Installing Server Certificate
've created a self signed certificate using the java keytool. When attempting to install the certificate as a Server Certificate using iPlanet 4.1 Server Manager,I receive an error writing to the certificate file. I can install this same certificate as a Trusted CA certificate.
Is there anything I should do different when generating the certificate if I'm going to be using it as a server certificate?
Thanks,
Bob
When starting CMS from command line, it starts correctly, but when i'm trying to start from the admin console, it doesn't work. Also, i tried start from command line and open from admin console, but the admin console says "server off" and the server is already started.
DOES ANYONE KNOW WHAT KIND OF PROBLEM IS THAT???
thanks,
Marcelo
Similar Messages
-
How to Install Server Certificates
1) Sun Web Server -> Admin Console -> Server Certificates
2) Bunch of steps to get to "Step 3: Enter Certificate Data"
Paste the following in the textarea:
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQCv8WAOuA5eohKYuHo0Us7riIDy50a9/mmtSmkR3Libd1Kv51IE
7nE86bnsEYGG6JRxnDI207DAQ2k1UZxonoJ3D24K0g==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIBuzCCASSgAwIBAgIGARatBajmMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNVBAMM
w/1y6NyccF7+/7nIntaT
-----END CERTIFICATE-----3) Finish up the rest of the steps.
I get:
An error has occurred
com.sun.web.admin.exceptions.AdminException: ADMIN4112: No Private key foundWhat did I do wrong?It seems you didn't generate the certificate based in a certificate request generated via the webserver console.
The full steps to install a certificate are:
1. Create the certificate database in webserver console(Sun Web Server -> Admin Console -> Server Certificates). You must enter a passphrase.
2. Create a certificate request in webserver console.
3. Sign the certificate request and generate the certificate with your CA (can be verisign)
4. Install the certificate in webserver.
Hope it helps. -
Install fails at "Generating public key and SQL Server certificate"
I'm attempting to install a Child Primary Site and am running into an issue.
Currently there is a CAS and another Child Primary Site already deployed and running fine.
I've re-installed the SQL instance for the Site I'm having an issue with as well as re-installed Server 2008 R2 for this site.
During install I'm getting the following:
Failed to retrieve SCCM-SQL.domain.local SQL Server SerializedEncodedCertificate. $$<Configuration Manager Setup><02-11-2014 08:47:54.180+480><thread=4572 (0x11DC)>
ERROR: Failed to read CAS SQL Server information, store CAS SQL Sever certificate or register connection to the CAS database. $$<Configuration Manager Setup><02-11-2014 08:47:54.180+480><thread=4572 (0x11DC)>
Invalid certificate $$<Configuration Manager Setup><02-11-2014 08:47:54.212+480><thread=4572 (0x11DC)>
WARNING: Failed to remove SCCM-SQL.domain.local SQL Server certificate from store (TrustedPeople) on site server (FS1.domain.local). $$<Configuration Manager Setup><02-11-2014 08:47:54.212+480><thread=4572 (0x11DC)>
The SQL instance has permissions added for the Computer account as well as the username that is being used to install the Site. Any leads on what is giving me this headache?Yes, each instance is currently running SQL Server 2008 R2 10.50.2811. Also, they all are on the same collation of SQL_Latin1_General_CP1_Cl_AS.
-
Not able to install or generate acs server certificate
Hi,
I have one test set-up with one layer 3 switch and one autonomous AP 1131. I have configured one SSID and without any authentication and it was not able to connect successfully.
But now i want to try enable WPA2 enterprise ( Actually , after checking with the test set up , i am going to implement in live set-up where i have to configure WPA2 enterprise so that i would like to go for testing wpa2 enterprise not wpa2 personal ).
I have ACS server 3.0 trial version and installed on windows server 2000 and
on AP 1131 i have configured radius server commands
( aaa- new model and radius server host ... ip address ... key ..... shared secret ... password .. ).
I am confused with certificate which is required to install on acs server but i am not able to generate the certificate or not able to get the certificate from anywhere in acs server option.
how to generate acs server certificate in trial version 3.0 and after generating how to install in acs server and what about client ... will it be same certificate which i need to install in cllient PC's and if yes how to add in client pc's and if not , where will i get cllient certificate ,..
if i buy ACS software which i will be installed windows platform , i will get two certificate ,,,,,,,,, what about acs trial version software .... will i be able to get certificate .......
i am trying to refer so many documents but it could not help me ..
Your help will be appreciative.
Looking for proper information.Hi,
Thanks for your response ....
obivously , This ACS 3.0 is end of supprt but when i tried to install the acs 4.0 or later , I am not getting an error saying " basic platform should be installed first , that is ACS 3.0 ".
That is the reason i have gone for this edition .
Should i go for upgrading the acs 3.0 to 4.1 or later version ?
if so , will it be possible on trail version ?
please give me your suggestion. -
Install SSL certificate - OS X Server 10.8.2
Greeting All,
I am using OS X Server 10.8.2 with Server.app 2.2 and self-signed SSL sertificate. And I try use CA form Verisign.
I already success create CSR and get trial SSL certificate form Verisign. But I found I can't install SSL certificate correct and made it use in Profile Manager 2. When I check Profile Manager 2 in Server.app 2.2. I only see self-signed intermediate CA.
I check Apple on line guide and support site of Verisign but not found any latest guide of how to install it in Server.app. Any advice is welcome.
Thanks,
SpinIf you purchased the SSL certificate, you have to convert the certificate to "PEM"
https://www.sslshopper.com/ssl-converter.html -
Installing SSL Certificates on OS X 10.7 Lion Server
Is there anybody out there that has gotten this to work.
Have been at this for 3 days. Now on 10th clean install.
Have tried different SSL certificates from different CA vendors. All on clean installs.
Can install along with intemediate certificates.
Differnet SSL checkers report differing results. Some will report as fine whilst others will report that the chain is broken.
Some examples:
https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=conten t&id=SO9556&actp=LIST&viewlocale=en_US
Will report a double entry
http://www.digicert.com/help/
will report a break between the server certificate and the first intermediate certificate which it recognises as the same server certificate (weird!)
https://www.ssllabs.com/ssldb/analyze.html
Will report "incorrect order"
http://www.sslshopper.com/ssl-checker.html
Seems to report as fine although you will notice the server certificate twice in the chain again first as Server then first link in chain
I assure you have only installed certificates once (1 for purchased cert and 1 for intermediate) at the beginning of a clean install.
At a loss with this and very frustrated after 3 days getting no where.
Anyone able to help?https://certs.godaddy.com/ccp/tools/sslinstallvalidator.seam
Will report "Chain of Trust broken!"
All this despite being able to access the server over SSL just fine. Need to get this to work properly though to make use of profile manager. -
Hi,
We are trying to install SSL certificate (Verisign Class 3) on iPlanet Web Server (version 7). However, at the final step we are getting the error "ADMIN4118: Only one server certificate can be installed at a time"
We are following the below steps,
Under "Server Certificates" tab,
-> Click on "Install" button.
-> On "Select Configuration" click on "Next" button.
-> On "Select Tokens and Passwords", select default token as "internal" and click on "Next" button.
-> On "Enter Certificate Data", select option as "Certficate File" and give path to the certificate file which is having .p7b extension
-> On "Certificate Details" we are getting warning as "Duplicate Server Details Found" and it's by default using the existing certificate's nickname.
-> On "Review" page after clicking "Finish" button, an error is displayed saying "ADMIN4118: Only one certificate server can be installed at a time"
There are multiple sub-domains availble and the new certificate we want to install contains one more sub-domain.
So, say currently the subdomains present are,
1.abc.com
2.abc.com
so on...
and now we are trying to install a SSL certificate having one more subdomain say 10.abc.com.
Please let us know if you have solution to this problem.
Thanks,
RajeshHi Rajesh,
That error is most commonly seen when you are trying to install a certificate chain into the Web Server.
The chain should be installed using the "Certificate Authorities" tab per the following steps:
1) Login to the Admin Console.
2) Click Edit Configuration from Common Tasks > Configuration Tasks.
3) Click the Certificates > Certificate Authorities tab from the Configurations page.
4) Click the Install... tab from the Certificate Authorities (CAs) page.
An Install CA Certificate Wizard opens. The wizard guides you through the settings available for installing a Certificate Chain. Select Certificate Chain when prompted for Certificate Type.
You should then see the CA and intermediate certificate(s) listed in the security database.
If you have access to MOS, more details can be found in the MOS KM Note:
Oracle iPlanet Web Server - 'ADMIN4118: Only one server certificate can be installed at a time' When Installing Certificate Chain (Doc ID 1925025.1)
regards
Tracey -
Install SSL certificate for Oracle HTTP server
I received a PFX file that contains an SSL wildcard certificate for our company *.xyz.com.
I used this tool "xca" to extract two files: "server.crt" and "serverkey.pem".
I want to install this on the oracle 11g HTTP server (OHS) installed as standalone based on apache 2.2
With oracle, i have to create a wallet and point the SSL.CONF wallet directive to use that wallet.
I used Oracle Wallet Manager to create it and import the certificate but this is where i am having a problems.
First I could not restart the web server but the it worked but I got SSL handshake errors (Shown below).
According to oracle steps, I have to create a CSR and then import the certificate into the wallet
http://www.apache.com/resources/how-to-setup-an-ssl-certificate-on-apache/
However, when I tried to use Oracle Wallet Manager, there were two options: import server certificate and trusted certificate.
The import server certificate was greyed out. I had to create a CSR just to get it enabled but I did not use the CSR, i just imported the "server.crt" file.
I also tried to import the "serverkey.pem" into the trused certificate option but was rejected (invalid certificate).
Do you know how to create a successful wallet based on the files i have and not creating a CSR since i already have a certificate file?
2013-05-04T20:11:40.2718-04:00] [OHS] [ERROR:32] [] [core.c] [host_id: ptp.xyz.xom] [host_addr: 10.72.11.211] [pid: 11339] [tid: 1253263680] [user: root] [VirtualHost: ptp.xyz.xom:443] nzos handshake error, nzos_Handshake returned 29040(server ptp.xyz.xom:443, client 10.60.117.121)
[2013-05-04T20:11:40.2719-04:00] [OHS] [ERROR:32] [] [core.c] [host_id: ptp.xyz.xom] [host_addr: 10.72.11.211] [pid: 11339] [tid: 1253263680] [user: root] [VirtualHost: ptp.xyz.xom:443] NZ Library Error: Unknown error
[2013-05-04T20:11:40.4774-04:00] [OHS] [ERROR:32] [] [core.c] [host_id: ptp.xyz.xom] [host_addr: 10.72.11.211] [pid: 11339] [tid: 1263753536] [user: root] [VirtualHost: ptp.xyz.xom:443] unusably short session_id provided (0 bytes)
[2013-05-04T20:11:40.4776-04:00] [OHS] [ERROR:32] [] [core.c] [host_id: ptp.xyz.xom] [host_addr: 10.72.11.211] [pid: 11339] [tid: 1263753536] [user: root] [VirtualHost: ptp.xyz.xom:443] nzos handshake error, nzos_Handshake returned 29040(server ptp.xyz.xom:443, client 10.60.117.121)
[2013-05-04T20:11:40.4776-04:00] [OHS] [ERROR:32] [] [core.c] [host_id: ptp.xyz.xom] [host_addr: 10.72.11.211] [pid: 11339] [tid: 1263753536] [user: root] [VirtualHost: ptp.xyz.xom:443] NZ Library Error: Unknown error
[2013-05-04T20:11:40.6814-04:00] [OHS] [ERROR:32] [] [core.c] [host_id: ptp.xyz.xom] [host_addr: 10.72.11.211] [pid: 11339] [tid: 1274243392] [user: root] [VirtualHost: ptp.xyz.xom:443] unusably short session_id provided (0 bytes)
[2013-05-04T20:11:40.6816-04:00] [OHS] [ERROR:32] [] [core.c] [host_id: ptp.xyz.xom] [host_addr: 10.72.11.211] [pid: 11339] [tid: 1274243392] [user: root] [VirtualHost: ptp.xyz.xom:443] nzos handshake error, nzos_Handshake returned 29040(server ptp.xyz.xom:443, client 10.60.117.121)
[2013-05-04T20:11:40.6816-04:00] [OHS] [ERROR:32] [] [core.c] [host_id: ptp.xyz.xom] [host_addr: 10.72.11.211] [pid: 11339] [tid: 1274243392] [user: root] [VirtualHost: ptp.xyz.xom:443] NZ Library Error: Unknown errorI do not have weblogic installed. I only have standalone 11g HTTP server with mod_plsql.
If i can get OWM working to create a successful certificate them the problem would be resolved.
I am just not sure what is Root Certificate and Trustworthy Certificate and how to get that from the files i have. -
Installed Server, Got certificate added in server and Mac keychain. Can't Send Mail
Hi,
I dove into server tonight. In a fit of overconfidence, I installed it on my main Macintosh as it is the only compatible machine. I wanted to run it while doing other things so i put it on my main login. I got a certificate from my Godaddy account and got it installed on server. I quit server and opened Mail and I cant send mail as it is trying to use the new certificate I believe. I downloaded and added the certificates to keychain and I see them.
The Message: An error occured while trying to sign this message with a certificate from "$%^[email protected]". Verify that your certificate for this address is correct and the private key is on your keychain.
How can I either make the certificate work for mail, add the private key to my keychain or delete the key so that mail uses whatever it was previously using?
Thanks A Million!
VcPragman,
I surely could be confusing the two. I actually didn't want to do anything with mail in server yet. I installed server. Spent some time trying to get it set up, quit server and returned to my normal (client) work. I tried to send an email from my main account and got an error message in the client mail app referring to the certificate.
The Message: An error occured while trying to sign this message with a certificate from "$%^[email protected]". Verify that your certificate for this address is correct and the private key is on your keychain.
I have had the domain name and the cretificate came in that package. I was not even going to make it available to the outside world for some time. I just wanted the server up so i could practice working with it. I am moving from strictly creative IT (logic, Pro Tools etc.) to an environment that is more corporate and requires a bit of server knowledge. Luckily i have a bit of time to learn about it. i am obviously clueless as of now.
Sincere thanks for your help.
V -
Installing SSL certificate Windows Server 2012R2 RDSH servers
Hello,
I'm currently in the final fase of installing an functional Remote Desktop (Windows Server 2012R2) environment. The only problem i have, which i try to complete several days now without any luck, is the installation of our WildCard SSL certificate on de
Remote Desktop Session Host servers (farm).
We have 1 gateway server which is also the connection broker. On this server i have installed (using the Deployment Properties of the Session Collection) the certificate on all available levels. But still, when i try to connect to our Remote Desktop Servers
i get the automatically created certificate from the Remote Desktop Session Host servers. The certificate works for all the other functions (gateway etc.)
The servers are joined to the domain, and the wildcard certificate = *.zon-ict.nl.
Below the screenshot of the deployment settings.
Can someone point me in the right direction for installing the certificate on the RDSH servers?Hi,
Thank you for posting in Windows Server Forum.
Basic requirements for Remote Desktop certificates:
1. The certificate is installed into computer’s “Personal” certificate store.
2. The certificate has a corresponding private key.
3. The "Enhanced Key Usage" extension has a value of either "Server Authentication" or "Remote Desktop Authentication" (1.3.6.1.4.1.311.54.1.2). Certificates with no "Enhanced Key Usage" extension can be used as well.
Please follow beneath article for details.
Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services
http://blogs.technet.com/b/askperf/archive/2014/01/24/certificate-requirements-for-windows-2008-r2-and-windows-2012-remote-desktop-services.aspx
Hope it helps!
Thanks.
Dharmesh Solanki -
Password parameter not working while Installing the certificate hosted on a Web Application Server
Hi,
We are trying to secure our SAP BI Mobile connection with certificates. According to the manual we are storing a password protected certificate on a network location.
On our ipad when I open the link: (according to manual: Administrator and Report Designer's Guide , chapter 4.14.2.1 Installing the x509 Certificate on Device)
SAPBI://action=downloadcert&certurl=<Download URL>&Password=abc123
It should open and install the certificate in the app without asking for the password. But thats not working. It does ask for the password. So I can access the certificate location and after entering the password it works. But I am giving the password parameter in the link so why is this not working?
The guide is a bit contradictory, and I quote:
"If you access the second link above: The application is launched and the certificate file is downloaded from the URL location (certurl).
The certificate is directly installed on the device."
But second quote:
"NOTE:
Since the password is already included in the URL, the application does ask the user for the password...."
My question: what is the use of this password parameter if you still have to enter it manually?
Does anybody know if this should work, and what I might be doing wrong?Hi , i am facing the same issue. I'll open a incident.
Martin -
Hi,
I hope your questions is like this.
one instance is there, and want to install multiple server certs.
Ans:-
I don't think you can install individual certs for all of them. which is not possible, but you can install server certs for particular classes.
In one instance,you can have multiple h/w virtual servers each binded to one ip.
This is possible in iws 6.0,you can install different certs for different virtual classes.
Thanks,
Daks. -
How to add a certificate to IIS global "Server Certificates" list using PowerShell?
Hi, been surfing the web for an example on how to add a certificate to the "global" IIS "Server Certificates" list using PowerShell but to no luck. I already have code in place on how to tie / associate a specific website with a specific cert but not how
to add the new .cer file using the "Complete Certificate Request..." wizard using PowerShell.... I dont expect the final code to become published but if someone had an idea on howto integrate / get an entry point on where to interact between the "Server Certificate"
list in IIS and POSH I would be super happy! :|
I am runnign IIS on a Windows 2008R2 x64 Standard Edition if that helps..... of course, I would saddle for an CLI if there is no other way, but POSH is of course the way to go! :)
Thanks for the help in advance guys, take care!
br4tt3Hi and thanks for the suggestions!
Although it comes close, the suggested code example points on howto import / incorporate .pfx files - I am getting fed by .cer files which I need to add into the IIS console using POSH.
I tried explore the IIS.CertObj object but was not able to work out if this one could be used for importing / adding .cer files into IIS! However, launching the following command from a POSH console with Import-Module Webadministration already
loaded into that shell;
$certMgr = New-Object -ComObject IIS.CertObj returns the following error message:
New-Object : Cannot load COM type IIS.CertObj
From an IIS perspective I have the following components installed;
[X] Web Server (IIS) Web-Server
[X] Web Server Web-WebServer
[ ] Common HTTP Features Web-Common-Http
[ ] Static Content Web-Static-Content
[ ] Default Document Web-Default-Doc
[ ] Directory Browsing Web-Dir-Browsing
[ ] HTTP Errors Web-Http-Errors
[ ] HTTP Redirection Web-Http-Redirect
[ ] WebDAV Publishing Web-DAV-Publishing
[X] Application Development Web-App-Dev
[ ] ASP.NET
Web-Asp-Net
[X] .NET Extensibility Web-Net-Ext
[ ] ASP
Web-ASP
[ ] CGI
Web-CGI
[ ] ISAPI Extensions Web-ISAPI-Ext
[ ] ISAPI Filters Web-ISAPI-Filter
[ ] Server Side Includes Web-Includes
[ ] Health and Diagnostics Web-Health
[ ] HTTP Logging Web-Http-Logging
[ ] Logging Tools Web-Log-Libraries
[ ] Request Monitor Web-Request-Monitor
[ ] Tracing
Web-Http-Tracing
[ ] Custom Logging Web-Custom-Logging
[ ] ODBC Logging Web-ODBC-Logging
[X] Security
Web-Security
[ ] Basic Authentication Web-Basic-Auth
[ ] Windows Authentication Web-Windows-Auth
[ ] Digest Authentication Web-Digest-Auth
[ ] Client Certificate Mapping Authentic... Web-Client-Auth
[ ] IIS Client Certificate Mapping Authe... Web-Cert-Auth
[ ] URL Authorization Web-Url-Auth
[X] Request Filtering Web-Filtering
[ ] IP and Domain Restrictions Web-IP-Security
[ ] Performance Web-Performance
[ ] Static Content Compression Web-Stat-Compression
[ ] Dynamic Content Compression Web-Dyn-Compression
[X] Management Tools Web-Mgmt-Tools
[X] IIS Management Console Web-Mgmt-Console
[X] IIS Management Scripts and Tools Web-Scripting-Tools
[ ] Management Service Web-Mgmt-Service
[ ] IIS 6 Management Compatibility Web-Mgmt-Compat
[ ] IIS 6 Metabase Compatibility Web-Metabase
[ ] IIS 6 WMI Compatibility Web-WMI
[ ] IIS 6 Scripting Tools Web-Lgcy-Scripting
[ ] IIS 6 Management Console Web-Lgcy-Mgmt-Console
[X] FTP Server Web-Ftp-Server
[X] FTP Service Web-Ftp-Service
[X] FTP Extensibility Web-Ftp-Ext
[ ] IIS Hostable Web Core Web-WHC
More or less the one thing that I am trying to get up and running is an automated FTPS solution - I just use the IIS console to be able to troubleshoot / compare how things scripted from POSH interacts in the MMC representation. The error I am getting
might be that I am lacking some IIS components to be in place to be able to automate some parts of the IIS - as suggested by the IIS.CertObj object listed in the example..... I will get back if I can track down which component needs to be added to be
able to reference the IIS.CertObj object.
Br4tt3 signing out...
br4tt3 -
How can I make Firefox trust a Server Certificate by Default?
I'm trying to distribute Firefox via Empirum. All settings are made using the CCK-Wizard Addon.
When I import our Certificates in CCK-Wizard, I can make trust-settings for CA's, but not for Server Certificates, and so the SC isn't trusted by default.
Is there any way to make the trust Settings for SC's in the install package, maybe through an option in about:config (didn't find any, but maybe somebody knows more than google :P )?
I tried to do it like PRF_1 suggested here https://support.mozilla.org/de/questions/687296#answer-112220 but in the last step I got an Error 1: C compiler cannot create executables.
Regards,
BowserHello,
'''Try Firefox Safe Mode''' to see if the problem goes away. Safe Mode is a troubleshooting mode, which disables most add-ons.
''(If you're not using it, switch to the Default theme.)''
* On Windows you can open Firefox 4.0+ in Safe Mode by holding the '''Shift''' key when you open the Firefox desktop or Start menu shortcut.
* On Mac you can open Firefox 4.0+ in Safe Mode by holding the '''option''' key while starting Firefox.
* On Linux you can open Firefox 4.0+ in Safe Mode by quitting Firefox and then going to your Terminal and running: firefox -safe-mode (you may need to specify the Firefox installation path e.g. /usr/lib/firefox)
* Or open the Help menu and click on the '''Restart with Add-ons Disabled...''' menu item while Firefox is running.
[[Image:FirefoxSafeMode|width=520]]
''Once you get the pop-up, just select "'Start in Safe Mode"''
[[Image:Safe Mode Fx 15 - Win]]
'''''If the issue is not present in Firefox Safe Mode''''', your problem is probably caused by an extension, and you need to figure out which one. Please follow the [[Troubleshooting extensions and themes]] article for that.
''To exit the Firefox Safe Mode, just close Firefox and wait a few seconds before opening Firefox for normal use again.''
''When you figure out what's causing your issues, please let us know. It might help other users who have the same problem.''
Thank you. -
How to install a certificate in OC4J
Hi I want to connect a server from a java method in Jdeveloper (from local machine) using api which needs a certificate to be installed in the caller.
I have installed the certificate in my machine by clicking the certficate file and clicking the Install Certificate option.
But still the error is comming. Do I need to add the certificate somewhere in Jdeveloper? How?
The error message is:-
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=userx,ou=employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
javax.naming.CommunicationException: simple bind failed: ldapu.xyz.gov.sg:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=non-employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=non-employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
javax.naming.CommunicationException: simple bind failed: ldapu.xyz.gov.sg:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
Creating ldapContext for user =>uid=dbc13,ou=employee,o=xyz,c=sg
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
Establishing the LDAPConnection with the below env params =>
{java.naming.provider.url=ldap://ldapu.xyz.gov.sg:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.version=3, java.naming.security.principal=uid=dbc13,ou=employee,o=xyz,c=sg, java.naming.security.authentication=simple, com.sun.jndi.ldap.connect.pool=true, java.naming.security.credentials=password, java.naming.security.protocol=ssl}
javax.naming.CommunicationException: simple bind failed: ldapu.xyz.gov.sg:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
[Ljava.lang.StackTraceElement;@193385dsg.gov.xyz.ldap.base.LDAPException: Unable to connect to the server.[simple bind failed: ldapu.xyz.gov.sg:636]
Thanks in advance
Sam
Edited by: Sam on Nov 16, 2010 9:50 PMHi. To SSL comunication between the local machine and remote server with jndi, only need install or register the ca-certificate with keytool in the local machine. This instructions can help you:
/oracle/oas/10.1.3.1/soa/jdk/bin/keytool -import -keystore /oracle/oas/10.1.3.1/soa/jdk/jre/lib/security/cacerts -trustcacerts -file /oracle/certificates/DcDg04Cert2.cer -alias alias_name -storepass store_pass
Bye.
Maybe you are looking for
-
Hi guys I want to make a report which contains storage location wise WBS element stock. Is it their in the base product, i have tried through mb51 but it is not very convincing. Thanks & Regards Rashid Imam
-
Hi All, I am getting the following error in sxmb_moni, other interfaces are working fine only for one of the scenarios this error is coming. Scenario: BPM<->SOAP <SAP:Category>XIAdapterFramework</SAP:Category> <SAP:Code area="MESSAGE">GENERAL</SAP:
-
What can I do to fix this problem?
when I create an account in icloud appears to me, you have exceeded the limit for free accounts, what can I do to fix this problem?
-
I am planning to buy an iPhone 4 from US during my visit there next month and want to use this iphone in India with a different carrier other than AT&T and Verizon. Is it possible to do so? Is there a way out i can use in India the iphone purchased
-
Is there a way to view my documents on my iPhone without having to download iWork for the iPhone?
Hello, I have documents on the iCloud that I have uploaded from my Macbook Pro, and I am just wondering if it is possible to view these documents on my iPhone without having to download the iWork for the iPhone... Your response will be greatly apprec