Installing certificate on M160

Similar Messages

• Error installing certificate with Cisco 5508 7.4.110

  hi All,
  I am getting Error while installing the web certificate on a WLC.
  (Cisco Controller) >transfer download start
  Mode............................................. TFTP
  Data Type........................................ Site Cert
  TFTP Server IP................................... 10.225.5.11
  TFTP Packet Timeout.............................. 6
  TFTP Max Retries................................. 10
  TFTP Path........................................ ./
  TFTP Filename.................................... final-cert.pem
  This may take some time.
  Are you sure you want to start? (y/N) y
  TFTP Webauth cert transfer starting.
  TFTP receive complete... Installing Certificate.
  Error installing certificate.
  the Copy works fine but for some reason installation doesnt complete. I am having issues even with GUI mode.
  Please let me know what is should do.

  What I mean is that you can't take another customers certificate and load it onto another customers WLC.  The certificate is assigned to a FQDN (Fully Qualified Domain Name)  whcih will be a DNS entry for the customer who it was registered to, so you can't and shouldn't use it for any other client.  You need to generate one certificate per client.
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• Installing certificate file on IPHONE 2.0

  tried to install Excahnge 2003 mail support on the iphone. it came upwith authentication error. With other brand PDAs usualy this gets resolved by installing the certificate file *.cer file or *.cab file (for windows mobile) on the pda and the Sync starts.
  Questionis how do I install certificate on Iphone? can I just copy the file using active sync and TAP on it on iphone. Please advise
  REgards
  Ross

  I found this document that should help you with all your questions on using the iPhone and Exchange.
  See page 36 to manually install certificates.
  http://support.apple.com/manuals/enUS/Enterprise_DeploymentGuide.pdf

• Error installing certificate - help

  Hi
  I am trying to install a webauth certificate on a WLC (5508 6.0.188).
  I followed the "Generate CSR for Third-Party Certificates and  Download Unchained Certificates to the WLC" document.
  But when I try to upload the .pem file i get "the" "error installing certificate" promt.
  I did not have any errors using OpenSSL.
  Is there any debug commands that can help clearify the issue.
  The Solution provided in this discussion has been added in the following Blog:-
  https://supportforums.cisco.com/community/netpro/wireless-mobility/security-network-management/blog/2011/11/26/generate-csr-for-third-party-cert-and-download-unchained-cert-on-wireless-lan-controller-wlc

  I was having the same problem and worked on it for probably 8 hours trying numerous different solutions and this is what fixed it for me.
  The OpenSSL versions available from www.openssl.org do not create a final.pem that work with the WLC.
  I downloaded OpenSSL using this link http://www.ingate.com/files/Win32OpenSSL-0.9.6-1.0.zip and installed into C:\OpenSSL (It tries to install to program files, install location doesn't matter I just like it on the root of C)
  I then followed all of the steps outline on Cisco.com http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml
  Uploaded the final.pem file and it install without any problems.
  My Cert was purchased from RapidSSL I don't know if that matters or not.
  This was a renewal cert, so it was my second time install a cert to my WLC and I made the mistake of not keeping my original copy of OpenSSL that worked for me the first time.  Don't make the mistake I made and KEEP a copy of the OpenSSL version that works for you.  That will make cert renewal much easier for you.

• How to install certificate for B1if

  Dear Experts,
  I would like to know how do I install certificate for the B1if because the B1if currently behind a ISA server and when the B1if has any problem with the SSL the ISA server block the transfer and the mobile application doesn't work.
  Thank you in advance.
  Nghia

  Hi,
  you have to use the tomcat keytool C:\...\SAP Business One Integration\sapjre_6_64\jre\bin
  (http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html)

• Install Certificate (.cer) to target machine's trustedpublisher Failed

  I am attempting to use the following command to install a certificate to a client machine. This is the certificate that I am signing a silverlight XAP file with (exported as .cer without the private key).
  certmgr.exe -add .\DigiCert.cer -s -r localMachine trustedpublisher
  When I run this command, I get:
  Error: Failed to open the distantion Store
  CertMgr Failed
  The cert is able to be opened and installed using the wizard just fine, however I'm trying to reduce the number of steps the end user has to take to use the silverlight application, and the 5 or so steps the wizard has just adds to their frustration.

  As I wasn't making any headway with this, I just decided to make my own cert installer. For those that need it, you can use the following code to install a certificate. I hard-coded the name of the cert file and which store to put it in, which could easily
  be converted to parameters.
  namespace MyCompany.Cert
  using System;
  using System.Diagnostics;
  using System.IO;
  using System.Security.Cryptography.X509Certificates;
  using System.Security.Principal;
  public class Program
  enum ExitCode
  Success = 0,
  UnauthorizedAccess = 1,
  FileNotFound = 2,
  UnknownError = 10,
  static int Main(string[] args)
  try
  var tr1 = new TextWriterTraceListener(File.CreateText(@"C:\Temp\CertificateInstallLog.txt"));
  Trace.Listeners.Add(tr1);
  Trace.WriteLine("Checking for admin rights");
  if (!IsUserAdministrator())
  Trace.WriteLine("Failed to install certificate: Requires Administrator rights");
  return (int)ExitCode.UnauthorizedAccess;
  Trace.WriteLine("Have Admin rights, installing certificate");
  Trace.WriteLine("Create Store Reference: localMachine trustedPublisher");
  var store = new X509Store(StoreName.TrustedPublisher, StoreLocation.LocalMachine);
  Trace.WriteLine("Opening Store: Read/Write");
  store.Open(OpenFlags.ReadWrite);
  Trace.WriteLine("Adding Certificate from file");
  var cert = GetCertificate();
  Trace.WriteLine("Got certificate from file");
  store.Add(cert);
  Trace.WriteLine("closing store");
  store.Close();
  Trace.WriteLine("Exiting");
  Trace.Flush();
  return (int)ExitCode.Success;
  catch (FileNotFoundException ex)
  Trace.WriteLine("Failed to install certificate. File not found");
  Trace.Flush();
  return (int)ExitCode.FileNotFound;
  catch (Exception ex)
  Trace.WriteLine("Failed to install certificate. " + ex.Message);
  Trace.Flush();
  return (int)ExitCode.UnknownError;
  public static X509Certificate2 GetCertificate()
  X509Certificate2 cert;
  try
  Trace.WriteLine("trying path 'DigiCert.cer'");
  cert = new X509Certificate2("DigiCert.cer");
  catch (System.Security.Cryptography.CryptographicException)
  Trace.WriteLine("Path 'DigiCert.cer' failed");
  var path = string.Empty;
  try
  path = @"C:\Program Files" +
  (Directory.Exists(@"C:\Program Files (x86)") ? @" (x86)" : string.Empty) +
  @"\<someprogramfolder>\DigiCert.cer";
  Trace.WriteLine("trying path " + path);
  cert = new X509Certificate2(path);
  catch (System.Security.Cryptography.CryptographicException ex)
  Trace.WriteLine("Path '{0}' failed", path);
  throw ex;
  return cert;
  /// <summary>Query if this object is user administrator.</summary>
  /// <returns>true if user administrator, false if not.</returns>
  public static bool IsUserAdministrator()
  var user = WindowsIdentity.GetCurrent();
  if (user == null)
  throw new NullReferenceException("Could not determine windows identity");
  var myPrincipal = new WindowsPrincipal(user);
  if (myPrincipal.IsInRole(WindowsBuiltInRole.Administrator)) { return true; }
  Trace.WriteLine("You need to run the application using the 'Run as Administrator' option");
  return false;
  Don't forget to include an app.manifest that tells the program to always request admin rights:
  <?xml version="1.0" encoding="utf-8"?>
  <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app" />
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
  <security>
  <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
  <!-- UAC Manifest Options
  If you want to change the Windows User Account Control level replace the
  requestedExecutionLevel node with one of the following.
  <requestedExecutionLevel level="asInvoker" uiAccess="false" />
  <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
  <requestedExecutionLevel level="highestAvailable" uiAccess="false" />
  Specifying requestedExecutionLevel node will disable file and registry virtualization.
  If you want to utilize File and Registry Virtualization for backward
  compatibility then delete the requestedExecutionLevel node.
  -->
  <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
  </requestedPrivileges>
  <applicationRequestMinimum>
  <defaultAssemblyRequest permissionSetReference="Custom" />
  <PermissionSet class="System.Security.PermissionSet" version="1" ID="Custom" SameSite="site" Unrestricted="true" />
  </applicationRequestMinimum>
  </security>
  </trustInfo>
  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
  <application>
  </application>
  </compatibility>
  </asmv1:assembly>

• Download / install certificate

  How to download and install certificate from wifi or wireless ap

  Hi gangski,
  In order to download a certificate the server either would have to issue you one when one is required, or you can create a self signed certificate.
  In order to install a certificate, there are a few ways to manage them.
  # Please open up the Firefox Options/Preferences
  # and select the "Advanced" section
  # and select "Certificates"
  # Click "View Certificates"
  # Click Import... and select the certificate
  Other ways to manage certificates is to use tools:
  *[https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Reference/NSS_tools_:_certutil]

• Cannot install certificate, Cannot install certificate

  Hello
  I have a 13 inch Macbook Pro with Mac OSX 10.8.1 ML.
  My problem is about installing custom certificates.
  I was trying to install custom certificates (the type where you download and double click to install) and nothing responded. I tried another certificate and that worked, but only this one refused to work.
  Can anyone help?
  thanks

  (off topic) please stop posting new threads with the title given twice - as in "Cannot install certificate, Cannot install certificate"
  Once will do.
  TIA.

• Problem installing certificate .pem to WLC4404

  Hi, im having several problems trying to upload my auth certificate to WLC. I tried upload to WLC but im having a error "ERROR INSTALLING CERTIFICATE" 
  I have seen this link. Which it seems interesting to me but i cant access.. can someone tell me how to access here?????
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsy88149
  thanks

  This is the error
  TFTP Webauth cert transfer starting.
  TFTP receive complete... Installing Certificate.
  *TransferTask: Jan 22 16:50:28.849: sshpmAddWebauthCert: Extracting private key from webauth cert and using bundled pkcs12 password.
  *TransferTask: Jan 22 16:50:30.800: sshpmDecodePrivateKey: calling ssh_skb_decode()...
  *TransferTask: Jan 22 16:50:32.716: sshpmDecodePrivateKey: SshPrivateKeyPtr after skb_decode: 0x31afbb70
  *TransferTask: Jan 22 16:50:32.717: sshpmAddWebauthCert: got private key; extracting certificate...
  *TransferTask: Jan 22 16:50:32.723: sshpmAddWebauthCert: extracted binary cert; doing x509 decode
  *TransferTask: Jan 22 16:50:32.724: sshpmAddWebauthCert: doing x509 decode for 1319 byte certificate...
  Error installing certificate.

• Install certificate via command line utilities

  Hello there,
  I'd like to install a certificate to an iPad via some sort of Configurator or OSX command line interface. The ideal situation is one in which the user has to make no interactions with the device and the device is not restarted or changed in any way aside from having new certificate. I attempted to use the Prepare feature of Configurator but it is too intrusive: the device is unusable for ~10 minutes, a new version of iOS is installed etc. I just want to do one action: install the certificate.
  Here is a stackoverflow post where you can see I've also been polling that community and for some added detail to my question: http://stackoverflow.com/questions/25207374/install-certificate-to-ipad-via-osx- command-line
  It's also got a 50 rep bounty so if you're a user, answer there as well.
  Thanks for your help,
  - Reuben

  As long as you're using TCP/IP (LPR or IPP or HP Jetdirect {port 9100}), the different subnets issue is all in your switching/routing equipment setup.
  The easiest way to clone printer setups is to copy /etc/cups/cupsd.conf and /etc/cups/ppd to each computer.

• Safari ignores installed certificates?

  Hello
  I'm a support technician working at AO Foundation in Switzerland, a non-profit organization researching bone fracture healing methods. Recently, we opened a surgery reference area of our website which requires the user to download and install security certificates for access. I've been having trouble with security certificates under Safari, having gone thru the following these steps:
  1) goto www.aofoundation.org/subscribe/
  2) Complete the subscription process
  3) Using the username & password received in the emails, go to www.aofoundation.org/downloadcenter and download a security certificate
  4) Install downloaded certificate to the keychain by double-clicking it.
  5) goto www.aofoundation.org/surgery/ and click the blue "Enter AO Surgery" button
  6) Because you've already installed the certificate, click the blue "Go!" button
  Theoretically, that's all that's needed to make the certificate work, right?
  Under Firefox, I have to import it to FFox's own, internal certificate store, and then I can enter the surgery reference without any problems. But I seem to be missing something in Safari? Why does Safari ignore the installed certificates?
  Keychain mentions the certificate is from an untrusted source, and yet even setting it to "Always trust", Safari still ignores it. Or rather, it doesn't even let me select any security certificate, I just get rerouted to the "You have no certificate installed" web page.
  Help?

  Problem still exist as of today...I updated my Safari 5.1 on Friday (7/22/11) and I'm also having this problem with no help on fixing it....

• Installing certificate problem

  Hi,
  I'm trying to install our company SSL certificate on my new N95. Copied the Certnew.cer file onto my phone, as I have done with every other series 60 phone, and browsed to it in File Manager. Normally I would just open it, it would install before asking me if I want to use it for certificate checking, etc. However, on the N95 is opens the certificate in Notes so it doesn't get installed.
  Any ideas on how I can resolve this?

  This is the error
  TFTP Webauth cert transfer starting.
  TFTP receive complete... Installing Certificate.
  *TransferTask: Jan 22 16:50:28.849: sshpmAddWebauthCert: Extracting private key from webauth cert and using bundled pkcs12 password.
  *TransferTask: Jan 22 16:50:30.800: sshpmDecodePrivateKey: calling ssh_skb_decode()...
  *TransferTask: Jan 22 16:50:32.716: sshpmDecodePrivateKey: SshPrivateKeyPtr after skb_decode: 0x31afbb70
  *TransferTask: Jan 22 16:50:32.717: sshpmAddWebauthCert: got private key; extracting certificate...
  *TransferTask: Jan 22 16:50:32.723: sshpmAddWebauthCert: extracted binary cert; doing x509 decode
  *TransferTask: Jan 22 16:50:32.724: sshpmAddWebauthCert: doing x509 decode for 1319 byte certificate...
  Error installing certificate.

• Installing Certificate from Microsoft CA (.pfx) in Cisco Prime Infrastructure 1.2

  Hello,
  we are trying to install certificates from our CA on our Cisco Prime Infrastructure 1.2
  What we get from our colleagues is a file in .pfx format, containing an exportable key and the whole certificate chain.
  On the prime server, using openssl 0.9.8, we exportet the key and converted the file to .pem.
  When trying to install the certificate, we get the following error code:
  prime# ncs key importkey key-nopw.pem newcert.pem repository certificate
  INFO: no staging url defined, using local space.        rval:2
  ERROR: dowload of key-nopw.pem failed.  rval:-200
  Does anyone have an idea what formats can be used for prime ssl certificates and how to install them?
  The official guide has only little information on how to make a csr and install the certificate.
  Best regards,
  Joerg

  I solved the same problem 5min ago.!
  select the device and press syc ..that helped me ...

• SUN Java System Web Server 7.0U1 How to install certificate chain

  I am trying to install a certificate chain using the SUN Java Web Server 7.0U1 HTTPS User interface. What I have tried so far:
  1. Created a single file using vi editor containing the four certificates in the chain by cutting an pasting each certificate (Begin Certificate ... End Certificate) where the top certificate is the server cert (associated with the private key), then the CA that signed the server cert, then the next CA, then the root CA. Call this file cert_chain.pem
  2. Go to Certificates Tab/Server Certificates
  3. Choose Install
  4. Cut and paste contents of cert_chain.pem in the certificate data box.
  5. Assign to httplistener
  6. Nickname for this chain is 'server_cert'
  7. Select httplistener and assign server_cert (for some reason, this is not automatically done after doing step 5).
  8. No errors are received.
  When I display server_cert (by clicking on it), only the first certificate of the chain is displayed and only that cert is provided to the client during the SSL handshake.
  I tried to do the same, except using the Certificate Authority Tab, since this gave the option of designating the certificate as a CA or chain during installation. When I select ed "chain," I get the same results when I review the certificate (only the first cert in the file is displayed). This tells me that entering the chain in PEM format is not acceptable. I tried this method since it worked fine with the F5 BIG-IP SSL appliance.
  My question is what format/tool do I need to use to create a certificate chain that the Web Server will accept?

  turrie wrote:
  1. Created a single file using vi editor containing the four certificates in the chain by cutting an pasting each certificate (Begin Certificate ... End Certificate) where the top certificate is the server cert (associated with the private key), then the CA that signed the server cert, then the next CA, then the root CA. Call this file cert_chain.pemIn my opinion (I may be wrong) cut and pasting multiple begin end
  --- BEGIN CERTIFICATE ---
  ... some data....
  --- END CERTIFICATE ---
  --- BEGIN CERTIFICATE ---
  ... some data....
  --- END CERTIFICATE ---is NOT the way to create a certificate chain.
  I have installed a certificated chain (it had 1 BEGIN CERTIFICATE and one END CERTIFICATE only and still had 2 certificates) and I used the same steps as you mentioned and it installed both the certificates.
  some links :
  [https://developer.mozilla.org/en/NSS_Certificate_Download_Specification|https://developer.mozilla.org/en/NSS_Certificate_Download_Specification]
  [https://wiki.mozilla.org/CA:Certificate_Download_Specification|https://wiki.mozilla.org/CA:Certificate_Download_Specification]

• Install certificate error

  I have been trying for at least a month to install the new iTunes. Every time it gets in the middle of the install it errors out saying there is an invalid certificate.

  I found it. For Firefox it is under Tools / Options / Advanced / View Certificates
  That will only give you a list of Names and Devices. Highlight the one you think it might be then click on view to see the expiration dates.
  Right now I am on a different computer. I will try it later on my iTunes computer.