id="3" is_active="1" position="2" level="3" />
  <node name="Nokia N95" category_id="7" parent_id="3" is_active="1" position="2" level="3" />
  <node name="Nokia N97" category_id="7" parent_id="3" is_active="1" position="2" level="3" />
  </node>
  <node name="Samsung" category_id="7" parent_id="3" is_active="1" position="2" level="3">
  </node>
  </children>
  </node>
  <node>
  <category_id>4</category_id>
  <parent_id>2</parent_id>
  <name>Laptop</name>
  <is_active>1</is_active>
  <position>2</position>
  <level>2</level>
  <children></children>
  </node>
  <node>
  <category_id>5</category_id>
  <parent_id>2</parent_id>
  <name>Monitor</name>
  <is_active>1</is_active>
  <position>3</position>
  <level>2</level>
  <children></children>
  </node>
  <node>
  <category_id>8</category_id>
  <parent_id>2</parent_id>
  <name>Camera</name>
  <is_active>1</is_active>
  <position>4</position>
  <level>2</level>
  <children></children>
  </node>
  </nodes>
  Is this correct format to create dynamic menu?

• Problem with XML import MDM 7.1 - Can't generate Xml Schema

  Hi All,
  When I try to open an XML file using Import manager, I'm getting some errors, as detailed below. I mention that I'm using MDM 7.1.
  The first error I received was the following:
  "Can't open C:/Program files/SAP MDM 7.1/Import Manager/XSD.exe". I copied the file xsd.exe in the Import Manager folder, as suggest here:
  Re: Import Manager Error.
  Afterwards, I received a new error:
  "Can't generate Xml Schema for: C:/Program files/SAP MDM 7.1/Import Manager/filename.xml"
  If anyone has faced the same problem - and solved it -, could you please help me find the reason for this behaviour?
  Regards,
  Laura

  Hi Laura,
  The error message "Can't generate Xml Schema"  might be related to DTD. the XML file has a directive for loading DTD.
  MDM doesnot support DTDs.
  Remove the DTD line and make sure there is only one root element in the XML file and try again.
  Hope this helps,
  Bes t Regards,
  Silpa Chillakuru