Installing a digital certificate on AO1121

Similar Messages

• Logging into BOA's CashPro form Firefox Home finds no digital certificate

  I'm trying to wire transfer funds using BOA's CashPro application from my ipad. I can see the CashPro login from Firefox Home, but immediately after logging in, CashPro finds no Digital Certificate and aborts. I installed this digital certificate on the ipad, but the application doesn't see it. Will I be able to access and use BOA's application form Firefox Home on my iPad?

  Sorry, I don't think Firefox Home is able to use client certificates. If the web site works in Safari, you can use the "Open in Safari" option in Firefox Home to browse this web site. Tap on the picture below for an illustration.
  You can also turn on the [http://support.mozilla.com/en-US/questions/792360 Use Safari] option in the Firefox Home settings, if you want all web sites to open in Safari.

• A site is telling me that i have no digital certificate installed....

  Hi. Trying to access a page on the Spanish version of the IRS, to file a tax document here. I can't get access to the page (or any of their secure pages), and I get this message, which has been Google translated:
  ''The error "403 byrule" is a mistaken identity. Occurs when you try to access an option that requires electronic certificate and the browser does not detect that one is installed or not properly selected. If the choice of the certificate you get a page that says "page can not be displayed" or similar error is possible that the certificate is damaged, changes or problems in the operating system or other causes. If possible, you should try to reinstall a valid copy of your certificate.
  This error in Firefox indicates that there is no digital certificate installed. Go to "Tools" "Options" ("Firefox", "Preferences" Mac "Edit" "Preferences" in Linux), "Advanced" and select the "Encryption". Click on the "View Certificates" and verify that your certificate is installed correctly. If no certificate on the tab "Your Certificates" will have to import a valid copy of the browser. If necessary, also refer to the instructions on importing certificates from our "Help" and the links that we propose below. Once the certificate is installed also make sure that Mozilla Firefox is configured correctly. This may refer to the "Installation, configuration and management of electronic certificates for Mozilla Firefox.''
  Under "view certificates" in preferences/encryption, "Your Certificates" is blank. And I don't see anything in "Authorities" that seems to relate to this website. In 'Servers" there were some exceptions I created (reluctantly) when the site asked for it. I deleted them, still not working."
  I've tried with both "Select one automatically" and "Ask me every time"
  Click on the page below, click on any of the links with a lock to see the resulting error.
  Thanks in advance.

  Thanks. You are very much on the right track, and I can't thank you enough. The page you sent me to is has the right link. But I can't just download the certificate, as you proposed. It's actually part of a significant security system. I went to the webpage that accompanied the link. I have to fill out a form, from that get a code... then go to a local gov't office, show my ID, get another code, then come back, input that, and get my personalized certificate. I'll let you know how it goes. But without you I have no idea how I'd even have gotten onto the right path. Thanks again.

• How do you install a Digital ID Certificate for use on iPod Touch?

  On my iPod Touch there is a button to turn on s/mime under settings, mail/calender, accounts, advanced but it says there are no certificates installed.  So, if you had a certificate from a COA how would you install it on the iPod Touch?  I have heard of configuration profile utility for the iPhone but isn't that for companies or buisnesses to use?
  Thank you for any helpful information.

  Hi,
  One way is to email your cert to yourself; another is to use cloud-based storage (e.g., Dropbox) that allows you to reference files via URL. In either case, once the file is selected it will be recognized as a digital certificate and you will be asked if you want to install it.
  Hope this helps.

• Install digital certificate (p12) in BPEL Server on 10.1.2.0.2

  Hi Guys,
  I have been using BPEL for quite some time but havent come across this one.
  We have a Business Partner whose webservice we need to call to provision something.
  For security reasons they want us to get a digital certificate from Verisign, Entrust, thwate which we got from http://www.entrust.com/freecerts/ for testing purpost.
  Its a p12 file and I cant seem to install it on our bpel server.
  Once its installed on the server they would take a cer file exported from the p12 file.
  Has someone done this already. It would be a great help
  Thanks ! ! ! !

  hi Rajesh...
  Its not creating any log file.
  I have updated in the webutil.cfg file as mentioned below
  logging.file=C:\rag.log
  logging.enabled=TRUE
  logging.errorsonly=TRUE
  logging.connections=TRUE
  And also updated in the formsweb.cfg as mentioned below
  [webutil]
  WebUtilArchive=frmwebutil.jar,jacob.jar #raghu
  WebUtilLogging=All
  WebUtilLoggingDetail=Detailed
  WebUtilErrorMode=All
  WebUtilDispatchMonitorInterval=5
  WebUtilTrustInternal=true
  WebUtilMaxTransferSize=16384
  baseHTMLjinitiator=webutiljini.htm
  baseHTMLjpi=webutiljpi.htm
  archive_jini=frmall_jinit.jar,icons.jar
  baseHTML=webutilbase.htm
  archive=frmall.jar
  lookAndFeel=oracle
  envFile=default.env
  Still it is not creating any log files.
  Is there any problem in above code and also tell me any other additional setups is required.
  Thanks
  rag.

• Can XML Publisher add a digital certificate (cert.pfx) via the xdo.cfg file or do I need to upgrade and use BI Publisher instead?

  Hi Guys
  I need to add a digital certificate to a clients customer statements and invoices. XML Publisher 5.6.3 has been used originally to design the templates as RTF. I have the following questions please...
  1. Can an RTF template be used or do I need to convert it to a pdf template?
  2. Can XML publisher even be used or do I need to get the DBAs to install BI Publisher. XML Publisher doesn't even have the signature properties in the admin screens that BI Publisher has.
  Below is a copy of the xdo.cfg file which currently does not add the pfx file...
  <config version="1.0.0"  xmlns="http://xmlns.oracle.com/oxp/config/">
  <properties>
     <property name="system-temp-dir">/tmp</property>
     <property name="pdf-security">false</property>
     <property name="pdf-open-password">testpass</property>
     <property name="pdf-permissions-password">testpass</property>
     <property name="pdf-encryption-level">1</property>
     <property name="pdf-no-printing">true</property>
     <property name="pdf-no-changing-the-document">true</property>
     <property name="signature-enable">true</property>
     <property name="signature-pkcs12-path">/app/oracle/product/appldev/apps/apps_st/appl/xdo/12.0.0/resource/digcert.pfx</property>
     <property name="signature-pkcs12-password">testpass</property>
     <property name="signature-field-location">top-left</property>
     <property name="signature-reason">taxreasons</property>
     <property name="signature-signed-at">Cape Town</property>
     <property name="signature-display-style">detailed</property>
  </properties>
  </config>
  Any help will be greatly appreciated.

  thanks for the summary of the many posts and threads describing all of these steps.

• "no access to the digital certificate" - Trying to export my first iOS app from Flash - Help please

  Hello
  I'm trying to export my first iOS app from flash to my desktop / on the device (Flash Pro CC, Iphone5)
  I followed the instructions on the adobe website to build an air app for iOS but on the last step it
  doesn't export the app.
  What I've done so far:
  - Apple developer account
  - creating the certificate + convert it to .p12
  - app ID / Name etc.
  - creating the provisioning profile from apple
  - iOS Air app in flash (Only Text "Hello world" with a tween)
  Now i have to load the certificates into Flash & enter a password (is it the password that
  i entered in the certificate or from my developer account/ Apple ID password? Both didn't work at the end)
  When i klick on publish in the last step than it loads a while but then i get the Error:
  "no access to the digital certificate"
  What is wrong? Can you help me please.

  Also, I should say, when I go into my phone on the computer and try to install an app, I get this message:
  Unable to start operation. Installer is already in use.
  Any ideas

• Need CCA Digital Certificate

  HI,
  I am working on one project POC, where i need to use CCA webservices, but when i run java program i am getting error "sun.security.validator.ValidatorException: No trusted certificate found".
  I think, I need to install digital certificate of CCA, but I don't know from where i can get this. I am having account in CCA.
  Regards,
  Deepak

  Hello
  I dont think you can delete the certificates in the QC51. You can only store or archive the certificate attached to each certificate numbers
  Regards
  Gajesh

• CIDX Adopter Digital Certificates

  Guys,
  Here is the scenario..
  We are getting the HTTPS message from external system to XI.
  We are using CIDX Adopter to read external message and validate the digital certificates and map to ORDERS05 Idoc. As soon I trigger the message from external system (HTTPS message), I am seeing message in XI RWB adopter engine, when CIDX adopter is trying the validate the digital signatures somehow it is pointing to J2EE_GUSET user. And it is giving error as below mention.
  <b>ERROR</b>
  "Signature verification failed, alerted;Error when accessing keystore:service_ssl
  Signature verification failed, alerted
  Unexpected error while packing the CIDX message -
  null
  Message Processing caused Failure. -
  BTD handler indicated processing error
  Error encountered while receiving inbound action; See nested exception for detailed error message -
  Message Processing caused Failure. -
  Message Processing caused Failure. -
  BTD handler indicated processing error
  Delivery of the message to the application using connection CIDXAdapter failed, due to: Error encountered while receiving inbound action; See nested exception for detailed error message. "
  <b>Regarding Digital Certificates</b>
        We got the digital certificates from my external party and installed and
         created the Key stores in XI Visual Administration tool.
         We configured in sender agreement by selecting those key stores..
  Can any one help me on how to resolve the issue, is there any problem in Visual Admin Toll, while installing the certificates..
  Thanks
  Murali
  Message was edited by:
          Murali Babu Pallabothula

  HI,
  See the below links
  HTTP* Errors /people/krishna.moorthyp/blog/2006/07/23/http-errors-in-xi
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/55ba9790-0201-0010-aa98-ce8f51ea93cd
  also see the below links may be useful..
  See the below links
  /people/sap.user72/blog/2005/06/16/using-digital-signatures-in-xi
  SAP Java Cryptographic Toolkit
  http://help.sap.com/saphelp_nw04/helpdata/en/8d/cb71b8046e6e469bf3dd283104e65b/content.htm
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/55ba9790-0201-0010-aa98-ce8f51ea93cd
  http://help.sap.com/saphelp_nw04/helpdata/en/fb/322f41d606ef23e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/45/341a2176b74002e10000000a155369/frameset.htm
  Also see the below threads.
  how to deal with digital signatures when converting messages?
  Certificates Vs Digital Signatures
  Security Issues: SSL on SOAP Adapter and Digital Signature in BPM
  message level security: difference digital signature and certificate
  Loading Invoice XML IDoc with digital signature via XI into R/3
  Regards
  CHilla

• VPN error when using Microsoft digital certificates.

  Hi,
  I tried implementing site-site VPN between Cisco Router and Cisco ASA using Microsoft digital certificates. After performing the following configurations, I was not able to ping to other site LAN. I enabled debug and got following out put. I sucessfully enrolled digital certificates.
  Cisco ASA config:
  access-list 100 extended permit ip 10.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0
  nat (inside) 0 access-list 100
  static (inside,outside) 1.1.1.10 10.1.1.10 netmask 255.255.255.255
  route outside 0.0.0.0 0.0.0.0 1.1.1.2 1
  crypto ipsec transform-set myset esp-3des esp-sha-hmac
  crypto map mymap 1 match address 100
  crypto map mymap 1 set peer 2.2.2.2
  crypto map mymap 1 set transform-set myset
  crypto map mymap interface outside
  crypto ca trustpoint winca
  enrollment url http://10.1.1.10:80/certsrv/mscep/mscep.dll
  crl configure
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication rsa-sig
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  tunnel-group 2.2.2.2 type ipsec-l2l
  tunnel-group 2.2.2.2 ipsec-attributes
  trust-point winca
  On router:
  crypto ca trustpoint winca
  enrollment mode ra
  enrollment url http://1.1.1.10:80/certsrv/mscep/mscep.dll
  crypto isakmp policy 19
  encr 3des
  group 2
  authentication rsa-sig
  crypto isakmp key cisco address 1.1.1.1
  crypto map mymap 10 ipsec-isakmp
  set peer 1.1.1.1
  set transform-set myset
  match address 100
  access-list 100 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255
  crypto ipsec transform-set myset esp-3des esp-sha-hmac
  Debug output on ASA
  CorpASA# Nov 15 02:12:49 [IKEv1]: Group = 2.2.2.2, IP = 2.2.2.2, Removing peer from peer table failed, no match!
  Nov 15 02:12:49 [IKEv1]: Group = 2.2.2.2, IP = 2.2.2.2, Error: Unable to remove PeerTblEntry
  CorpASA#
  CorpASA#
  CorpASA# Nov 15 02:13:06 [IKEv1]: Removing peer from peer table failed, no match!
  Nov 15 02:13:06 [IKEv1]: Error: Unable to remove PeerTblEntry
  Nov 15 02:13:11 [IKEv1]: Removing peer from peer table failed, no match!
  Nov 15 02:13:11 [IKEv1]: Error: Unable to remove PeerTblEntry
  Debug out put on router:
  R2#ping 10.1.1.10 source 192.168.1.1
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 10.1.1.10, timeout is 2 seconds:
  Packet sent with a source address of 192.168.1.1
  Nov 15 02:21:01.067: %SYS-5-CONFIG_I: Configured from console by console
  Nov 15 02:21:02.651: ISAKMP: received ke message (1/1)
  Nov 15 02:21:02.655: ISAKMP (0:0): SA request profile is (NULL)
  Nov 15 02:21:02.655: ISAKMP: local port 500, remote port 500
  Nov 15 02:21:02.655: ISAKMP: set new node 0 to QM_IDLE
  Nov 15 02:21:02.655: ISAKMP: insert sa successfully sa = 64597C20
  Nov 15 02:21:02.655: ISAKMP (0:1): Can not start Aggressive mode, trying Main mode.
  Nov 15 02:21:02.659: ISAKMP: Looking for a matching key for 1.1.1.1 in default : success
  Nov 15 02:21:02.659: ISAKMP (0:1): found peer pre-shared key matching 1.1.1.1
  Nov 15 02:21:02.659: ISAKMP (0:1): constructed NAT-T vendor-07 ID
  Nov 15 02:21:02.659: ISAKMP (0:1): constructed NAT-T vendor-03 ID
  Nov 15 02:21:02.659: ISAKMP (0:1): constructed NAT-T vendor-02 ID
  Nov 15 02:21:02.659: ISAKMP (0:1): Input = IKE_MESG_FROM_IPSEC, IKE_SA_REQ_MM
  Nov 15 02:21:02.663: ISAKMP (0:1): Old State = IKE_READY  New State = IKE_I_MM1
  Nov 15 02:21:02.663: ISAKMP (0:1): beginning Main Mode exchange
  Nov 15 02:21:02.663: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_NO_STATE
  Nov 15 02:21:02.703: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_NO_STATE
  Nov 15 02:21:02.707: ISAKMP (0:1): Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
  Nov 15 02:21:02.707: ISAKMP (0:1): Old State = IKE_I_MM1  New State = IKE_I_MM2
  Nov 15 02:21:02.707: ISAKMP (0:1): processing SA payload. message ID = 0
  Nov 15 02:21:02.707: ISAKMP (0:1): processing vendor id payload
  Nov 15 02:21:02.707: ISAKMP (0:1): vendor ID seems Unity/DPD but major 194 mismatch
  Nov 15 02:21:02.711: ISAKMP : Scanning profiles for xauth ...
  Nov 15 02:21:02.711: ISAKMP (0:1): Checking ISAKMP transform 1 against priority 19 policy
  Nov 15 02:21:02.711: ISAKMP:      encryption 3DES-CBC
  Nov 15 02:21:02.711: ISAKMP:      hash SHA
  Nov 15 02:21:02.711: ISAKMP:      default group 2
  Nov 15 02:21:02.711: ISAKMP.:      auth RSA sig
  Nov 15 02:21:02.711: ISAKMP:      life type in seconds
  Nov 15 02:21:02.711: ISAKMP:      life duration (VPI) of  0x0 0x1 0x51 0x80
  Nov 15 02:21:02.715: ISAKMP (0:1): atts are acceptable. Next payload is 0
  Nov 15 02:21:02.771: ISAKMP (0:1): processing vendor id payload
  Nov 15 02:21:02.771: ISAKMP (0:1): vendor ID seems Unity/DPD but major 194 mismatch
  Nov 15 02:21:02.775: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
  Nov 15 02:21:02.775: ISAKMP (0:1): Old State = IKE_I_MM2  New State = IKE_I_MM2
  Nov 15 02:21:02.783: ISAKMP (0:1): constructing CERT_REQ for issuer cn=md902j-n5dros99,dc=md902j,dc=ca,dc=com
  Nov 15 02:21:02.783: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_SA_SETUP
  Nov 15 02:21:02.783: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
  Nov 15 02:21:02.787: ISAKMP (0:1): Old State = IKE_I_MM2  New State = IKE_I_MM3
  Nov 15 02:21:02.903: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_SA_SETUP
  Nov 15 02:21:02.907: ISAKMP (0:1): Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
  Nov 15 02:21:02.907: ISAKMP (0:1): Old State = IKE_I_MM3  New State = IKE_I_MM4
  Nov 15 02:21:02.907: ISAKMP (0:1): processing KE payload. message ID = 0
  Nov 15 02:21:02.979: ISAKMP (0:1): processing NONCE payload. message ID = 0
  Nov 15 02:21:02.987: ISAKMP (0:1): SKEYID state generated
  Nov 15 02:21:02.991: ISAKMP (0:1): processing CERT_REQ payload. message ID = 0
  Nov 15 02:21:02.991: ISAKMP (0:1): peer wants a CT_X509_SIGNATURE cert
  Nov 15 02:21:02.995: ISAKMP (0:1): peer want cert issued by cn=md902j-n5dros99,dc=md902j,dc=ca,dc=com
  Nov 15 02:21:02.995: ISAKMP (0:1): Choosing trustpoint winca as issuer
  Nov 15 02:21:02.995: ISAKMP (0:1): processing vendor id payload
  Nov 15 02:21:02.995: ISAKMP (0:1): vendor ID is Unity
  Nov 15 02:21:02.999: ISAKMP (0:1): processing vendor id payload
  Nov 15 02:21:02.999: ISAKMP (0:1): vendor ID seems Unity/DPD but major 11 mi.smatch
  Nov 15 02:21:02.999: ISAKMP (0:1): vendor ID is XAUTH
  Nov 15 02:21:02.999: ISAKMP (0:1): processing vendor id payload
  Nov 15 02:21:02.999: ISAKMP (0:1): speaking to another IOS box!
  Nov 15 02:21:02.999: ISAKMP (0:1): processing vendor id payload
  Nov 15 02:21:03.003: ISAKMP (0:1:): vendor ID seems Unity/DPD but hash mismatch
  Nov 15 02:21:03.003: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
  Nov 15 02:21:03.003: ISAKMP (0:1): Old State = IKE_I_MM4  New State = IKE_I_MM4
  Nov 15 02:21:03.007: ISAKMP (0:1): Send initial contact
  Nov 15 02:21:03.067: ISAKMP (1): My ID configured as IPv4 Addr,but Addr not in Cert!
  Nov 15 02:21:03.067: ISAKMP (1): Using FQDN as My ID
  Nov 15 02:21:03.067: ISAKMP (0:1): SA is doing RSA signature authentication using id type ID_FQDN
  Nov 15 02:21:03.067: ISAKMP (0:1): ID payload
          next-payload : 6
          type         : 2
          FQDN name    : R2.cisco.com
          protocol     : 17
          port         : 500
          length       : 20
  Nov 15 02:21:03.067: ISAKMP (1): Total payload length: 20
  Nov 15 02:21:03.095: ISAKMP (0:1): constructing CERT payload for hostname=R2.cisco.com
  Nov 15 02:21:03.095: ISKAMP: growing send buffer from 1024 to 3072
  Nov 15 02:21:03.095: ISAKMP (0:1): using the winca trustpoint's keypair to sign
  Nov 15 02:21:03.215: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
  Nov 15 02:21:03.219: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
  Nov 15 02:21:03.219: ISAKMP (0:1): Old State = IKE_I_MM4  New State = IKE_I_MM5
  Nov 15 02:21:03.375: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
  Nov 15 02:21:03.375: ISAKMP: set new node -1205710646 to QM_IDLE
  Nov 15 02:21:03.379: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
  Nov 15 02:21:03.379: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
  Nov 15 02:21:03.383: ISAKMP (0:1): received packe.t from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
  Nov 15 02:21:03.383: ISAKMP (0:1): received packet from 1.1.1.1 dport 500 sport 500 Global (I) MM_KEY_EXCH
  Nov 15 02:21:03.383: ISAKMP: Info Notify message requeue retry counter exceeded sa request from 1.1.1.1 to 2.2.2.2...
  Success rate is 0 percent (0/5)
  R2#
  Nov 15 02:21:13.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH...
  Nov 15 02:21:13.219: ISAKMP (0:1): incrementing error counter on sa, attempt 1 of 5: retransmit phase 1
  Nov 15 02:21:13.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH
  Nov 15 02:21:13.219: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
  R2#
  Nov 15 02:21:23.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH...
  Nov 15 02:21:23.219: ISAKMP (0:1): incrementing error counter on sa, attempt 2 of 5: retransmit phase 1
  Nov 15 02:21:23.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH
  Nov 15 02:21:23.219: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
  R2#
  Nov 15 02:21:32.651: ISAKMP: received ke message (1/1)
  Nov 15 02:21:32.651: ISAKMP: set new node 0 to QM_IDLE
  Nov 15 02:21:32.651: ISAKMP (0:1): SA is still budding. Attached new ipsec request to it. (local 2.2.2.2, remote 1.1.1.1)
  Nov 15 02:21:33.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH...
  Nov 15 02:21:33.219: ISAKMP (0:1): incrementing error counter on sa, attempt 3 of 5: retransmit phase 1
  Nov 15 02:21:33.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH
  Nov 15 02:21:33.219: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
  R2#
  Nov 15 02:21:43.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH...
  Nov 15 02:21:43.219: ISAKMP (0:1): incrementing error counter on sa, attempt 4 of 5: retransmit phase 1
  Nov 15 02:21:43.219: ISAKMP (0:1): retransmitting phase 1 MM_KEY_EXCH
  Nov 15 02:21:43.219: ISAKMP (0:1): sending packet to 1.1.1.1 my_port 500 peer_port 500 (I) MM_KEY_EXCH
  PLease assist me in sorting this issue, i need to implement on my live network.
  Thanks a lot in advance.
  Regards,
  Mohan.D

  HI Mate ,
  your ASA is sending the ASA certificate :
  but after that we are recieving an isakmp notify message which tears down the connection ?
  somehow the remote peer didn't like the ASA certificate
  do you have access to that peer ? is it a CISCO ASA?
  is the time synchronized with that side ?
  it the CA certificate installed on that peer?
  HTH
  Mohammad.

• Which digital certificate (SSL) is used when a proxy client is created

  Dears,
  Could someone please guide if there are more than one digital certificate (SSL) added to the SAP system, and we create a proxy client using the 'URL' (https://....) option, than which digital certificate will be used in the check done.
  Thanks.
  Reda

  The names that go on the certificate must match the names you planned when you did the CAS namespace design.
  Some details here:http://blogs.technet.com/b/exchange/archive/2014/02/28/namespace-planning-in-exchange-2013.aspx
  So in your case if the cert does not match the name, then this will prompt users with errors.   They need to match.  As long as all your internal devices trust the issuer of the internal CA then you can use that.   Installing an
  enterprise CA will automatically publish it's root CA  public cert into AD so it works easily.
  Cheers,
  Rhoderick
  Microsoft Senior Exchange PFE
  Blog:
  http://blogs.technet.com/rmilne 
  Twitter:   LinkedIn:
    Facebook:
    XING:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Adobe Dreamweaver + Air, Digital Certificate Missing?

  I was trying to test out the Adobe Air plugin for Dreamweaver. I have the SDK and the plugin installed but when i fill out the Air Application Settings a popup window appeared saying "Please specify a digital certificate and the coresponding password. So i did some googleing and saw a screenshot of the same window but the digital certificate thing was at the bottom of the window. My Air Application Settings window does not have that at the bottom so i cannot finish the form and finish my Adobe Air application. Does anyone know how to fix this or am i missing something?

  I don't know this error. I guess it is probably because
  Dreamweaver could not create the certificate file. In that case,
  you might change to another directory to output the certificate.

• New to Weblogic 7 - How do I verify digital certificates?

  Hello, I am new to Weblogic and my department has 2 servers running Weblogic 7 and they have asked me to verify whether the servers have both root and intermediate digital certificates installed. How do I check for this?

  Backup the library with this User Tip. (Also any other personal data)
  Deauthorize the old computer before it goes away.
  Restore the backup to your new computer using the same tool used to back it up.
  Keep your backup up-to-date in future.
  tt2

• Asa ssh/vnc plugins digital certificates expired

  Hi,
  we've got our new asa set up now (more or less). But what gets us is that the Cisco ssh/vnc plugins and the java applet for port forwarding all come up with "digital certificate expired". Now this is not going to instill confidence in our users.
  We are running 8.0(4)3 and asdm 6.1(3) and the plugins are the latest available from Cisco's software download page
  (ssh-plugin.08030, vnc-plugin.080130).
  Are newer ones available?
  Thanks
  Dorothea

  BTW this could be of help:
  http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/asarn80.html#wp241924
  You probably want to install a code signer certificate.
  While this seems to be what you're looking for, I have never managed to generate a bundle such that Java doesn't complain at all anymore...

• Exporting Digital Certificates in Yosemite

  I just freshly installed Yosemite and my apps on my MBP, along with digital certificates for secured emailing. I'm trying to export these certificates from the Keychain for safekeeping but for some reason I can no longer export them as Personal Information Exchange Files (.p12). I get several other options but I'm not sure which option to choose, or if I should use any of those options. Any information will be greatly appreciated.

  It appears that this problem was related to the same problem in my other discussion, which you were kind enough to respond to, as well:
  Password Needed For Sending Emails - EVERYTIME
  After I reseted the keychain I was able to export as a .p12 file just fine.
  Correct me if I'm wrong, but it seems that only the .p12 format exports certificates with a paraphrase attached for security.