ISE Cert profile - SAN vs Common Name

Similar Messages

• Creating CSR with multiple common names in a single CSR

  Hello Gurus,
  We are configuring SSL for which we were in the process of generating CSR from Oracle HTTP server. But we want to use multiple URL's for a server. For example
  domain.example.com will be our primary URL and domain2.example.com would be our secondary URL.
  Following are the questions/doubts that I have -
  1. Can we mention multiple Common Name [CN] in the single CSR.
  2. IF we mention our primary URL in the Common Name field , while generating the certificate can we mention secondary URL in the Subject Alternative Field[SAN]?
  3. If we can mention the secondary URL in SAN, will it create Certificate import error while we import the generated certificate in OHS.Any help will be highly appreciated and if that really helps will be marked as helpful/correct.
  Thanks
  Saurabh

  Hello,
  If you are certain then what does this line mean
  Please note that in FMW 11g. regardless of how the Wallet is created or the Wallet type used, use of Wildcard Certificates e.g ".domain" are not supported as Oracle deems them insecure.*
  This line is from My Oracle Support *Understanding Wallets and Keystores in Fusion Middleware 11g [ID 1218603.1]*
  Edited by: hyperEPM on Jun 8, 2012 5:04 PM

• SSL Certificate common name (host name field) is incorrect

  When user open the Microsoft Office Project and connect to their PWA site, they will get the message "SSL Certificate common name (host name field) is incorrect".
  Which area that I look start looking at? The client computer or the server itself? The cert expiration date was still long way to go.
  teikboon

  What is the url user is accessing, hotname/pwa or mycompany.com/pwa
  Certificate is issued by using hostname or something else?
  Hrishi Deshpande – Senior Consultant DeltaBahn
  Blog | < |
  LinkedIn
  Please click Mark As Answer; if a post solves your problem or Vote As Helpful if a post has been useful to you.This can be beneficial to other community members reading the thread.

• SSL protocol error.  Certificate is either invalid or common name or authority are not recognized. I

  Hi, I have problems when I tried to open a PDF document with a police of RM generated in the Laundpad, I use a self-signed ssl certificates with the common name https://127.0.0.1:8443 and the base URL in the configuration is the same. I have tried to resolve this issue during a week but i could it and I do not understand how to solve it.
  If anybody can help me, please. This is the picture when I try to open a PDF file with RM policies. Thanks

  So the CN  value should be without the ":8443" addition when creating the cert file?
  Further: Ive installed and trusted the certificate in the personal and the trusted root certifcation auth.
  When opening the URL: https://192.168.1.35:8443/adminui/ in Firefox i get the following error:
  @ IE i get:
  Thanks for looking in to this!

• LSMW to Load Cert Profiles (QC01) & handling Blank Fields

  I have been trying to create an LSMW to Create New Certificate Profiles (Transaction QC01).  As their doesn't seem to be any other way of doing it I have been creating the LSMW with Standard Batch Input Recording. 
  The first problem I had was that each Cert Profile (master record) may contain many Characteristic Detail Records.  There is however no way of indicating next record when doing the recording.  To fix this problem someone suggested determining the max # of Char Detail records I have and do one long recording with all 9 char's filled in.  Using this method I only have one source structure and a very long list of source fields for that structure.  Therefore everything pertaining to each cert is one long record.  e.g.,
  Cert Type:      Cert
  Cert Profile:   Profile_A
  Cert Version:   00001
  Tdname:         My_Logo
  Search Field:   My Search Text
  Short Text:     My short text
  Sortnr_1:       My 1st Char #
  Kategorie_1:    My 1st Category
    and so on for all fields for the 1st character and then
    we go onto the 2nd char
  Sortnr_2:       My 2nd Char
  Kateforie_2:    My 2nd Category
    and so on for all fields for the 2nd character and then
    we go onto the 3rd char.  This keeps going for 9
    characters
  My LSM runs fine until it gets to the 1st of the 9 char's that does not exist.  Meaning that my Recording and source files all have 9 characters, but the data file may only have 2.  When it gets to the 3rd one (i.e., sortnr_3 for the 3rd characteristic it complains and says to enter a value between 1 and 9999.  For the Maintain Mappings I do have each of the fields set with the IS NOT INITIAL FLAG so it puts a / in. 
  if not CERTPROFILESCHAR_STR-SORTNR_3 is initial.
    QC01_CERTPROF-SORTNR_3 = CERTPROFILESCHAR_STR-SORTNR_3.
  endif.
  How can I get this LSMW to work when the recording is based on 9 character details, but the data file may be based on anywhere between 1 to 9?  Or is there another way to do this?
  HELP Please and thank-you.

  Hi,
  Let me know whether it is required field or optional field.if it is required it should not accept you this kind of records.if it is optional then then in flat file you give a TAB space like bellow.
  vendor details in flat file
  1)  100000      USA          HDFC           1054621450
  2)   100004      USA                                   3040000578
  From above example vendor 1 has bank name HDFC,but 2 doesn't has any bank name.so pace the cursor atend letter of USA and enter tab twice and save the flat file.
  by doing this the system doen't fill any data into that field,if you dont maintain this tab, the account specifyied as 3040000578
  will be fetched for the field bank name.
  Try this and let me know.
  Thank you.

• Error when creating a user - IAM-3010183 : An error occurred while checking if a user already exists with the Common Name generated.

  Error when creating a user - IAM-3010183 : An error occurred while checking if a user already exists with the Common Name generated.

  in OIM 11g R2
  Message was edited by: 2b3c0737-074f-48d0-a760-e24e3ed9a37c

• OIM 11g R1 - Generate Common Name

  Hello,
  if i create a new user in OIM the common name will be greate with <firstnam> <lastname>.
  Instead of a "blank" i need a "." between <firstnam> <lastname>. The common name should looks loke <firstnam>.<lastname>
  How do i edit this settings?

  write your own event handler to generate the commn name as per ur loggic.
  also check the system property  CommonNameg eneration plugin (XL.DefaultCommonNamePolicyImpl) , if you can find any clue there.

• Appearance of Digital Signature/Common Name

  Hi,
  I'm using Adobe Professional 8.1.2 and I'm able to create a digital signature except that it's appearance is broken up.  For instance if my name "Maryann Doe" it appears on documents as:
  Marya
  nn Doe
  It's broken up and I can't find way to fix this.  I also have another signature that uses my computer login name of "ABCDE" as my common name. I can't find a way to change that either to input my real name.  Any suggestions would be greatly appreciated!
  Thank you!

  Hi,
  For the first problem (word wrap).  The problem you are encountering is if "Maryanne Doe" is too long to fit in half of the signature field, the text wraps to the next line. The signature appearance that is written into the signature field consists of two halves. The left half contains the graphic properties and the right half contains the text properties.
  You need to lengthen the width of the area where the graphics portion of the signature is contained. You can do this one of two way. Either lengthen the physical dimensions of the signature field before you sign. Or, you could create a custom signature appearance where you turn off all of the text properties, which has the effect of giving the whole signature fields over to the graphics portion. To play with custom signature appearances:
  Select the Edit > Preferences (Win) or the Acrobat > Preferences (Mac) menu item
  Select Security from the Categories list box
  Click the New button in the Appearance group box
  If you select the No Graphic radio button you give all of the space to the text portion. If you deselect all of the checkboxes in the Configure Text area, you give all of the space to the graphics portion.
  While you are in the Preferences dialog, select Identity from the Categories list box. Go ahead and fill in all of the editable fields. This is where the data is procured during the creation of a self-signed digital ID. I think that will fix the second issue you raised.
  Steve

• Can we see all the Technical names and field/common names in one screen

  Hi SAP Gurus,
  Can any one plz. clearify the querry of 'all the technical names, field names, common names, table names in one screen? if so, how?
  Thanks inadvance
  Regards
  Namrata

  Hi,
  For a particular screen,if u want to see all the technical data,
  Go to system->status->screen->double click on the screen->flow logic.
  Regards,
  Manoj.

• The https URL hostname does not match the Common Name (CN) on the server.

  Hi,
  I am getting the following error while trying to use https with our self-signed certificates.
  javax.xml.ws.soap.SOAPFaultException: Marshalling Error: The https URL hostname does not match the Common Name (CN) on the server certificate. To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
  The above error is the error I get, when I try to use the Web Services using https.
  I have added the following lines in cxf.xml but it still doesn't seem to work correctly.
  <http-conf:conduit name="*.http-conduit">
  <!-- deactivate HTTPS url hostname verification (localhost, etc)
  WARNING ! disableCNcheck=true should NOT be used in production -->
  <http-conf:tlsClientParameters disableCNCheck="true" />
  Kindly let me know on what would be the issue here?.

  I had P2V'd a SQL 2008 server and was having this issue.  I tried everything I could find to get the affinity corrected; setting the Lock Pages security policy, trying the affinity commands in Single User mode, etc.
  Then wrighbar's response got me headed in the right direction, but I ran into an issue where the previous engineer had set the Physical SQL server to have affinity on procs 9-16 of a 16 proc box, I could only set up to 8 procs on my VM.  After searching
  for a while for registry keys or config files that might be editable to change the affinity I couldn't find where SQL got that information from.  Finally it hit me, maybe it's stored in the master or msdb datatbases.  
  SOLUTION: I was able to go back to the original Physical machine, change the affinity settings there, Stop SQL on both boxes, then copied MASTER, MODEL, MSDB, TEMPDB from the original Physical machine to the new virtual machine.  All services started
  OK on the virtual machine now and affinity was set the way I needed it.

• CommonSearchParseException: Error building query, common name {0} specified

  Hi,
  I have installed Content Server and I have setup CIS on Oracle OC4J standalone. I have also validated the configuration by the action "Validate communication with Oracle Content Server".
  I tried to execute the sample program CommonSearch from SDK.
  The program is taking a default query as "$author <substring> 'Adm'" and default metadata map from /resources/ucpmcommon-metamap-default.xml ]
  But I got the following error:
  CommonSearchParseException: Error building query, common name {0} specified but is not mapped.
  at com.stellent.cis.client.command.impl.services.CommandExecutorService.executeCommand(CommandExecutorService.java:62)
       at com.stellent.cis.client.command.impl.CommandFacade.executeCommand(CommandFacade.java:158)
       at com.stellent.cis.client.command.impl.BaseCommandAPI.invokeCommand(BaseCommandAPI.java:84)
       at com.stellent.cis.client.api.common.search.impl.CISSearchAPI.search(CISSearchAPI.java:59)
       at com.stellent.cis.sdk.samples.search.CommonSearch.execute(CommonSearch.java:78)
  I have configured the adapterconfig.xml matching the CIS adapter config in OC4J as given below:
  <?xml version="1.0" ?>
  <config>
       <adapter type="scs" default="true" name="myadapter">
            <config>
  <property name="port">4444</property>
  <property name="host">localhost</property>
  <property name="type">web</property>
  <property name="contentServerAdminID">sysadmin</property>
  <property name="contentServerAdminPassword">idc</property>
            </config>
            <beans template="classpath:/META-INF/resources/adapter/adapter-services-scs.jxml"/>
       </adapter>
  </config>
  My metada map is the default mapping as follows
  <metamap>
  <adapter name="scsadapter">
  <common>
  <map name="Title" native="dDocTitle" />
  <map name="Author" native="dDocAuthor" />
  <map name="Date" native="dInDate" />
  <map name="ID" native="dID" />
  </common>
  <contribution>
  <!-- native fields are used only for contribution -->
  <native name="comments" default="" override="true" />
  <!-- common fields refer back to common map, can also be tagged with default and override attributes -->
  <common name="title" />
  <common name="author" />
  </contribution>
  </adapter>
  </metamap>
  When is this error "common name {0} specified but is not mapped" thrown? Is my metadata map file correct?
  Thanks
  Raji

  Hi,
  I changed the query and executed the program, still getting the same error. I have followed the instructions in CIS developer guide to create the metamap file but unable to figure out the reason for the error. Any other suggestions?
  Thanks
  Raji

• Common Name on SSL certificate

  I was wondering if anyone can tell me whether the Common Name on the SSL certificate (which I plan to request from Verisign) MUST be the same as the name of the Sun One 6.0 SP6 web server instance.
  For example, if my server name in the Servers tab is "svr9999.mycompany.com" but I have a DNS alias giving the machine the name "www.mycompany.com", can I use the "www.mycompany.com" name for the certificate, or does is have to be the actual "svr9999.mycompany.com" name in the Server tab?
  If that is possible, is there any "special" stuff I need to do to accomplish it?

  Yes, I found today that it worked fine to make the Common Name on the certificate be the DNS name I want the world to use (even though it differed from the internal name of the server instance).

• How doI change my last name on my bill and profile? Using maiden name, need to update to married name

  How doI change my last name on my bill and profile? Using maiden name, need to update to married name

  Yea its a good thing to update because 95% of the Time a Rep. may ask for the Primary owner of the lines and if your not that person you can't hardly do squat with it. Case in point with my With our Lines my Mom was the Primary owner and i couldn't do Anything with out them wanting to talk to her first. Getting a Phone, Making Changes, Check statuses, Heck there was one time i remember i couldn't even pay the bill not exaggerating there it was basically out of my Hands my Mom got tired of this and she changed it.. Now that i'm considered as second Owner and i can do as only my mom could there are a still a Few rare occasions that a Rep will ask for her on but for the Most of it i have free Range with the Account..  b33

• MSE-provided location used with ISE Authorization Profile

              Hello Everyone,
  Can MSE-provided location be used in an ISE Authorization Profile?
  Thanks much,
  David D.

  Yes, ISE 1.2 can used this feature if it is used with Merridian or Ironmobile integration. and This is still in Road Map.

• Profile MSD_DEM : Category Set Name

  Hi All,
  Can someone share the details of Profile MSD_DEM : Category Set Name.
  I have gone through Implementation guide, but i am still looking for more details.
  Also would like to know, If this profile is linked to Item level hierarchy in Demantra ? and How?
  Thanking you all.

  Please look into below MOS Notes:
  Inquiry About Profile MSD_DEM: Category Set Name [ID 549565.1]
  thanks