Importing a digital certificate from e-mail

Similar Messages

• Request a digital certificate from a certification authority

  How do I request a digital certificate from a certification authority?

  You will generate and submit a certificate-signing request to a vendor.  Here's the general sequence for obtaining a certificate for OS X Server 10.8.

• Problem Signing Email with Digital Certificate from Smart Card, Outlook 2013

  Hi there, I'm the IT guy for a small company.  I've configured several people in the company to use their smart cards for email signing through Outlook 2013, but a a few computers are giving me this error:
  "Microsoft Outlook cannot sign or encrypt this message because there are no certificates which can be used to send from the e-mail address '<e-mail address>'. Either get a new digital ID to use with this account, or use the Accounts button to
  send the message using an account that you have certificates for."
  I've been in the Trust Center, I see the signing and encrypting certificates. (SHA-1 and 3DES).  Yet when I try to sign, Outlook always fails on the error.
  For my computer, I was able to fix this by adding a "SupressNameChecks" DWORD set to 1 in the Registry under HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook.  However, this fix is not working for the other people in the company.
  Any other ideas?  Really pulling my hair out on this one, I've tried everything I could find on the net it seems.

  Hi,
  Please checked “E-mail name” under the section ‘Include this information in alternate subject name” on the Subject Name tab of the certificate template.
  We can export the entrust managed services root CA cert from a working machine and import into the trusted root store of a non-working machine. For detailed steps about it, please refer to:
  How To Import and Export Certificates So That You Can Use S/MIME in Outlook Web Access on Multiple Computers
  http://support.microsoft.com/kb/823503/en-us
  Hope it helps.
  Regards,
  Winnie Liang
  TechNet Community Support

• Importing public key certificate from external application

  Hello!
  I am trying to implement the following scenario:
  1. External client application sends it's public key certificate to SAP WAS
  2. SAP imports this certificate into its PSE
  3. External client application sends digitally signed messages to SAP (with <i>secKey</i> HTTP call parameter)
  4. SAP checks this signature and does whatever further action.
  For simplicity reason, I emulated this "external app" by using the ArchiveLink interface of the very same SAP system. So, I have one system which is at the same time client and server, but the communication works via HTTP.
  I started with step 1: The ArchiveLink (in my case "external app") uses the function SCMS_HTTP_PUT_CERT to send the public key certificate to the client via HTTP. It worked well - I received the message with HTTP service and it contained some binary content as expected (valid public key certificate - I suppose).
  Unfortunately, I was unsuccessfull with step 2: How to import the received certificate into my PSE?
  I debugged the STRUST transaction and saw that it uses the function SSFP_PUTCERTIFICATE to import public key certificate into SAP's own PSE. However, when I try to use it, I get error <i>No temporary PSE available</i>. I also tried to <i>encode-base64</i> this message with the same result. What does this mean?
  Does anyone has experience with this? Please share it.
  Thanks in advance and kind regards,
  Igor

  The key point was understanding the cleverly named parameter PROFILE in the function SSFC_PUT_CERTIFICATE. You'd never guess: it's a path to a PSE where you want to put the certificate, in my case: C:\usr\sap\NSP\DVEBMGS00\sec\SAPSYS.pse. There's one more step: updating database with the file system PSE.
  So, the test sequence that works is:
  1. SSFP_GETSAPCERTIFICATE
  2. SSFC_PUT_CERTIFICATE
  3. SSFPSE_STORE
  Regards,
  Igor
  P.S. Am I the only one playing with these things? I keep getting 0 replies to my questions.

• Import VPN admin certificate from RV016 to RV042

  Hello,
  I've configured VPN to use quickVPN for RV016. The VPN connection works fine. I'm going to install the second SB router RV042
  in the same location in order the users should use RV042 instead of RV016. My Question is, is it possible to export the admin
  certificate from RV016 Router and import it on RV042 to avoid sending the client certificate of the RV042 to users? If it works then
  I need only to replace the ip address on the clients and they connect to RV042 Router.
  Many Thanks and best regards
  nevzat

  Hi Nevzat,
  Thank you for posting. I believe that every router creates a unique certificate and a certificate from one router will not work with another. The whole point of the certificate is to warn the end user (client) that they may be connecting to the wrong router. If the same certificate worked for multiple routers it would defeat the purpose.

• Attach Digital certificate to outgoing mails

  Hi all,
  Is it possible to attach a digital certificate (custom) to specific outgoing mails in ABAP (or) SAP.
  Thanks in advance.
  Jay

  Somewhere online I found mention that you can assign the cert you don't want to use as untrusted and the one you do want to use as trusted. So in Keychain, double click on your Thawte cert, click on the Trust arrow and change the "When using this certificate:" drop down to "Always Trust". Do the opposite for your other certs.
  This way you can still use your other certs for decrypting if anyones uses it to send to you. But you'll always use the trusted cert for signing/encrypting new messages.
  I too wish there was a way to explicitly select the cert you want to use but till they allow that, this is the best way I've found to work around the issue.

• How do I export a digital certificate from 8.0?

  I am updating the help docs for our online app and I am up to 'exporting your digital certificate. I have instructions for 3.5 but I'm now adding some for 8.0 and I can't find an export button. Help! (please)

  See if you can find the certificates on one of the tabs in the Certificate Manager:
  *Tools > Options > Advanced : Encryption: Certificates - View Certificates

• How do I import .eml emails, etc. from Windows Mail 2011 (online version) to Lion mail program?

  I have tried to find out how to import my stored .eml emails from my previous PC into my new Mac Mini Lion Mail program, so I will not lose them all.  I have tried going through Thunderbird, but all it keeps giving me for choices is Apple Mail and Eudora.  Then the Mail on the Mini only gives me choices that do not include the .eml files.  Please help!  I have a gazillion emails saved and don't want to lose them!  Thanks very much!

  I see you are running Leopard. So maybe ask your question in the Leopard forum area.
  http://discussions.apple.com/category.jspa?categoryID=235

• Importing mailboxes & old messages from yahoo mail

  Hi.
  I have just figured out how to get mail to send/receive messages from my .yahoo mail account.
  Now I have the problem that i have hundreds of messages sat in my yahoo account that i want to import into mail, but i really can't find a way to do it, other than sending them one by one..
  Could you tell me if it's possible, and how i go about it?
  Many thanks
  David Tobin

  Hi David.
  Not sure what you mean. If Mail is downloading mail received on that account, it should have downloaded all the messages there, not just the new ones -- unless it’s organized in folders on the server, that is. POP mail clients can only see the messages that are in Inbox. Could that be the problem?

• How can I import 1000s of Emails from Mac Mail (Exchange Account) into Gmail and Retain Labels?

  I have an old exchange account in Mac Mail, disconnected, but still with 1000s of emails in a folder structre. I'd like to import all of those into my Gmail account, and retain the folder structre as Gmail labels). What's th easiest way to do this?

  That is a question for Google, as far as I know Exchange does not use labels, the folders are (unlike Gmail) real.
  But Google support may know a way.

• Importing raw digital video from a deck

  1. imovie says it is importing at 3/4 speed. How do i get normal speed so on playback I can get good lip synch?
  2. the app does not appear to be importing all the data that i am sending it thru the deck. Any idea why this is happening?

  The problem (I discovered) is that the files are "muxed" which means that the audio and video are somehow intermixed, so they need to be converted into a standard that iMovieHD can read, like "DV"
  There is a shareware called MPEG STREAMCLIP that converts video into other things. I tested it and it does work. I just need to figure out the most efficient way to import, convert and open in iMovie.
  http://www.squared5.com/svideo/mpeg-streamclip-mac.html
  I think it is universal which is cool.
  I am curious about the workstation that you mentioned to run windows software. Where can I find that?

• ACS 5.2 / WLC - EAP-TLS Certificate from 2 CA

  Hello,
  I'm Newbie with ACS equipment, i'm trying to implement it to secure our WIFI environment.
  One wifi SSID is broadcasted on a site, I would like to authenticate WIFI client through machine certificate.
  The big deal is that some client computer belong to an AD (AD1) and having its own CA1. Other client computer belong to another AD (AD2) also having its own CA (CA2). (With no relation or between the 2 CA)
  So computer1 having machine certificate from CA1 and computer2 having machine certificate from CA2
  I have imported the root certificate from the both CA into the "certificate authorities" store of the ACS.
  I have generated certificate signing request, one for each CA. Then I have binding the CA signed certificate.
  After configuring... the access services (identity, authorization...) and so on  I have the following issue:
  - Computer with certificate from the CA1 can connect without any problem.
  - Computer with certificate from the CA2 can NOT connect:
       - After investigation: the client computer do not trust the server ACS and reject the connection
       - Error return :
  RADIUS Status:Authentication failed 11514 Unexpectedly received empty TLS message; treating as a rejection by the client
       - (If i get ridd of the option "verify server identity" on wifi optionof the client, the computer can conect: but this option is not acceptable)
       - It seems that the ACS sends only its certificate signed by the CA1
  The questions are:
  1- How can I configure the ACS to send the right certificate signed by the right CA corresponding to the computer that is intenting to authenticate
  2- I could see in documentation:
      "For TLS related EAP protocols, a single local certificate is used to authenticate the server for all the TLS related protocol"
       --> Does it mean that we can only configure one local certificate to allow the ACS to authenticate to client for all the EAP-TLS protocol used ?
       --> How can I choose it ?
       --> For the current configuration, I have only the certificate signed by the CA which is configure "EAP: Used for EAP protocols that use SSL/TLS tunneling" (i don't know if this option has an impact with the certificate presented by the ACS when it authenticate itself to the client")
  Thanks for your helk and your information.
  Guillaume

  Hi Bastien,
  it is actually what i did.
  The point here i have 2 CA involved, with no relation between them.
  So I did the operation twice for each CA :
  -> making a certificate signing request, sent it to the CA, signed to by the CA and then imported/binded into the ACS
  -> I have added the root CA of each CA into the ACS as well.
  The point is when a computer, try to connect, it try to verify ACS server identity. And the ACS server only seems to present the certificate signed from CA1.
  So when a computer with certificate machine CA2, try to connect, it doesn't trust the ACS server has the ACS sent its certificate signed by CA1.
  I don't know how to allow the ACS to present the right signed certificated depending on the cleint that try to connect.
  Then another conf I do not understand is the option:
  EAP: Used for EAP protocols that use SSL/TLS tunneling --> in local cetificate, when you add a local certificate to the ACS
  I do not undestand what does this option stand for ?
  Then I culd see into Cisco do :
      "For TLS related EAP protocols, a single local certificate is used to authenticate the server for all the TLS related protocol"
  Doest it means that the ACS can use only one single certificate for All the TLS protocol configured in the ACS, to authenticate itself to the client?
  Or does the ACS can use a diferent local certificate from each dedicated eap-tls protocol?
  thx

• CIDX Adopter Digital Certificates

  Guys,
  Here is the scenario..
  We are getting the HTTPS message from external system to XI.
  We are using CIDX Adopter to read external message and validate the digital certificates and map to ORDERS05 Idoc. As soon I trigger the message from external system (HTTPS message), I am seeing message in XI RWB adopter engine, when CIDX adopter is trying the validate the digital signatures somehow it is pointing to J2EE_GUSET user. And it is giving error as below mention.
  <b>ERROR</b>
  "Signature verification failed, alerted;Error when accessing keystore:service_ssl
  Signature verification failed, alerted
  Unexpected error while packing the CIDX message -
  null
  Message Processing caused Failure. -
  BTD handler indicated processing error
  Error encountered while receiving inbound action; See nested exception for detailed error message -
  Message Processing caused Failure. -
  Message Processing caused Failure. -
  BTD handler indicated processing error
  Delivery of the message to the application using connection CIDXAdapter failed, due to: Error encountered while receiving inbound action; See nested exception for detailed error message. "
  <b>Regarding Digital Certificates</b>
        We got the digital certificates from my external party and installed and
         created the Key stores in XI Visual Administration tool.
         We configured in sender agreement by selecting those key stores..
  Can any one help me on how to resolve the issue, is there any problem in Visual Admin Toll, while installing the certificates..
  Thanks
  Murali
  Message was edited by:
          Murali Babu Pallabothula

  HI,
  See the below links
  HTTP* Errors /people/krishna.moorthyp/blog/2006/07/23/http-errors-in-xi
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/55ba9790-0201-0010-aa98-ce8f51ea93cd
  also see the below links may be useful..
  See the below links
  /people/sap.user72/blog/2005/06/16/using-digital-signatures-in-xi
  SAP Java Cryptographic Toolkit
  http://help.sap.com/saphelp_nw04/helpdata/en/8d/cb71b8046e6e469bf3dd283104e65b/content.htm
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/55ba9790-0201-0010-aa98-ce8f51ea93cd
  http://help.sap.com/saphelp_nw04/helpdata/en/fb/322f41d606ef23e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/45/341a2176b74002e10000000a155369/frameset.htm
  Also see the below threads.
  how to deal with digital signatures when converting messages?
  Certificates Vs Digital Signatures
  Security Issues: SSL on SOAP Adapter and Digital Signature in BPM
  message level security: difference digital signature and certificate
  Loading Invoice XML IDoc with digital signature via XI into R/3
  Regards
  CHilla

• Automatically download digital certificates form Net

  Hi!
  I have to download digital certificates from the prespecified URLs. I cannot use servlet. By network programming I am able to connect to the site and I can store the certificate by using IO package. But this way, the format of the stored certificates are not valid.
  Is there any way I can automatically(through coding) download the certificates or can store in a valid format?
  Regards
  Vivek

  Hi!
  I have modified my code and now the file sizes are same. but still cannot open the file. One more thing I would like to add is that, with this code if I download some exe also. the same problem happens. For normal text it works fine.
  I am attaching the code also:
                 URL url=new URL("http://www.secdom.com.au/general/certs/sdplrootca_der.crt");
                 URLConnection con=url.openConnection();
                 System.out.println("Content type is : "+con.getContentType());
                 BufferedInputStream htmlPage =new BufferedInputStream(con.getInputStream());
                 byte [] data;
                 int contentLength = con.getContentLength();
                 if (contentLength > 0)
                 try
                      data = new byte[contentLength];
                      int h=htmlPage.read(data,0,con.getContentLength());
                      htmlPage.close();
                      FileOutputStream fou=new FileOutputStream("aa_v.crt");
                      fou.write((new String(data)).getBytes());
                      fou.close();
                 catch(Exception e)
                      System.out.println("error");
                      e.printStackTrace();
                 }

• Getting self-signed certificates from an internal server...

  Hi!
  Thanks to the beautiful [Andreas Sterbenz's|http://blogs.sun.com/andreas/entry/no_more_unable_to_find] article I was able to download the two self generated certificates from the mail server and store them in a single file. So I expected things to work like a charm but soon I had to change my mind due to the (usual) error:
  javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
  nested exception is:
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:571)
  at javax.mail.Service.connect(Service.java:288)
  at javax.mail.Service.connect(Service.java:169)
  at com.agiletec.plugins.webmail.aps.system.services.webmail.WebMailManager.initInboxConnection(Unknown Source)
  at com.agiletec.plugins.webmail.aps.tags.WebmailIntroTag.doStartTag(Unknown Source)
  [etc etc]
  So here's the first question: Is it correct to store the certificates in the system properties with the following code?
  System.setProperty("javax.net.ssl.trustStore", certificateInUse); // <--- path of the file where I've stored the certificates
  System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); // password used
  System.setProperty("javax.net.ssl.trustStoreType","JKS");
  I haven't gone in the depth of the SSL theory but it seems to me that my webapp stores the certificates and keeps on connecting in the standard (non SSL) way....
  Thanks in advance for the time spent reading!
  Matteo

  Have you tried setting the "Always trust" property? Double click the certificate in Keychain Access and allow it to have always trust for email.
  Also, make sure that bundles are enabled for mail.
  (Forget the command, google for "defaults write com.apple.mail enableBundles")
  That did it for me.
  Br,
  T