NAC and SSL - fails to import password protected private key

I am attempting to import an SSL certificate on my CCA Manager and Server. I purchased a wild card SSL cert *.domain.com. The private key used to generate the certificate was created on an Cisco ACS 3.2 server and has a password. When attempting to import the private key into the CCA Manager the browser times out and no error is reported.
My guess is that it is waiting for the password to allow access to the private key. Unfortunately there is no place on the form and no pop-up to enter the password.
Is there a command line option for importing a private key that may work for me?
Thanks
Sherm

The best Possible way is to generate a CSR from the CCA server and then purchase a certificate using that CSR. Then you dont have problems with private keys.
Regards
sathappan

Similar Messages

  • Exporting pdf and said failed due to password protected--what to do?

    I'm trying to export a pdf file and i get a 'conversion failed due to password protection'? i do not recall putting a password for any of my conversions. 

    Hi TSN,
    Thank you, that is correct - an unprotected PDF would be best.
    Although if that isn't available due to time constraints, you will have full access to convert the PDF to Word if you have the correct password. You will just need to be sure to enter it directly into the PDF before you do the conversion.
    Hope that helps!
    Regards, Stacy

  • TS3276 i have a macbook pro and need to send a password protected document to a pc based computer and it shows up at the other end as corrupted and they can't open it- any suggestions on how to make it work?

    i have a macbook pro and need to send a password protected document to a pc based computer and it shows up at the other end as corrupted and they can't open it- any suggestions on how to make it work?

    It was tricky sorting out the actual questions in your post. I think the other poster has one question in hand, here's the other:
    Post by Turingtest2: HowTo: Grouping Tracks Into Albums - http://discussions.apple.com/message.jspa?messageID=9910895

  • IOS8 fails to stream password protected website mp3 and mp4 files

    EDucational content in a password protected website folder (mp3 and mp4 lecture presentations) fail to stream from a simple directory list website with iOS 8 yet continue to work fine on an iPhone 4 with iOS 7.   Apple says "expected behavior" with all browsers on iOS 8.  Before i direct new students to other platforms so they can access course material, any fixes?

    i drafted the solution here,
    https://wiki.archlinux.org/index.php/Us … ows_shares
    why is it i seem to get no comments on most of my posts, do i just do wierd stuff, or have i offended someone?  :-| 
    If your not sure if i do wierd stuff, read the link above, lol.

  • OpenInWindowEx Method fails to open password protected file.

    Hi,
    I am getting issue while opening password protected file thru OpenInWindowEx Method. It rerurn 0. So please let me know how to open paasword protected file thru code ?
    Regards,
    Arvind

    Hi,
    It just returns 0 which means failed to open file. And I am using Adobe Acrobat 8.1.3 on window XP.
    You can test this in the sample application named ActiveViewVC.
    So I want to know whether we can open password-protected file using the OpenInWindowEx method or not?.
    Please let me know your response
    Regards,
    Arvind

  • Copy and paste Java script for password protecting a page?

    I need to password protect one page which I want to call my LOGIN page on a site I'm making in Dreamweaver CS5.5.  Unfortunately I know that the hosting company I'm using does not have the ability to allow me password a single directory on the server end to accomplish this (I know STRANGE)   .... SO
    I found some code online - java script that I can just copy and paste into the <head> section of my page.  This might be a silly question but is this a 'safe' way to do this?    (I don't need anything fancy and the people whom will be accessing this page will all have the SAME password, so I don't need a registration form or anything fancier...)
    Any thoughts?

    Ugg I totally knew you would all say that (because I already knew that would offer me the easiest solution), change hosts and now I'm embarrassed to say that YES I am paying for the hosting; BUT, I have to explain that I'm with this hosting company because way back when I started that site I needed something super user friendly because I was just learning.  Now I have learned more and have started to use Dreamweaver.  I just stayed with the same hosting and will use FTP to upload my new more updated site.  In the company's defense even though they do offer a way to FTP a site up, their main objective (I think) is to have a really easy way for people to get a site up without knowing anything about code or css or anything; and they operate under the assumption that MOST of their customers will be using their super easy software and not use FTP.  That is why I think they are limited to what they offer, at least that is my take on it.  My more recent sites do not use this company as I have tried to learn and 'move up'. 
    Anyway I guess if I don't want to switch hosting I still have the same problem.  Is it really that difficult to make something that has just one use ID and password which would be the same thing for every person?  Might be a great learning experience for me?
    Yep it might be time for me to switch hosting....  sigh.  What to do.....

  • I open Gmail and it logs in without password protection, which I want.

    How do I force password protection?

    Try logging out and logging back into gmail, when you log back in make sure that the box is not checked to remember you. If that dosen't work then go to the password manager and remove gmail/google from there.

  • Although browser.sessionstore.resume_from_crash = false, it still is restoring session and even session which where password protected! how to solve

    In the config browser.sessionstore.resume_from_crash is set to false, However when restarting FF all sessions can be restored by pressing the button session restore on the home page.
    '''It restores also password protected sessions without asking for any password! This is unacceptible!'''

    See:
    * http://kb.mozillazine.org/Browser.sessionstore.privacy_level
    * http://kb.mozillazine.org/Session_Restore

  • Firefox fails to open password-protected html attachments

    I am not able to open any attachment in '''html '''format which is '''password protected'''. After I enter the password it stays in an endless loop. It works ok in Internet Explorer. Please advice. Thank you, Sandie

    Thanks for the prompt reply. I am not able to catch any exception in particular. But OpenInWindowEx() is returning false.
    Can you please advise on whether any plug in is already available for that

  • Hi kids, my first day using apple, anyway, is a Power Book 4.1 , bought from someone else,and i dont have the password for the key chain, and no chances of getting it, the screen, for the password keeps on coming up, any ideas?

    my  first day using apple, i love it, is a power 4.1, older, but is ok to learn it, however, i bought it from someone , and i was not
    given the password for key chain, so, this screen keeps on coming up, and i dont know the password, so i keep on canceling out
    of it, ..... any ideas on how to fix this problem, is the key chain, that you can access through utilities, but i dont have the old password, that is my first
    problem
    my second problem is that the key board, closer to the screen, is coming out, as it needs to be put in place, you would imagine you can
    put it back in place, but, not sure i should mess with it, any input would be greatly appreciated it
    thank you
    lisa

    Hi, Lisa. Now I see what you're desperate about.
    Does it allow you to go ahead and use the iBook after you cancel the Keychain login? If so, it's not a big deal.
    Are you able to go to System Preferences > Accounts and create a new account for yourself? That should eliminate Keychain password problems.
    Check out these instructions on replacing the keyboard:
    http://docs.info.apple.com/article.html?artnum=111917
    Maybe they will help you get it seated better. It's considered a customer-installable part, so it should be easy enough for you to handle without worrying about goofing anything up.
    What CDs (if any) came with the iBook?
    Which version of the operating system is it running?
    How big is the hard drive and how much space remains available on it? If it's the original hard drive, it's getting very old and could fail at any time. The identifier "PowerBook 4,1" tells me that the iBook is ten years old, and is either a 500 or 600 MHz PowerPC G3 (Dual USB) iBook. As such, you can't expect a whole lot from it.
    The optical drive on this iBook could be a CD-ROM (reads CDs only), CD-RW (reads and writes CDs; no DVD capability), DVD (reads CDs and DVDs), or Combo (reads and writes CDs; reads DVDs) drive.
    Good luck with it.

  • Importing a PKCS12 private key into java Keystore

    Hi,
    We have an existing private key, stored in a ".p12" file.
    Currently, our existing program will access this file directly to retrieve the private key, however, we need to import this private key into a keystore so it can be retrieved by our new code.
    Does anyone know whether it is possible to do this, and if so, is there any criteria that need to be met.
    If it is possible, then how do we do it?
    Assistance is appreciated!
    Regards
    Steve Williams

    Sorry to cross-post, but I have a similar problem.
    I have an existing certificate (public/private keypair) that I'm using in Microsoft IIS. Using Cert Manager in Windows2000 I export the certificate preserving the private key into a pfx file. I need to import the public/private keypair into the keystore. I also have the original certificate request and reply from Verisign if that helps any. I've looked everywhere and have been unable to find any information about doing this. Please Help!
    If there is a way to do this using keytool that would be great. If someone knows how to programmatically do this that would also be great.
    Thanks in advance,
    Trey Caldwell
    Software Engineer
    Intrannuity, LLC
    [email protected]

  • Windows 8 Sysprep - Can't skip local account creation and autologon fails, wrong admin password.

    Using Windows 8 x64 Enterprise, Sysprep pauses to ask me to create a local user, which I don't want.
    If I enable SkipSystemOOBE and SkipUserOOBE in OOBE under Microsoft-Windows-Shell-Setup sysprep (in oobe mode) will skip user creation and autologon works.  But it only works correctly once.  If I run sysprep again, when it tries to autologon
    it will say that I have the wrong password for the local account.  After I type in the password manually it works.  If I use the same password for the local administrator account as for the autologon account, it looks to have the encrypted password
    twice with an equal sign after it.
    What I need to know:
    How to skip local user account creation (we run on a domain but I have it connect through scripts later)
    How to fix the autologon issue
    Do I need the local administrator account enabled for this to work?
    I have my unattend.xml file attached.
    <?xml version="1.0" encoding="utf-8"?>
    <unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="oobeSystem">
    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <AutoLogon>
    <Password>
    <Value>[removed]</Value>
    <PlainText>false</PlainText>
    </Password>
    <Username>[removed]</Username>
    <LogonCount>2</LogonCount>
    <Enabled>true</Enabled>
    </AutoLogon>
    <FirstLogonCommands>
    <SynchronousCommand wcm:action="add">
    <Order>1</Order>
    <CommandLine>c:\folder\abatchfile.bat</CommandLine>
    <RequiresUserInput>false</RequiresUserInput>
    </SynchronousCommand>
    </FirstLogonCommands>
    <OOBE>
    <HideEULAPage>true</HideEULAPage>
    <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
    <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
    <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
    <NetworkLocation>Work</NetworkLocation>
    <HideLocalAccountScreen>true</HideLocalAccountScreen>
    <ProtectYourPC>3</ProtectYourPC>
    </OOBE>
    <TimeZone>Eastern Standard Time</TimeZone>
    <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>
    <RegisteredOrganization>Company Name</RegisteredOrganization>
    <RegisteredOwner>CompanyName</RegisteredOwner>
    </component>
    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <UserLocale>en-US</UserLocale>
    <UILanguage>en-US</UILanguage>
    <SystemLocale>en-US</SystemLocale>
    <InputLocale>en-US</InputLocale>
    </component>
    </settings>
    <settings pass="specialize">
    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <ComputerName>*</ComputerName>
    </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:[removed]/sources/install.wim#Windows 8 Enterprise" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
    </unattend>

    The user accounts-creation page in Windows Welcome is suppressed if a user or a group is added to a local security group. Add a user or a group to a local security group by doing one of the following:
    Create a local user.
    Add a domain user to a local security group with the Microsoft-Windows-Shell-Setup | UserAccounts unattended installation setting.
    To suppress the user accounts-creation page in Windows Welcome, without creating a local user, use one of the following workarounds:
    Workaround 1
    If the computer is already joined to a domain, use the following XML example to add the Domain Users security group to the Local Users security group.
    <DomainAccounts>
     <DomainAccountList wcm:action="add">
      <DomainAccount wcm:action="add">
      <Group>Users</Group>
      <Name>Domain Users</Name>
      </DomainAccount>
      <Domain>FabrikamDomain</Domain>
      </DomainAccountList>
    </DomainAccounts>
    Because joining a domain automatically adds the Domain Users security group to the Local Users security group, the DomainAccounts command does not affect the membership of the Local Users group. However, using this XML example to join a domain will also suppress
    the user accounts-creation page in Windows Welcome.
    Workaround 2
    Use the Sysprep/Quit command to set the following registry value to 1:
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OOBE\UnattendCreatedUser
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

  • Is there (or could be) and option to password protect a folder in a mailbox list in Thunderbird? One click, no encryption or additional programs.

    In your mailboxes you have folder trees. I would like to have a password protection for one of them, so when somebody clicks on the folder 'Accounts', it asks for a password to see the contents.
    No master passwords or passwords for the whole inboxes. I don't want to input a password 10 times a day when i open up TB. Just when i click on a specific folder that may have some emails inside, that should be protected from view.
    Just simple, one click add password, enter password, see contents. No encryption or additional auxiliary programs.
    Has somebody already done that or could do as a built in feature or and add-on?
    Thank you!

    Well, if you don't encrypt it, chances are the mail store files themselves will be readable in any text editor.
    This add-on offers some password capability: https://nic-nac-project.org/~kaosmos/profilepassword-en.html
    There is also a config editor setting that requests a password. See this: http://kb.mozillazine.org/Protecting_the_contents_of_the_profile_-_mail and specifically, "Note: You can password protect the contents of the message pane by setting mail.password_protect_local_cache to true using the configuration editor in conjunction with setting a master password in Thunderbird."
    However, I believe that both of these work at an account level rather than on specific folders. And both offer trivial and weak protection.

  • Password protecting and encrypting received pdf file

    Hello there,
    how can I password protect (and encrypt) a pdf file that I received from someone else? For example, I may get a copy of my tax return from my accountant that I don't want anyone else to see on my computer or when I back up contents of my computer online.
    I have only Adobe Reader 8 installed on my computer. So I am not writing these pdf files myself - I realize that then I would have full control over the security settings.
    Microsoft Word and Excel files I can password protect. How can I do this for "received pdf files"?
    Thank you for your help.

    You need Acrobat, not Reader.
    Be aware that even then, PDF security is easy to bypass.
    I use a Mac for the most part but isn't there any features in Windows that will allow you to protect folders?

  • SSL private key password

    Hello everyone,
    I'm trying to upgrade a WLS 6.1 SP2 with WLP 4.0 SP2 instance to WLS 7.0 SP2
    with WLP 7.0 SP2. Everythng is fine except for that we cannot use the same
    SSL certificate. By defaul the private key is not encrypted with password
    (SSL.KeyEncrypted = false by default, according to the documentations) in
    both WLS 6.1 and WLS 7.0. But running WLS 7.0 startup script results the
    following error:
    <Sep 17, 2003 5:06:40 PM HST> <Alert> <WebLogicServer> <000297>
    <Inconsistent se
    curity configuration, java.lang.Exception: Cannot read private key from file
    C:\
    bea7\user_projects\agencyPortal\portal_islandinsurance_com-key.der. Make
    sure pa
    ssword specified in environment property weblogic.management.pkpassword is
    valid
    .>
    java.lang.Exception: Cannot read private key from file
    C:\bea7\user_projects\age
    ncyPortal\portal_islandinsurance_com-key.der. Make sure password specified
    in en
    vironment property weblogic.management.pkpassword is valid.
    at
    weblogic.security.service.SSLManager.getServerPrivateKey(SSLManager.j
    ava:434)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:153)
    at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
    at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1513)
    at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:852)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:295)
    at weblogic.Server.main(Server.java:32)
    Is this happening because the private key is actually encrypted with the
    password? It was working, although the KeyEncrypted is not set to true and
    the startup script for WLS 6.1 instance did have a line
    with -Dweblogic.management.pkpassword. Or could this error be result of
    something else? The physical machine the instances are located is the same
    and IP address and the DNS entry hasn't been changed, either.
    Any insight will be greatly appreciated. Thanks!
    Makoto

    Thanks Tony - it worked!!
    "Tony" <TonyV> wrote in message news:[email protected]...
    It may be because the private key is both unprotected and in DER format.
    There are some things to try:
    1) Convert the private key file from a DER file to a PEM file and try
    that:
    a) Follow the for converting an unprotected private key at:
    http://e-docs.bea.com/wls/docs70/adminguide/utils.html#1143743
    b) Look at the resulting PEM file, it should look something like
    this:
    -----BEGIN RSA PRIVATE KEY-----
    -----END RSA PRIVATE KEY-----
    (Be sure there is no extra lines or whitespace after thefooter)
    >
    c) Change your configuration to point at the PEM file
    If that doesn work, then you can try protecting the key with apassword
    using
    the wlkeytool utility (It should be in the server/bin directory). The
    tool should prompt
    for a password to use to protect it:
    wlkeytool inputkey.pem outputkey.pem
    Then change your configuration to use the protected private key, andset
    the passwod to use.
    Tony
    "Makoto Suzuki" <[email protected]> wrote in message
    news:[email protected]...
    Hello everyone,
    I'm trying to upgrade a WLS 6.1 SP2 with WLP 4.0 SP2 instance to WLS 7.0SP2
    with WLP 7.0 SP2. Everythng is fine except for that we cannot use the
    same
    SSL certificate. By defaul the private key is not encrypted withpassword
    (SSL.KeyEncrypted = false by default, according to the documentations)in
    both WLS 6.1 and WLS 7.0. But running WLS 7.0 startup script resultsthe
    following error:
    <Sep 17, 2003 5:06:40 PM HST> <Alert> <WebLogicServer> <000297>
    <Inconsistent se
    curity configuration, java.lang.Exception: Cannot read private key fromfile
    C:\
    bea7\user_projects\agencyPortal\portal_islandinsurance_com-key.der. Make
    sure pa
    ssword specified in environment property weblogic.management.pkpassword
    is
    valid
    .>
    java.lang.Exception: Cannot read private key from file
    C:\bea7\user_projects\age
    ncyPortal\portal_islandinsurance_com-key.der. Make sure passwordspecified
    in en
    vironment property weblogic.management.pkpassword is valid.
    at
    weblogic.security.service.SSLManager.getServerPrivateKey(SSLManager.j
    ava:434)
    atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:153)
    atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
    atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1513)
    at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:852)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:295)
    at weblogic.Server.main(Server.java:32)
    Is this happening because the private key is actually encrypted with the
    password? It was working, although the KeyEncrypted is not set to true
    and
    the startup script for WLS 6.1 instance did have a line
    with -Dweblogic.management.pkpassword. Or could this error be result of
    something else? The physical machine the instances are located is thesame
    and IP address and the DNS entry hasn't been changed, either.
    Any insight will be greatly appreciated. Thanks!
    Makoto

Maybe you are looking for

  • Call Oracle Help for Java in Oracle forms running in the web

    Hi, everyone, We are developing a web-enabled Oracle database application system. Oracle suggested us to use Oracle Help for Java(OHJ) to create an online help system for the web environment. We successfully created a OHJ program which can be indepen

  • Credit setting

    Dear gurus,      How can i have credit setting active at only delivery level(Static check).System should pop up message at delivery level (exceeded value) and a block delivery.Also it shoud calculate open items(payment not posted).               i ha

  • Team calendar not showing after change of Manager

    Hi all, we are using the team calendar feature in our organization by filling out the "Manager" attribute in AD and Exchange. Since the old manager left the company and we changed the attribute to the new manager our users can't see the team calendar

  • Magic Mouse problems on Lion...

    I just finished installing Lion and my first impression is that I hate it! I'm having the following issues (of which help would be greatly appreciated...) 1. With Magic Mouse I can no longer do a 2-finger swipe to go back/forward on Safari or Chrome.

  • 4.2 Early Adapter 2 Numeric Region Template Name

    I think it is a stupid question. But as I am new to this I should clear my doubt. In 4.2 early adapter 2 there is a packaged application called Incident Tracking. In this application page number 50 is having a region called Tickets. It has a template