I do not see SSL certificate warnings now a days, even when visiting sites that do not provide valid identity.
When visiting a website that has some kind of SSL certificate issue, like missing , untrusted or invalid certificate etc, the browser is supposed to show a warning message, which should warn us of potential hazards of visiting the website. I realised that my browsers have not shown such warning message for a really long time. Can anyone give me any idea why this is happening?
Thanks,
Satya
Do you get an error on this page: https://www.sothai.com/
Under Technical Details you should get:
www.sothai.com uses an invalid security certificate.
The certificate is only valid for the following names:
www.jeffersonscher.com, jeffersonscher.com
(Error code: ssl_error_bad_cert_domain)
If instead you get a real webpage, click the padlock icon in the address bar, then More Information, then View Certificate, and take a look at the "Issued by" section. What do you see there?
Similar Messages
-
Why is my battery life so short? Like one day, even when I'm not using it.
I've had this I phone only a little over a month and hardly used it at all. The battery is lasting a shorter and shorter time. Now it's down to about a day and a half, even when only on standby.
You say you've had the phone a little over a month, but your profile says it's an iPhone 3G. Did you mean 3Gs? The iPhone 3G came out in 2008 and hasn't been sold in over a year. If you got it used, it's entirely possible the battery is losing its ability to hold a charge. They can only take so many charge cycles.
-
When I go to a day, I want to see a list of my events for that day in order, together, not have to scroll through 24 hours.
You can tap on the magnifying glass in the upper right and see a list view.
-
Why do I not see my music on my ipad mini even when I download from the cloud.
I bought a new Ipad Mini and when I download music or videos from the cloud they do not appear on my ipad. In Itunes on my computer I can see them when I open my Ipad.
function(){return A.apply(null,[this].concat($A(arguments)))}
PSE8 has recognized and converted one of my two catalogs, but I can't find the other one at all. How can I get it from PSE6, converted to PSE8?
See the first section of this tech note, "Convert your catalogs":
http://kb2.adobe.com/cps/515/cpsid_51536.html
You can also use Windows Explorer to search your entire hard drive for all PSE 6 catalogs (named catalog.psedb); be sure to configure Windows Explorer to view hidden files:
http://www.johnrellis.com/psedbtool/photoshop-elements-faq.htm#_View_hidden_files
function(){return A.apply(null,[this].concat($A(arguments)))}
I would however like to transfer the slide shows which work fine in the converted PSE8 catalog in my old computer. Some of the files are pdf which I assume I could transfer by simply dragging and dropping. Is there a proper way to transfer just the slide show projects from PSE8 on my old computer to PSE8 on my new computer?
The only way to transfer slide-show projects is to transfer the entire catalog file -- you can't move or transfer individual projects. You can move the individual PDF or move files that the projects created, but of course you can't edit those later. -
I got a message screen telling me I needed to update to the latest firefox version. So I proceeded to update to 3.6.13. The update window said it was almost finished with just a few seconds remaining. It was taking a very long time when it got to that point so I minimized that screen and went to do something else. My computer kept freezing up so I went back to the update window to see how it was coming along and noticed it had paused, I tried to hit the resume button but it didn't work. I turned my computer off and turned it back on hoping that I could just start the update over but the same message was there when I went to try to update again. It still said it was almost finished with the previous update and that it was paused. What do I do to correct this?
Try:
- iOS: Not responding or does not turn on
- If not successful and you can't fully turn the iPod fully off, let the battery fully drain. After charging for an least an hour try the above again.
- If still not successful that indicates a hardware problem and an appointment at the Genius Bar of an Apple store is in order. -
When trying to close multiple tabs, mozilla warns me and asks if i want to save. Even if I click no, the next time mozilla opens it opens to the last open tab of the previous session. If there is only one tab open when i close firefox it does not ask me, but will still load that tab when firefox next opens.
So, I fixed it...but I'm not quite sure how. I compared, line by line, my about:config with the one on my houses main computer...only did about two screen's worth, but I changed some values to match the other computer and the problems gone!
-
Hello everyone,
I've recently been getting error messages on youtube videos when using safari. This never used to happen. I tried using chrome but it didn't take care of the problem. When I set my default browser back to safari, safari won't open any websites that require a username and password. Any suggestions?My case is different from those listed below. First, I'm running OS X 10.8.5 and Safari 6.0.5.
My problem is this:
I run a Google search, say, "youtube somesong", and from the hit list returned from google I
pick some selection. Youtube launches and plays the video without problems. However, when
i click on any of the alternate videos from the page's vertical list, only the name of the chosen video
appears beneath the video I just watched. The new selection itself is not loaded by Safari.
This occurs for any selection I choose. My way around this problem is to force a Safari reload of
the page by using the keyboard shortcut, Command-R. This fills in the old video window with the
video I just chose. Can I conclude that this is a Safari issue alone, or is it a Safari/Youtube combo gotcha? Anyway, the present condition *****.
This problem began sometime after i upgraded to Mountain Lion. I have reset Safari and have also
deleted the Youtube.com Cache, Cookies, and Local Storage from the Privacy settings under
System Preferences. I have also tested the problem by running Safari in 32 bit mode (no luck there).
If anyone out there has experienced this scenario, I sure could use a little help here. -
I am using Firefox 5.0
You can block both intelliTXT and Google Ad-Sense with a hosts file and with Adblock Plus.
Having a good '''hosts''' file on your system can protect your entire system cross-application and all browsers and all your Firefox profiles against a lot malware. The '''hosts''' file must coded for www.example.com, example.com, anything.example.com -- '''Adblock Plus''' is more generic and can do more with less coding -- subscribe to the '''EasyList US''' filters as ADP will do nothing without filters. See links below.
'''More information:''' on extensions and keyword shortcuts
* [https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/ Adblock Plus :: Add-ons for Firefox]
* [http://adblockplus.org/en/filters#basic Writing Adblock Plus filters]
* [http://winhelp2002.mvps.org/hosts.htm Blocking Unwanted Parasites with a Hosts File]
* [http://userstyles.org/styles/42848 Google - Highlight harmful site alert - Themes and Skins for www.google - userstyles.org]
Terminology:
* AdSense - Wikipedia, the free encyclopedia<br>http://en.wikipedia.org/wiki/AdSense
* IntelliTXT - Wikipedia, the free encyclopedia<br>http://en.wikipedia.org/wiki/IntelliTXT -
PDFs create great, unless they should be over 10 pages and then it appears the data was converted to PDF by viewing the page numbers at the bottom of the PDF but you can only view the first 10 pages in the pdf file.
Hi stephaniec0103,
Could you please let me know what exact dot version of Acrobat 9 and OS you are using.
Have you tried repairing Acrobat from the Help menu?
Acrobat 9 is an older version and incompatible with new OS versions, so I would suggest you to try using Acrobat XI (latest version) and check for the same.
You may download a 30-day free trial version of Acrobat from the below mentioned link:
Download Adobe Acrobat free trial | Acrobat XI Professional
Let me know how it goes.
Regards,
Anubha -
I finally took the plunge and brought our chat server back up to Leopard. I'm in an SSL mess right now.
I got a new cert for the server from Thawte (got the ApacheSSL cert, which is what I had successfully used on Tiger Server.)
I started the process by creating a new CSR in Server Admin (advanced server), sent the CSR to thawte, they signed and returned the cert. Went back to server admin, imported it, and it looks good!
Well, I selected the cert in the iChat service and clients cannot login. They can login with the Default cert (but get the warning message).
...and we see the following in the iChat service log:
Jan 7 07:27:48 chat jabberd/c2s[6453]: failed to load local SSL pemfile, SSL will not be available to clients
So, I looked in /etc/certificates and it looks good:
chat:certificates herb$ ls -la
total 72
drwxr-xr-x 12 root wheel 408 Jan 7 07:24 .
drwxr-xr-x 124 root wheel 4216 Jan 7 07:25 ..
-rw-r--r--@ 1 root wheel 0 Jan 5 13:35 .defaultCertificateCreated
-rw-r--r-- 1 root wheel 660 Jan 5 13:35 Default.crt
-rw-r----- 1 root certusers 1551 Jan 5 13:35 Default.crtkey
-rw-r----- 1 root wheel 534 Jan 5 13:35 Default.csr
-rw-r----- 1 root certusers 891 Jan 5 13:35 Default.key
-rw-r--r-- 1 root wheel 1155 Jan 7 07:24 chat.northampton.edu.chcrt
-rw-r--r-- 1 root wheel 1306 Jan 7 07:24 chat.northampton.edu.crt
-rw-r----- 1 root certusers 2269 Jan 7 07:24 chat.northampton.edu.crtkey
-rw-r----- 1 root wheel 720 Jan 5 14:09 chat.northampton.edu.csr
-rw-r----- 1 root certusers 963 Jan 7 07:24 chat.northampton.edu.key
I am really at a loss, any ideas?
I notice that in the jabberd c2s.conf configuration file:
<!-- File containing a SSL certificate and private key to use when
setting up an encrypted channel with the router. If this is
commented out, or the file can't be read, no attempt will be
made to establish an encrypted channel with the router. -->
<pemfile>/etc/certificates/Default.crtkey</pemfile>
Now that is odd since I chose the chat.northampton.edu cert!
Later in the file we do see references to the chat.northampton.edu cert so I left that entry alone. Later I read that first entry is okay the way it is.
Any help appreciated!Here's how to get iChat Server working with a real SSL cert. Also, in my case users come from Open Directory (on a Novell eDirectory directory). So this solution kills 2 birds with one stone.
1. Set up your server, in my case a new install. Install updates NOW, not later!!!!!!!
2. In Server Admin, clicked Certificates, then the + sign to create a new cert.
3. Fill in appropriate info, such as Common Name (DNS name of your server!), Organizational Unit, etc.
4. Enter a 24 character passphrase. (Good security please!)
5. Click Save, then second middle button to create a CSR.
6. Drag the CSR icon into the place for the CSR on the thawte(Verisign, whatever) request page. Or email the CSR to them.
7. Verify the CSR on the thawte(Verisign, whatever you're using) site. The information should match what you entered for Common Name, etc.
8. Submit it to them for signing; get the reply from them.
9. Go back into server admin | Certificates, select the my.domain.com cert, click the button and select "import signed..."
10. Paste the response from thawte(Verisign, whatever) in there, then click save.
You should now see that the cert is trusted and the certifying authority (thawte, etc) listed, where it used to say Self-signed.
Fire up web services and see if it your new cert works for web. If it does, continue on.
Your new cert may or may not work for Jabber. If it does, well you're done. If it doesn't...
1. Ensure you've selected the cert for iChat in Server admin. (I know, it doesn't work yet.)
2. Either Remote Desktop to your server and open Terminal or ssh in and get a prompt. BECOME ROOT!! sudo su -
3. Take a look in /etc/certificates.
4. You should see a my.domain.com.key file and a my.domain.com.crt file.
Now using vi, pico, or whatever look at the .key file. Do you see DES encryption lines in there? If you do, your private key is encrypted with your passphrase.
5. Make a copy of my.domain.com.key (Let's call it my.domain.com.jb)
5a. Make a copy of my.domain.com.crt (Let's call it my.domain.com.crt.jb
6. Decrypt the private key: (Remember you're root!) openssl rsa -in my.domain.com.jb -out my.domain.com.jb
It will ask you for your passphrase.
7. Create a new file containing your public key (my.domain.com.crt), and combine with the decrypted private key (my.domain.com.jb):
cat my.domain.com.jb >> my.domain.com.crt.jb
8. Rename my.domain.com.crt.jb to my.domain.com.crtkey.jb
9. Change ownership of my.domain.com.crtkey.jb to root:jabber ( chown root:jabber my.domain.com.crtkey)
Not done yet....
10. Change perms / ownership of my.domain.com.jb to match your original .key file.
EDIT /etc/jabberd/c2s.xml
1. Amend the settings in the local section (under the ssl-port 5223 line) to:
/etc/certificates/my.domain.com.crtkey.jb
1a. I also commented out the cachain line in that area. You may not need to but I did.
2. No matter how tempting, do NOT touch anything else at this time. Trust me.
Leave the 0.0.0.0 IP's alone; where you see your Default cert, leave it be!
Done editing.
3. Restart ichat service (don't touch the settings in the Admin application)
On the iChat client set connect using SSL, port 5223.
All should work.
To get OD logins to work, comment out cram-md5 authentication, like this:
Hopefully the code comes out in the pose there. If not, it's the fix from the Apple:
http://docs.info.apple.com/article.html?artnum=306749 (option 2)
Thanks to MacTroll from AFP548, and Tim Harris at Apple Discussions for their collective pieces in solving this!! -
Concentrator SSL Certificate Expirtation
I'm getting the following message alert from my 3000 Concentrator: SSL certificate will expire in 26 daysIssuer. It appears that this certificate (public/private) as well as an identity certificate are being issued by one of our 2003 servers (not 3rd party). I'm tempted to press the renew buttons on each of these certificates; however, being new to this arena, I'm leary about what might (or might not ) happen. My research tells me that this may result in the certificate being rejected. Can someone give me an overview of what these certificates are doing and what I need to do to get myself back into comfortable breathing status again? Thanks.
generating the ssl certificates seemed to work; however, I accepted the defaults and instead of the certificates being issued by my local ca server, it thinks its being issued by cisco systems. I don't know if this is going to work or for how long. I tried renewing them and it bombed miserably. I don't even know what these certificates do but from what I've read, it has something to do with the https management interface. My identity certificate doesn't have a 'generate' option only renew or delete. I have tried renewing and it bombs as well. It shows up in enrollment status however when I click to install and use cut and paste, I get the following message: Error installing identity certificate: Bad file format. Not having had to deal with certificates until now, I find this whole thing confusing and frustrating. I'm finding Cisco documentation to be worthless as it might as well be trying to tell me how to shave a peanut. I thought I read somewhere that you need to delete the certificate first before trying to renew, but I am extremly reluctant to do so. Any comments would be most appreciated.
-
Migrate SHA-1 Hash Algorithm SSL certificates to SHA-2
HI All,
I am hearing the news that SHA-1 certificates will be soon phased out on Chrome and Microsoft platforms. I am Ok with replacing public certificates with SHA-2 certificates.
But I see that our internal certificates are also issued with SHA-1 algorithm. And these SSL certificates are used in LAN to access internal sites. So Do I need to get internal certificates reissued with SHA-2(256)? If so what do I need to make the
changes on CA server to use SHA-2 algorithm.
Thanks in advance.
MahiOn 9/20/2014 1:28 AM, "Paul Adare [MVP]" wrote:
On Sat, 20 Sep 2014 06:24:23 +0000, mahi_tweak wrote:
Could you please let me know w.r.t to phase out of SHA1, is it required to take action for Internal (private) CA servers as well?
Currently no. All of the current SHA1 deprecation notices from Microsoft
apply only to public root CAs that are part of the Microsoft Trusted Root
program.
You should start planning to migrate your internal CAs however. At some
point in time I think you'll find that all SHA1 certificates will be
deprecated.
Paul - does IE have the logic built in to know when a cert has been issued by an internal CA so that it does not flag it as unsafe? The way I see it is this is all pointless to have legacy SHA1 in your environment if the browser cant distinguish one from
the other.
This depends somewhat on what version of IE you are using. I urge anyone who is stuck with an older version to modernize ASAP.
I also recommend CA servers also be the latest version. Like Paul said, SHA-1 has been deprecated and the new SHA-2 is the new flavor of the week.
Being cynical, seems that too many problems come from suspicious efforts to make the system secure in the first place.
Please don't pay attention to anything Vegan Fanatic has to say on this topic as he is clearly out of his depth here and has no idea what he's talking about.
IE does not itself do certificate validation, that is passed off the certificate chaining engine that is built into the Windows OS. When the date arrives that SHA1 SSL and code signing certificates issued by roots in the Microsoft Trusted Root program are
no longer accepted arrives, determining whether the certificate being validated chains to an internal or an external root will be determined by the certificate chaining engine and not directly by IE.
The last sentence above makes no sense at all, and SHA2 is not "the new flavour of the week". -
Hello,
I have an OBIEE 11g question.
We have over 2000 users with SSL certificate on their computers. How do I ensure that only users with the correct cert are given access to their dashboard? I must also identify the user from the cert, and only display their data. How is this done?
I have successfully connected to our Active Directory and I can see all 2000+ user names in the WL console.
I do not want the user to enter a username and password if they have the correct cert. However if they do not have a cert then the username and password login screen should be displayed. Is this possible?
Regards
MichaelHello Saba22
Not sure I can help, i thought I would try.
In Applications/Utilities ->Java folder-> Do you have Java J2SE 5.0 folder, if
yes launch it -> Java pref.->the General tab-> choose J2SE 5.0 as the first in
the list order-> Security tab is where the Certificates button will launch K/
chain go to -> (java) Advanced tab- > Settings expand the "security" drop-
down and make sure that the items SSL 2.0 & SSL 3.0 are checked.
Hth some.
Eme: ) -
use to be able to click on the small picture panes and a larger picture would open. now nothing happens, but I do see alot of error messages at the error console, which I have pasted below. I can open these panes in internet explorer but not firefox, and I have the same problem on jmy other computer too.
the one listed below is from this web site, I did try reinstalling firefox, but still same problem."Clear the Cache": Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now"<br />
"Remove the Cookies" from sites that cause problems: Tools > Options > Privacy > Cookies: "Show Cookies"<br />
<br />
Start Firefox in [[Safe Mode]] to check if one of your add-ons is causing your problem (switch to the DEFAULT theme: Tools > Add-ons > Themes).<br />
See [[Troubleshooting extensions and themes]] and [[Troubleshooting plugins]] -
It is very frustrating even to receive an email from itunes support telling me: well, if your code or card are not working call your bank, which I did and everything is fine, it matches with existing acct in itunes...
then I tried and tried and time after time I keep getting the same stupid answer "invalid security code"
I am tired of it!
And then I contacted support just for an idiotic answer: well, use an itune gift card then.... Come on! Are they really not goint to do anything to help me and restore my info in the itunes acct?????
Can someone tell me what to do, please! I am telling you... its frustrating I cant even update because the stupid system keeps asking me for the security code of my card!!! And it is the correct one!!!
HELP!
ChapinaZI'm also on iPhone 4, iOS 6, and have exactly the same problem. I've tried resetting privacy settings, turning restrictions on and off, deleting and reinstalling apps. Nothing seems to work. The lists of apps in privacy settings are all empty, except for location services. When using Tweetbot the app is regularly asking for permission to access my twitter account, but even when I allow that, the app doesn't show in privacy settings.
Maybe you are looking for
-
Hello Do we have any stsnderd report which can show, against one PO how many 103 and 105 has been made and what is the balance qty for 105. Regards Niti Narayan
-
Cant figure out whats wrong with my applet, help pls??
this applet checks a string against one in a database then if passwords match, a new url is opened. the applet loads in webpage with no problems. it just doesnt seem to work. have granted full access to code base in policy file. heres the code: impor
-
I want to print in black and white only on my hp photosmart 6520
photosmart 6520 windows 7 how do I set this so it only prints in black and white not in color at all times . This question was solved. View Solution.
-
Just tried installing an update to OSX Snow Leopard. Prior to trying to update OS, I was running V 10.6.3. During installation, it locked up. Although the screen tells me that the installation will be completed in less than one minute, that was tw
-
Ive been unable to install IOS 8 SDK since it came out because of this error. "There was an error in the App Store. Please try again later. (20)" 1. Have tried installing other free and paid apps through the store and no issue there. Updates working