Installing certificate on SunOne Webserver7
Hi,
i have installed SunOne webserver 7 on Solaris10.
i had a problem installing a certificate on
the SunOne webserver7.
i got a .p12 certificate from a wellknown CA.
according to sun i need to enter a .DER
certificate by path to the file or paste
the Binary file.
through openssl command i have converted the .p12 to .pem and from there to .DER.
but it seems that only one part of the certificate is pass from .pem to .DER.
which is the privat key or the certificate
its self i dont know.
.DER is a binary file so i cant see actually what part did he transfer completly.
though the SunOne7 says he cant find the private key.
eventually i have exported the certificate and private key seperatly to .DER files
but couldnt find the command to join them into one .DER file.
if someone can help i will appriciate it.
thanks
If the certificate and key are in a PKCS#12 format file, then you can import it into a server instance using the pk12util command.
First ensure that the administration server config store and the instance are synched by deploying/pulling any changes to one of them.
Then use pk12util to import the pkcs file. You will need the password assigned to the file.
$ ${server-install-dir}/bin/pk12util -i <exported-pkcs12-file> -d ${server-instance-dir}/configExample:
$ /d2/nelson/webserver7/bin/pk12util -i /d2/nelson/server.pk12 -d /d2/nelson/webserver7/https-example.com/config
Enter password for PKCS12 file:
pk12util: PKCS12 IMPORT SUCCESSFULThen pull the config changes into the admin configuration store using wadm
wadm> pull-config --config=example.com server.instance
CLI201 Command 'pull-config' ran successfullyList the certificate
wadm> list-certs --config=example.com --verbose
nickname
ALIAS
Similar Messages
-
Error installing certificate with Cisco 5508 7.4.110
hi All,
I am getting Error while installing the web certificate on a WLC.
(Cisco Controller) >transfer download start
Mode............................................. TFTP
Data Type........................................ Site Cert
TFTP Server IP................................... 10.225.5.11
TFTP Packet Timeout.............................. 6
TFTP Max Retries................................. 10
TFTP Path........................................ ./
TFTP Filename.................................... final-cert.pem
This may take some time.
Are you sure you want to start? (y/N) y
TFTP Webauth cert transfer starting.
TFTP receive complete... Installing Certificate.
Error installing certificate.
the Copy works fine but for some reason installation doesnt complete. I am having issues even with GUI mode.
Please let me know what is should do.What I mean is that you can't take another customers certificate and load it onto another customers WLC. The certificate is assigned to a FQDN (Fully Qualified Domain Name) whcih will be a DNS entry for the customer who it was registered to, so you can't and shouldn't use it for any other client. You need to generate one certificate per client.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Installing certificate file on IPHONE 2.0
tried to install Excahnge 2003 mail support on the iphone. it came upwith authentication error. With other brand PDAs usualy this gets resolved by installing the certificate file *.cer file or *.cab file (for windows mobile) on the pda and the Sync starts.
Questionis how do I install certificate on Iphone? can I just copy the file using active sync and TAP on it on iphone. Please advise
REgards
RossI found this document that should help you with all your questions on using the iPhone and Exchange.
See page 36 to manually install certificates.
http://support.apple.com/manuals/enUS/Enterprise_DeploymentGuide.pdf -
Error installing certificate - help
Hi
I am trying to install a webauth certificate on a WLC (5508 6.0.188).
I followed the "Generate CSR for Third-Party Certificates and Download Unchained Certificates to the WLC" document.
But when I try to upload the .pem file i get "the" "error installing certificate" promt.
I did not have any errors using OpenSSL.
Is there any debug commands that can help clearify the issue.
The Solution provided in this discussion has been added in the following Blog:-
https://supportforums.cisco.com/community/netpro/wireless-mobility/security-network-management/blog/2011/11/26/generate-csr-for-third-party-cert-and-download-unchained-cert-on-wireless-lan-controller-wlcI was having the same problem and worked on it for probably 8 hours trying numerous different solutions and this is what fixed it for me.
The OpenSSL versions available from www.openssl.org do not create a final.pem that work with the WLC.
I downloaded OpenSSL using this link http://www.ingate.com/files/Win32OpenSSL-0.9.6-1.0.zip and installed into C:\OpenSSL (It tries to install to program files, install location doesn't matter I just like it on the root of C)
I then followed all of the steps outline on Cisco.com http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml
Uploaded the final.pem file and it install without any problems.
My Cert was purchased from RapidSSL I don't know if that matters or not.
This was a renewal cert, so it was my second time install a cert to my WLC and I made the mistake of not keeping my original copy of OpenSSL that worked for me the first time. Don't make the mistake I made and KEEP a copy of the OpenSSL version that works for you. That will make cert renewal much easier for you. -
How to install certificate for B1if
Dear Experts,
I would like to know how do I install certificate for the B1if because the B1if currently behind a ISA server and when the B1if has any problem with the SSL the ISA server block the transfer and the mobile application doesn't work.
Thank you in advance.
NghiaHi,
you have to use the tomcat keytool C:\...\SAP Business One Integration\sapjre_6_64\jre\bin
(http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html) -
Install Certificate (.cer) to target machine's trustedpublisher Failed
I am attempting to use the following command to install a certificate to a client machine. This is the certificate that I am signing a silverlight XAP file with (exported as .cer without the private key).
certmgr.exe -add .\DigiCert.cer -s -r localMachine trustedpublisher
When I run this command, I get:
Error: Failed to open the distantion Store
CertMgr Failed
The cert is able to be opened and installed using the wizard just fine, however I'm trying to reduce the number of steps the end user has to take to use the silverlight application, and the 5 or so steps the wizard has just adds to their frustration.As I wasn't making any headway with this, I just decided to make my own cert installer. For those that need it, you can use the following code to install a certificate. I hard-coded the name of the cert file and which store to put it in, which could easily
be converted to parameters.
namespace MyCompany.Cert
using System;
using System.Diagnostics;
using System.IO;
using System.Security.Cryptography.X509Certificates;
using System.Security.Principal;
public class Program
enum ExitCode
Success = 0,
UnauthorizedAccess = 1,
FileNotFound = 2,
UnknownError = 10,
static int Main(string[] args)
try
var tr1 = new TextWriterTraceListener(File.CreateText(@"C:\Temp\CertificateInstallLog.txt"));
Trace.Listeners.Add(tr1);
Trace.WriteLine("Checking for admin rights");
if (!IsUserAdministrator())
Trace.WriteLine("Failed to install certificate: Requires Administrator rights");
return (int)ExitCode.UnauthorizedAccess;
Trace.WriteLine("Have Admin rights, installing certificate");
Trace.WriteLine("Create Store Reference: localMachine trustedPublisher");
var store = new X509Store(StoreName.TrustedPublisher, StoreLocation.LocalMachine);
Trace.WriteLine("Opening Store: Read/Write");
store.Open(OpenFlags.ReadWrite);
Trace.WriteLine("Adding Certificate from file");
var cert = GetCertificate();
Trace.WriteLine("Got certificate from file");
store.Add(cert);
Trace.WriteLine("closing store");
store.Close();
Trace.WriteLine("Exiting");
Trace.Flush();
return (int)ExitCode.Success;
catch (FileNotFoundException ex)
Trace.WriteLine("Failed to install certificate. File not found");
Trace.Flush();
return (int)ExitCode.FileNotFound;
catch (Exception ex)
Trace.WriteLine("Failed to install certificate. " + ex.Message);
Trace.Flush();
return (int)ExitCode.UnknownError;
public static X509Certificate2 GetCertificate()
X509Certificate2 cert;
try
Trace.WriteLine("trying path 'DigiCert.cer'");
cert = new X509Certificate2("DigiCert.cer");
catch (System.Security.Cryptography.CryptographicException)
Trace.WriteLine("Path 'DigiCert.cer' failed");
var path = string.Empty;
try
path = @"C:\Program Files" +
(Directory.Exists(@"C:\Program Files (x86)") ? @" (x86)" : string.Empty) +
@"\<someprogramfolder>\DigiCert.cer";
Trace.WriteLine("trying path " + path);
cert = new X509Certificate2(path);
catch (System.Security.Cryptography.CryptographicException ex)
Trace.WriteLine("Path '{0}' failed", path);
throw ex;
return cert;
/// <summary>Query if this object is user administrator.</summary>
/// <returns>true if user administrator, false if not.</returns>
public static bool IsUserAdministrator()
var user = WindowsIdentity.GetCurrent();
if (user == null)
throw new NullReferenceException("Could not determine windows identity");
var myPrincipal = new WindowsPrincipal(user);
if (myPrincipal.IsInRole(WindowsBuiltInRole.Administrator)) { return true; }
Trace.WriteLine("You need to run the application using the 'Run as Administrator' option");
return false;
Don't forget to include an app.manifest that tells the program to always request admin rights:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app" />
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<!-- UAC Manifest Options
If you want to change the Windows User Account Control level replace the
requestedExecutionLevel node with one of the following.
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
Specifying requestedExecutionLevel node will disable file and registry virtualization.
If you want to utilize File and Registry Virtualization for backward
compatibility then delete the requestedExecutionLevel node.
-->
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
<applicationRequestMinimum>
<defaultAssemblyRequest permissionSetReference="Custom" />
<PermissionSet class="System.Security.PermissionSet" version="1" ID="Custom" SameSite="site" Unrestricted="true" />
</applicationRequestMinimum>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
</application>
</compatibility>
</asmv1:assembly> -
Download / install certificate
How to download and install certificate from wifi or wireless ap
Hi gangski,
In order to download a certificate the server either would have to issue you one when one is required, or you can create a self signed certificate.
In order to install a certificate, there are a few ways to manage them.
# Please open up the Firefox Options/Preferences
# and select the "Advanced" section
# and select "Certificates"
# Click "View Certificates"
# Click Import... and select the certificate
Other ways to manage certificates is to use tools:
*[https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Reference/NSS_tools_:_certutil] -
Cannot install certificate, Cannot install certificate
Hello
I have a 13 inch Macbook Pro with Mac OSX 10.8.1 ML.
My problem is about installing custom certificates.
I was trying to install custom certificates (the type where you download and double click to install) and nothing responded. I tried another certificate and that worked, but only this one refused to work.
Can anyone help?
thanks(off topic) please stop posting new threads with the title given twice - as in "Cannot install certificate, Cannot install certificate"
Once will do.
TIA. -
Problem installing certificate .pem to WLC4404
Hi, im having several problems trying to upload my auth certificate to WLC. I tried upload to WLC but im having a error "ERROR INSTALLING CERTIFICATE"
I have seen this link. Which it seems interesting to me but i cant access.. can someone tell me how to access here?????
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsy88149
thanksThis is the error
TFTP Webauth cert transfer starting.
TFTP receive complete... Installing Certificate.
*TransferTask: Jan 22 16:50:28.849: sshpmAddWebauthCert: Extracting private key from webauth cert and using bundled pkcs12 password.
*TransferTask: Jan 22 16:50:30.800: sshpmDecodePrivateKey: calling ssh_skb_decode()...
*TransferTask: Jan 22 16:50:32.716: sshpmDecodePrivateKey: SshPrivateKeyPtr after skb_decode: 0x31afbb70
*TransferTask: Jan 22 16:50:32.717: sshpmAddWebauthCert: got private key; extracting certificate...
*TransferTask: Jan 22 16:50:32.723: sshpmAddWebauthCert: extracted binary cert; doing x509 decode
*TransferTask: Jan 22 16:50:32.724: sshpmAddWebauthCert: doing x509 decode for 1319 byte certificate...
Error installing certificate. -
Install certificate via command line utilities
Hello there,
I'd like to install a certificate to an iPad via some sort of Configurator or OSX command line interface. The ideal situation is one in which the user has to make no interactions with the device and the device is not restarted or changed in any way aside from having new certificate. I attempted to use the Prepare feature of Configurator but it is too intrusive: the device is unusable for ~10 minutes, a new version of iOS is installed etc. I just want to do one action: install the certificate.
Here is a stackoverflow post where you can see I've also been polling that community and for some added detail to my question: http://stackoverflow.com/questions/25207374/install-certificate-to-ipad-via-osx- command-line
It's also got a 50 rep bounty so if you're a user, answer there as well.
Thanks for your help,
- ReubenAs long as you're using TCP/IP (LPR or IPP or HP Jetdirect {port 9100}), the different subnets issue is all in your switching/routing equipment setup.
The easiest way to clone printer setups is to copy /etc/cups/cupsd.conf and /etc/cups/ppd to each computer. -
Safari ignores installed certificates?
Hello
I'm a support technician working at AO Foundation in Switzerland, a non-profit organization researching bone fracture healing methods. Recently, we opened a surgery reference area of our website which requires the user to download and install security certificates for access. I've been having trouble with security certificates under Safari, having gone thru the following these steps:
1) goto www.aofoundation.org/subscribe/
2) Complete the subscription process
3) Using the username & password received in the emails, go to www.aofoundation.org/downloadcenter and download a security certificate
4) Install downloaded certificate to the keychain by double-clicking it.
5) goto www.aofoundation.org/surgery/ and click the blue "Enter AO Surgery" button
6) Because you've already installed the certificate, click the blue "Go!" button
Theoretically, that's all that's needed to make the certificate work, right?
Under Firefox, I have to import it to FFox's own, internal certificate store, and then I can enter the surgery reference without any problems. But I seem to be missing something in Safari? Why does Safari ignore the installed certificates?
Keychain mentions the certificate is from an untrusted source, and yet even setting it to "Always trust", Safari still ignores it. Or rather, it doesn't even let me select any security certificate, I just get rerouted to the "You have no certificate installed" web page.
Help?Problem still exist as of today...I updated my Safari 5.1 on Friday (7/22/11) and I'm also having this problem with no help on fixing it....
-
Installing certificate on M160
I have an M160 running AsyncOS 6.7.7-202, and two C160 running AsyncOS 7.1.2-020.
I am installing a certificate on the M160, so that our users accessing the spam quarantine don't get any certificate warnings or errors. I read the knowledgebase and followed these steps:
1) How do I create a certificate request on Windows using OpenSSL?
http://ironport.custhelp.com/cgi-bin/ironport.cfg/php/enduser/popup_adp.php?p_faqid=1016&p_created=1202519551&p_sid=Gbh2Ezgk&p_lva=772&p_li=cF91c2VyaWQ9MXJvblAwcnQmcF9wYXNzd2Q9Zm8wQmE1&p_redirect=0&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3Jvd19jbnQ9NDIsNDImcF9wcm9kcz0wJnBfY2F0cz0wJnBfcHY9JnBfY3Y9JnBfc2VhcmNoX3R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1zc2w!
Worked fine.
2) Installing Certificates on an IronPort Email Security Appliance
http://ironport.custhelp.com/cgi-bin/ironport.cfg/php/enduser/popup_adp.php?p_faqid=674&p_created=1162604309&p_sid=Gbh2Ezgk&p_lva=772&p_li=cF91c2VyaWQ9MXJvblAwcnQmcF9wYXNzd2Q9Zm8wQmE1&p_redirect=0&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3Jvd19jbnQ9NDIsNDImcF9wcm9kcz0wJnBfY2F0cz0wJnBfcHY9JnBfY3Y9JnBfc2VhcmNoX3R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1zc2w!
Did not work. First I pasted in the certificate I got from Verisign, no problem. Then I pasted the output from privkey.pem generated in step one and I get an error msg. My output:
mailmgmt.dsb.no> certconfig
Currently using the demo certificate/key for receiving, delivery, HTTPS management access, and LDAPS.
Choose the operation you want to perform:
- SETUP - Configure security certificates and keys.
[]> setup
Do you want to use one certificate/key for receiving, delivery, HTTPS management access, and LDAPS? [Y]> y
paste cert in PEM format (end with '.'):
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIQJaXYQ2kjWcNWJ13u4Q3h1DANBgkqhkiG9w0BAQUFADCB
tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTAxMjAz
MDAwMDAwWhcNMTQxMjAyMjM1OTU5WjCBljELMAkGA1UEBhMCbm8xETAPBgNVBAgT
CHZlc3Rmb2xkMREwDwYDVQQHFAh0b25zYmVyZzE4MDYGA1UEChQvRGlyZWt0b3Jh
dGV0IGZvciBzYW1mdW5uc3Npa2tlcmhldCBvZyBiZXJlZHNrYXAxDDAKBgNVBAsU
A0lDVDEZMBcGA1UEAxQQa2FyYW50ZW5lLmRzYi5ubzCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAL9NUUey2P1tk3KhnHmS/2EqduRVX3nZTpPAlvXRQOCh
TYMOIJutcdUJQkoobdRAEXizy1mZngfvQmZHmg481Ivkt1R3iCyRl5LQgDSqWFjG
3AyGVv8xk5O6R3/rt0PiIKEKcuKXjO9r7vqHVKja5fYMjahCXQeH9NKOQ+QRaEQV
w9uS46glsr9CT8rZ7B2OEBu18gxGuTZ0avrkfuoyNSBr5sL5OIbpp/Q2kHciy2my
fxJG7/fuLoO6RFTPp2nikBtOevtgNGLgq9MeyYhb963E6nsA1AhmqQhtEBvBVAAo
cr3QdDZsW9HoNQ/zqQz5CzYIMIott/LCLn6mQh4ymzUCAwEAAaOCAdEwggHNMAkG
A1UdEwQCMAAwCwYDVR0PBAQDAgWgMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9T
VlJTZWN1cmUtRzMtY3JsLnZlcmlzaWduLmNvbS9TVlJTZWN1cmVHMy5jcmwwRAYD
VR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
dy52ZXJpc2lnbi5jb20vcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl9AFj2L55pTB2BggrBgEFBQcBAQRq
MGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEF
BQcwAoY0aHR0cDovL1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNl
Y3VyZUczLmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglpbWFnZS9naWYw
ITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRodHRwOi8vbG9n
by52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEFBQADggEBAEWF
TZa0jO4Zg17O0uOJkxotAAUEsTVXq7HM+8qtPNA3RgmaVyTWsk5v+uWDTA+F5vJs
nLBFdhZzZFcsBwHFGbXkCLU2IEVa3F/iwIPDVl6TVlOgJgRGuTTRZrayfgqsWSE3
K2gYBXTeC+cenpAXuzfMiT8LAAYMBtMiwbuS3UtxhPUVzgtpeyccM6bcc6bz2Gnt
vaIwhBxm+cTByDSTgDnZt7JyCXbof45OmdOP6xn7tEl9dUb/zw+C7RXJ8niscmPt
2he1UNVHWWJCi2b+NVcz1wMl/zzqcP/Vl0cjl2xG/5iTNO4jdSRzGHD5xVS57ce9
srWm1LfQ+RQeulyGfO8=
-----END CERTIFICATE-----
cert = -----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIQJaXYQ2kjWcNWJ13u4Q3h1DANBgkqhkiG9w0BAQUFADCB
tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTAxMjAz
MDAwMDAwWhcNMTQxMjAyMjM1OTU5WjCBljELMAkGA1UEBhMCbm8xETAPBgNVBAgT
CHZlc3Rmb2xkMREwDwYDVQQHFAh0b25zYmVyZzE4MDYGA1UEChQvRGlyZWt0b3Jh
dGV0IGZvciBzYW1mdW5uc3Npa2tlcmhldCBvZyBiZXJlZHNrYXAxDDAKBgNVBAsU
A0lDVDEZMBcGA1UEAxQQa2FyYW50ZW5lLmRzYi5ubzCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAL9NUUey2P1tk3KhnHmS/2EqduRVX3nZTpPAlvXRQOCh
TYMOIJutcdUJQkoobdRAEXizy1mZngfvQmZHmg481Ivkt1R3iCyRl5LQgDSqWFjG
3AyGVv8xk5O6R3/rt0PiIKEKcuKXjO9r7vqHVKja5fYMjahCXQeH9NKOQ+QRaEQV
w9uS46glsr9CT8rZ7B2OEBu18gxGuTZ0avrkfuoyNSBr5sL5OIbpp/Q2kHciy2my
fxJG7/fuLoO6RFTPp2nikBtOevtgNGLgq9MeyYhb963E6nsA1AhmqQhtEBvBVAAo
cr3QdDZsW9HoNQ/zqQz5CzYIMIott/LCLn6mQh4ymzUCAwEAAaOCAdEwggHNMAkG
A1UdEwQCMAAwCwYDVR0PBAQDAgWgMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9T
VlJTZWN1cmUtRzMtY3JsLnZlcmlzaWduLmNvbS9TVlJTZWN1cmVHMy5jcmwwRAYD
VR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
dy52ZXJpc2lnbi5jb20vcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl9AFj2L55pTB2BggrBgEFBQcBAQRq
MGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEF
BQcwAoY0aHR0cDovL1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNl
Y3VyZUczLmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglpbWFnZS9naWYw
ITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRodHRwOi8vbG9n
by52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEFBQADggEBAEWF
TZa0jO4Zg17O0uOJkxotAAUEsTVXq7HM+8qtPNA3RgmaVyTWsk5v+uWDTA+F5vJs
nLBFdhZzZFcsBwHFGbXkCLU2IEVa3F/iwIPDVl6TVlOgJgRGuTTRZrayfgqsWSE3
K2gYBXTeC+cenpAXuzfMiT8LAAYMBtMiwbuS3UtxhPUVzgtpeyccM6bcc6bz2Gnt
vaIwhBxm+cTByDSTgDnZt7JyCXbof45OmdOP6xn7tEl9dUb/zw+C7RXJ8niscmPt
2he1UNVHWWJCi2b+NVcz1wMl/zzqcP/Vl0cjl2xG/5iTNO4jdSRzGHD5xVS57ce9
srWm1LfQ+RQeulyGfO8=
-----END CERTIFICATE-----
paste key in PEM format (end with '.'):
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAv01RR7LY/W2TcqGceZL/YSp25FVfedlOk8CW9dFA4KFNgw4gm61x1QlCSiht1EAReLPLWZmeB+9CZkeaDjzUi+S3VHeILJGXktCANKpYWMbcDIZW/zGTk7pHf+u3Q+IgoQpy4peM72vu+odUqNrl9gyNqEJdB4f00o5D5BFoRBXD25LjqCWyv0JPytnsHY4QG7XyDEa5NnRq+uR+6jI1IGvmwvk4humn9DaQdyLLabJ/Ekbv9+4ug7pEVM+naeKQG056+2A0YuCr0x7JiFv3rcTqewDUCGapCG0QG8FUAChyvdB0Nmxb0eg1D/OpDPkLNggwii238sIufqZCHjKbNQIDAQABAoIBAEPWXyRVv6ze1pKnzJ0wC2+hZ1fBDoJfFQZAHUg+VAtUJ/B5agbKkrtA9Ujm3UuPDKMI3ut/FhMqPRmX+oFiAN061egWGyvy1RUy6sPCRGH24sFuQhtssTCJtiEerXZdEcUJt4Oyyj98vtoIc3UNas691N396o9pHuAroteVdKvvju1NCCAiM5mrK1H6BF6ODC4m/vR7U2RBKV2mvfb/u7qiXsXsnEb/Ybe+HeoMOEtCNiFQDQz1dn8PiQXIJVRyauHdXzM9gmw8Orudgatl+0rLrWBuhNbqoG92xEdhNaEgUgr9sWaB99U6dnzcLs4wG9cWWTboaT7dJ9ThQEESSQECgYEA4rWPOWdZFJA8o3Ypv7VCAFdYZdZ4WjmL5tJB5eFrvR7AV/6J87VehZvqswkW5BndKN6wLf62QsMrSUk2C+RRILp3wwFkTQeMaKcY7egKC2U/UZTA1FCb/FgNeMPVCu/IEz2Q98uX16WMbeXKu9KMCuIn30L8IuNPD4bUTGWWG7kCgYEA2ASo7P6BJIewOeOnjjf6hE8JmPMoyZ9bzv0wWW8GPY3lcImeZBASOGKyYP9AT76T2GjshTNwz5dABUwYB/OjPlWOW3CMAxi46UmKsMm9+jLEQGCzB9qEthheUPPuFLFQNiJmH8C2v6pwRRnqaAv/FqHA8SpFaJDVTi4XsouNUV0CgYBuFJac2u/IKlknTeLrsUmA/OhxWnhJ5xNlWsagppo31Ey07WVyrqhc295UXJ9+1ogqpiaJztoVBMtp5GCX2Z8C80ffqjdXp8insCtMqZTm/5yFMmOHNDTpjJ/N+djiXJebsBNKHtN15G6RljighpV1W2bc45umHRVwhpljFxiSEQKBgQDMOzOexUxBxkuVn6fFrSUbvEIdqh9w6Ep7myMAGxiyT5qR2Hq4rf0b9Cwjyo/6FPtgymp70NOiYKR1najGs9Et2OO7jd/B+bixTwdh94q2pxKmrwX0seNw6f8Z2FXKmI12cPVOpfvhn/l/S240KstkkU+Ccu2mW/BfdvKOqqPUPQKBgQCADxSrm7TTH2FXi2zaSvcRmX2y4vnQ7nQZ6JfCQ4lqNLWP1pw/APyJoCw64rsWNTYATOJ9yMUORdtFv3Lrs2fAy/p5AzXGkPG6qWoRcY7SzGWEiSCuRdFwpkpJuIJEyCC/aYr8vIBLJfagGM5qsDeFXyTT5JPZyl+YJA/fIBm4jA==
-----END RSA PRIVATE KEY-----
Invalid key...discarding.
paste cert in PEM format (end with '.'):
I never get to the question about the intermediate certificate. Help anyone?More info:
I tried generating a new privkey.pem:
OpenSSL> genrsa -out privkey.pem 2048
Loading 'screen' into random state - done
Generating RSA private key, 2048 bit long modulus
................+++
.........+++
e is 65537 (0x10001)
I copied it into Word, and then into Notepad to get the format right:
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAuNWA2ygU04fKYDIjBk81FkkaAvghZBCSKT2UwV3I40ZC5cqU
YrjTF1TlIovZdtdNtlFyayTfRlji+Rsho/+UtMIEj6HvSSWOU8GcryCc01UEpm2a
/4P+RkR8FRjXQ0HYmZqRvLIb2ggY/X+s4v/Hs+rT/gtigDqlbDKKR2wnrAJ5RHgE
Apj8eWl145EW1cz11/FEByCLtzOSlw8PWgR+AU9+CvkIIPIGiR3jjjCFMvrhuIf1
uzm8PXanEnChZu/2LMhelYqAO1GAT8ZIC7uKEcIHzxZ3nl8dzD8Xp1ekKGRgquI2
V2MCMPw/4aE51RxI5Yt6GA/CtGaywUc3LW+4QQIDAQABAoIBAQCrcXZtUddHghvo
cHjmYE/4lOPovymRvIEmebViStCMZ16j8O0ESTWb3aYQDjIvNnQh2ZhM482qXcZi
k5T3npjbtV8vr1/ZtFk5PUxNcO2mZKTEjsQHn/IaUWna08jP3OLBT4tAwOBus7Yi
ZOwDPoeJThdG/F5oXH2WR6bVqu99btWXYnzt8Z/qSN8O9b0TFZyrOcWvPGmSP06e
NfRSipANxfvomvyyU9JY9kC94ybgyso/pyRoO9hQAfcUK60aXeAYIEe6wgughRaR
aK0ZHvCJnDw62+E34smtYgsfqjIn+bpoLphuAE8qclHaz/xjG3f75b7/UUiJWjCJ
u1EfQOlVAoGBAOf3sFcakgn2jhoHkbwVQL3ku1JiD8ajS6vVfBMwgwlRTFgiLdIj
+7hLu11zCJWLMbJ6p6W/h/l4CfiWKsyhjnmrAeQ6CNkP9exz8M5CkcWRDthvslPh
4TG2etWhPCjbyyNFlbTDdc2n96Up7h2QNw1p/+C6jXktK6RkSxQdBf6PAoGBAMv7
uZiDc2jdlwiPkD5k4cawKTNxIamA8NrrlWRBMdWuNsNSE5Fmt9DQ3ryvDGhvdhdo
fRTjiHzm/un7YQBPtHJg98E932C4dlxqPvmLZE5RrGa+A57pyu1tfj9QIcyge9XC
ryUD8qzLNpMBkyIeQv35pjXtlZemMGOuFzl+yEQvAoGAXfsD/sZNFKxHtlQKv2D8
8fKR0jbYnWnbZqr/seadsFC31Z1DYzgg6/IC30GT4MKcR+tZsNWAiZoQsB5nCLEL
wE+AXK8GlqrYwAvZLDfcR2cV1KqsXT/OtQ1xhsvkS8mA67FtjecC+2dp9gie6Gtd
YpnniW0LlGSwodHgeS2pGBECgYEArgXATcv/XryFCImqDoD0WRSa4ccnZ7uYP7xy
RAiWomyxTastBIP0V9KJ48EXPdWxksDSzUpce+p6GVYbaC+Xi2kMlTDa7GISoD8I
IM75sRNemHyNDDr6o9ogtZUAcNmNLE2eLF8U3rOziHD0fEwC7TfZw/JACBOA/tlb
+PIfmoMCgYAzF9wndhOa/c3aZDAwI4DyWT5O5hdaJlt2EQU1SLIL31fVJs+Hnasb
Dcm1FgulF5xzBod6nF/GAPBcc/J8IlRhVhW9GUc+r8mN1jUl+FBvVfmEiSu5dwax
6kreMnXK4eVgBWIUSkV+QkehWmOMJUoTZe3rFKO28I++W7Ysr+39RQ==
-----END RSA PRIVATE KEY-----
I then pasted it into the M160 just to see if it would accept it, and it did not:
mailmgmt.dsb.no> certconfig
Currently using the demo certificate/key for receiving, delivery, HTTPS management access, and LDAPS.
Choose the operation you want to perform:
- SETUP - Configure security certificates and keys.
[]> setup
Do you want to use one certificate/key for receiving, delivery, HTTPS management access, and LDAPS? [Y]> y
paste cert in PEM format (end with '.'):
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAuNWA2ygU04fKYDIjBk81FkkaAvghZBCSKT2UwV3I40ZC5cqU
YrjTF1TlIovZdtdNtlFyayTfRlji+Rsho/+UtMIEj6HvSSWOU8GcryCc01UEpm2a
/4P+RkR8FRjXQ0HYmZqRvLIb2ggY/X+s4v/Hs+rT/gtigDqlbDKKR2wnrAJ5RHgE
Apj8eWl145EW1cz11/FEByCLtzOSlw8PWgR+AU9+CvkIIPIGiR3jjjCFMvrhuIf1
uzm8PXanEnChZu/2LMhelYqAO1GAT8ZIC7uKEcIHzxZ3nl8dzD8Xp1ekKGRgquI2
V2MCMPw/4aE51RxI5Yt6GA/CtGaywUc3LW+4QQIDAQABAoIBAQCrcXZtUddHghvo
cHjmYE/4lOPovymRvIEmebViStCMZ16j8O0ESTWb3aYQDjIvNnQh2ZhM482qXcZi
k5T3npjbtV8vr1/ZtFk5PUxNcO2mZKTEjsQHn/IaUWna08jP3OLBT4tAwOBus7Yi
ZOwDPoeJThdG/F5oXH2WR6bVqu99btWXYnzt8Z/qSN8O9b0TFZyrOcWvPGmSP06e
NfRSipANxfvomvyyU9JY9kC94ybgyso/pyRoO9hQAfcUK60aXeAYIEe6wgughRaR
aK0ZHvCJnDw62+E34smtYgsfqjIn+bpoLphuAE8qclHaz/xjG3f75b7/UUiJWjCJ
u1EfQOlVAoGBAOf3sFcakgn2jhoHkbwVQL3ku1JiD8ajS6vVfBMwgwlRTFgiLdIj
+7hLu11zCJWLMbJ6p6W/h/l4CfiWKsyhjnmrAeQ6CNkP9exz8M5CkcWRDthvslPh
4TG2etWhPCjbyyNFlbTDdc2n96Up7h2QNw1p/+C6jXktK6RkSxQdBf6PAoGBAMv7
uZiDc2jdlwiPkD5k4cawKTNxIamA8NrrlWRBMdWuNsNSE5Fmt9DQ3ryvDGhvdhdo
fRTjiHzm/un7YQBPtHJg98E932C4dlxqPvmLZE5RrGa+A57pyu1tfj9QIcyge9XC
ryUD8qzLNpMBkyIeQv35pjXtlZemMGOuFzl+yEQvAoGAXfsD/sZNFKxHtlQKv2D8
8fKR0jbYnWnbZqr/seadsFC31Z1DYzgg6/IC30GT4MKcR+tZsNWAiZoQsB5nCLEL
wE+AXK8GlqrYwAvZLDfcR2cV1KqsXT/OtQ1xhsvkS8mA67FtjecC+2dp9gie6Gtd
YpnniW0LlGSwodHgeS2pGBECgYEArgXATcv/XryFCImqDoD0WRSa4ccnZ7uYP7xy
RAiWomyxTastBIP0V9KJ48EXPdWxksDSzUpce+p6GVYbaC+Xi2kMlTDa7GISoD8I
IM75sRNemHyNDDr6o9ogtZUAcNmNLE2eLF8U3rOziHD0fEwC7TfZw/JACBOA/tlb
+PIfmoMCgYAzF9wndhOa/c3aZDAwI4DyWT5O5hdaJlt2EQU1SLIL31fVJs+Hnasb
Dcm1FgulF5xzBod6nF/GAPBcc/J8IlRhVhW9GUc+r8mN1jUl+FBvVfmEiSu5dwax
6kreMnXK4eVgBWIUSkV+QkehWmOMJUoTZe3rFKO28I++W7Ysr+39RQ==
-----END RSA PRIVATE KEY-----
Invalid certificate...discarding.
paste cert in PEM format (end with '.'):
It's the private key file that seems to be the problem here...? -
Installing certificate problem
Hi,
I'm trying to install our company SSL certificate on my new N95. Copied the Certnew.cer file onto my phone, as I have done with every other series 60 phone, and browsed to it in File Manager. Normally I would just open it, it would install before asking me if I want to use it for certificate checking, etc. However, on the N95 is opens the certificate in Notes so it doesn't get installed.
Any ideas on how I can resolve this?This is the error
TFTP Webauth cert transfer starting.
TFTP receive complete... Installing Certificate.
*TransferTask: Jan 22 16:50:28.849: sshpmAddWebauthCert: Extracting private key from webauth cert and using bundled pkcs12 password.
*TransferTask: Jan 22 16:50:30.800: sshpmDecodePrivateKey: calling ssh_skb_decode()...
*TransferTask: Jan 22 16:50:32.716: sshpmDecodePrivateKey: SshPrivateKeyPtr after skb_decode: 0x31afbb70
*TransferTask: Jan 22 16:50:32.717: sshpmAddWebauthCert: got private key; extracting certificate...
*TransferTask: Jan 22 16:50:32.723: sshpmAddWebauthCert: extracted binary cert; doing x509 decode
*TransferTask: Jan 22 16:50:32.724: sshpmAddWebauthCert: doing x509 decode for 1319 byte certificate...
Error installing certificate. -
Installing Certificate from Microsoft CA (.pfx) in Cisco Prime Infrastructure 1.2
Hello,
we are trying to install certificates from our CA on our Cisco Prime Infrastructure 1.2
What we get from our colleagues is a file in .pfx format, containing an exportable key and the whole certificate chain.
On the prime server, using openssl 0.9.8, we exportet the key and converted the file to .pem.
When trying to install the certificate, we get the following error code:
prime# ncs key importkey key-nopw.pem newcert.pem repository certificate
INFO: no staging url defined, using local space. rval:2
ERROR: dowload of key-nopw.pem failed. rval:-200
Does anyone have an idea what formats can be used for prime ssl certificates and how to install them?
The official guide has only little information on how to make a csr and install the certificate.
Best regards,
JoergI solved the same problem 5min ago.!
select the device and press syc ..that helped me ... -
Help w/ self-signed certificate in SunOne 5.2 P4
I'm running SunOne 5.2 P4 and I'm very new to the whole SSL thing and want to enable SSL in SunOne for some testing.
However, all attempts at generating and importing a certificate of varying lengths (512, 1024, 2048, 4096 bits) results in the following error in the Certificate Install Wizard of the Console:
"Either this certificate is for another server, or this certificate was not requested using this server."
Could someone point me to some instructions or walk me through the steps for generating self-signed certificates so they will import correctly? All the instructions I have seen so far say to send the "Certificate Request" to a CA for signing. I don't want to do that. I just need it for testing and would like to know how to do it locally. I assume this means self-signing it.
Thanks!!It's not necessarily the server-certificate itself that is self-signed. My guess is that the CA that signed this certificate uses a self-signed certificate for itself.
Your certificate chain might look like this:
Your certificate <<signed by>> Your CA <<signed by>> Your CA
Your CA isn't a trusted issuer by default, therefore you need to import the CA's certificate into the truststore.
Maybe you are looking for
-
I want to know is there a way to open, say 3, Firefox windows and duplicate the actions done on one to happen across all open Firefox windows. I want to use the repeat feature, left click followed by ENTER the whole time on a current thing I'm workin
-
Media encoder won't encode .flv
Hi, Media encoder cc won't encode my x264 codec .flv file. Error: media encoder doesn't support this compression type. This is a .flv that was produced by Xsplit, WWW.xsplit.com
-
Since iCloud Control Panel 3 update, cannot enable Outlook add-in...Outlook crashes
I have been using the iCloud integration for some time now with my Outlook 2010 on a Windows 7 PC. Since I did the recent upgrade to the iCloud control panel to the latest version 3.0, I can no longer use the integration. I have gone through all of t
-
Double space for period. How about comma, too?
It's already kosher with the interface guidelines to double space at the end of a sentence to get a period, so how do I get people on the bandwagon to make the spacebar a dual- or tri-function spacebar: double tap for a comma, period, or question mar
-
Hi, i have a BB Pearl 8120 and it has a problem! I can send BB messages, but i can't receive them if I don't have wifi connection! (but i do send without wifi connection) Sometimes I can connect with internet (browser icon) sometimes I can't I alread