OS X keeps forgetting my private keys
Hi,
I have Macbook Air (mid-2013). I manage some linux servers, I added my private keys to MBA by running ssh-add command. OS X preserve my keys for a limited time and then forget. I've 2 different keys. I noticed OS X forget my keys after rebooting the machine. How can I store my private keys permanently?
Thanks
This happens when there is more than one Bonjour device on the local network with the same name, or claiming to have the same name. You can stop it temporarily by launching the Activity Monitor application on each Mac, finding a process with the name "mDNSresponder", and force-quitting it. It restarts automatically. You can then restore the name in the Sharing preference pane.
For a permanent fix, you'll have to figure out where the name conflict is coming from.
Similar Messages
-
Iphone keeps forgetting wifi wep key
last Thursday I took mi iphone 4s to apple store otay ranch San diego CA my wifi was greyed out & said no wiffi what they did is they restore my
Iphone & updated iOS5.1.1 thw wifi is working again now My iphone keeps forgetting my home and work wifi wep key. I can connect to it and its fine and
then i will put the phone down and leave it say 20 mins or even a couple of days and in that time it would have forgotten the wep key and i have to go through the
whole process again of putting in the wep key. Its only been happening in the last week. I've only had the iphone 3 months and wondering why its doing this
now. Its picking up networks fine and also conecting to them ok, its just the fact that it forgets the wep key this so anoying . Any help on this would be really
appreciated
Thank you.There are a couple of threads on this issue. I did a search on "forgot wep key". I'd take a look at this one to get some ideas
https://discussions.apple.com/message/18443331#18443331 -
Hello. Is it possible to export the Private Key from, say, my J2EE engine (I'm running a dual stack) and import it into my ABAP instance so that both systems use the same Private Key? They both have the same host name.
I guess its possible. Please correct me if i am wrong.
Please keep in mind, that simply importing a certificate as a certificate response won't work in this situation, since the public key from your CA and the public key in the individual PSEs already existing on the respective servers won't match.
following steps all the key pairs and certificates that are currently stored in the SSL Server PSEs on the target systems will be removed. If you want to keep them, you'll need to export them to a safe place.
Step 1: import the key pair into a PSE
Since pl.16 of SAPCRYPTOLIB, key pairs given in the format PKCS#12 can be imported into a PSE (note 745063). Since pl.24 of SAPCRYPTOLIB, also the import of key pairs given as PKCS#5, PKCS#8 or OpenSSL-PEM is supported (note 1159829).
Step 2: import the PSE resulting from Step 1) into the system's database All PSEs that are known to transaction STRUST will be exported from the database and distributed to the application servers at system startup. The related PSE files will be overwritten. So, the PSE resulting from the key pair import in step 1) needs to be imported into the database.
You'll need to go through a procedure similar to the one described in note 1178155, step 3.
- Copy the PSE from step 1) to your workstation/PC
- Start transaction STRUST
- Doubleclick the "FILE" icon in the navigation area (left hand side)
- Select the PSE on your workstation/PC
- Execute the menu item "PSE --> save as..." and choose the SSL Server
PSE as target. This will save the PSE from step 1 as SSL Server
standard PSE.
- The following step is a modification from note 1178155 which is
only applicable in your special situation: right mouse button click
on the SSL Server PSE entry in the navigation area. From the context
menu appearing, select "Change".
- Remove the distinguished names from all application server specific
PSEs in the list. Pressing the green tick mark ('save') will remove
all application server specific SSL Server PSEs, so the system is
forced to use the SS Server standard PSE instead.
Don't forget to restart the ICM in order to make your changes become effective.
Regards,
Jazz -
Hi Gurus,
Here is situation, I finding it hard to solve. Any assistnace will be helpful.
SSL is a transport level security solution and hence is independent of any application level protocol (where a standard protocol like HHTP, LDAP or non-standard like t3s).
I started my SSL skills with keystores for Weblogic and used kestore formats like JKS and JCEKS. Given that in an enterprise setup we use more infrastructure softwares than just Weblogic. Now please assume a hypothetical scenario
OS :: Windows
App Server #1 :: Weblogic
App Server #2 :: Websphere
App Server #3 :: Tomcat
Web Server #1 :: IIS
Web Server #1 :: Apache
Web Server #1 :: iPlanet
Web Server #1 :: IHS
SSH Server on Windows (its possible and we use it)
(reason to mention this ridicilous number of softwares is highlight that they all use different type of keystores)
Now given that I want to protect these services at transport layer using SSL or TLS by using some valid x.509 certificate from a internal PKI suite and cerificate will be for the hostname.
Is there a way I can standardize on a common format for keystore and common format for private key. (Server Cert and CA cert is almost a non issue, having a .pem format is almost portable to any type of keystore).
I want to keep SSL/TLS certs as host resource and not dedicated to a particular software or keystore type...
There are some workarounds in the internet...seems like they are mostly around java application servers and sun keystore formats(JKS JCEKS) and some java code has to written to create your own utility...or somthing like pkeytool etc....
Suggestions guys..PKCS#1 1.5 definition:
RSAPrivateKey ::= SEQUENCE {
version Version,
modulus INTEGER, -- n
publicExponent INTEGER, -- e
privateExponent INTEGER, -- d
prime1 INTEGER, -- p
prime2 INTEGER, -- q
exponent1 INTEGER, -- d mod (p-1)
exponent2 INTEGER, -- d mod (q-1)
coefficient INTEGER -- (inverse of q) mod p }RSAParameters as documented in .NET Framework Class Library:
D Represents the D parameter for the RSA algorithm.
DP Represents the DP parameter for the RSA algorithm.
DQ Represents the DQ parameter for the RSA algorithm.
Exponent Represents the Exponent parameter for the RSA algorithm.
InverseQ Represents the InverseQ parameter for the RSA algorithm.
Modulus Represents the Modulus parameter for the RSA algorithm.
P Represents the P parameter for the RSA algorithm.
Q Represents the Q parameter for the RSA algorithm. The KeySpec (CRT = Chinese Remainder Theorem)
RSAPrivateCrtKeySpec(BigInteger modulus,
BigInteger publicExponent,
BigInteger privateExponent,
BigInteger primeP,
BigInteger primeQ,
BigInteger primeExponentP,
BigInteger primeExponentQ,
BigInteger crtCoefficient)So we could try some guessing:
modulus <- Modulus
publicExponent <- Exponent
privateExponent <- D
primeP <- P
primeQ <- Q
primeExponentP <- DP
primeExponentQ <- DQ
crtCoefficient <- InverseQTry it and tell me if it worked. Good luck. -
Firefox keeps forgetting the Zoom setting per page...
Hi!
While surfing the archives of the Dilbert cartoons, I have to zoom in on the sunday cartoon otherwise it is too small. But Firefox 4 keeps forgetting the zoom setting.
Everytime I click the next cartoon or even refresh the page the setting is back to standard. This behavior is similar on all websites, e.g. google.
Any suggestion? Thanks in advance! wohlgetanMake sure that you not run Firefox in permanent Private Browsing mode.
* https://support.mozilla.com/kb/Private+Browsing
* You enter Private Browsing mode if you select: Tools > Options > Privacy > History: Firefox will: "Never Remember History"
* To see all History and Cookie settings, choose: Tools > Options > Privacy, choose the setting <b>Firefox will: Use custom settings for history</b>
* Deselect: [ ] "Permanent Private Browsing mode"
* http://kb.mozillazine.org/Zoom_text_of_web_pages
* http://kb.mozillazine.org/browser.zoom.siteSpecific
* http://kb.mozillazine.org/toolkit.zoomManager.zoomValues
* http://kb.mozillazine.org/zoom.minPercent
* http://kb.mozillazine.org/zoom.maxPercent -
Hello,
Do Microsoft have a updated hofix(2813237) that works for Windows 8.1 Pro machines?
Kind regards
SimonHi,
Since this is a known issue, there's a workground which worth a try, please refer to the following thread, reply posted by duchiant
http://social.technet.microsoft.com/Forums/office/en-US/f543b04d-d510-4444-b803-1759f6c312c8/outlook-configured-on-windows-8-required-elevation-in-order-to-access-private-key?forum=outlook
Add: I think we might need some more time to see whether MS can release an hotfix for Windows 8.1, we will keep an eye on this.
Yolanda Zhu
TechNet Community Support -
Hello everyone,
I'm trying to upgrade a WLS 6.1 SP2 with WLP 4.0 SP2 instance to WLS 7.0 SP2
with WLP 7.0 SP2. Everythng is fine except for that we cannot use the same
SSL certificate. By defaul the private key is not encrypted with password
(SSL.KeyEncrypted = false by default, according to the documentations) in
both WLS 6.1 and WLS 7.0. But running WLS 7.0 startup script results the
following error:
<Sep 17, 2003 5:06:40 PM HST> <Alert> <WebLogicServer> <000297>
<Inconsistent se
curity configuration, java.lang.Exception: Cannot read private key from file
C:\
bea7\user_projects\agencyPortal\portal_islandinsurance_com-key.der. Make
sure pa
ssword specified in environment property weblogic.management.pkpassword is
valid
.>
java.lang.Exception: Cannot read private key from file
C:\bea7\user_projects\age
ncyPortal\portal_islandinsurance_com-key.der. Make sure password specified
in en
vironment property weblogic.management.pkpassword is valid.
at
weblogic.security.service.SSLManager.getServerPrivateKey(SSLManager.j
ava:434)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:153)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1513)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:852)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:295)
at weblogic.Server.main(Server.java:32)
Is this happening because the private key is actually encrypted with the
password? It was working, although the KeyEncrypted is not set to true and
the startup script for WLS 6.1 instance did have a line
with -Dweblogic.management.pkpassword. Or could this error be result of
something else? The physical machine the instances are located is the same
and IP address and the DNS entry hasn't been changed, either.
Any insight will be greatly appreciated. Thanks!
MakotoThanks Tony - it worked!!
"Tony" <TonyV> wrote in message news:[email protected]...
It may be because the private key is both unprotected and in DER format.
There are some things to try:
1) Convert the private key file from a DER file to a PEM file and try
that:
a) Follow the for converting an unprotected private key at:
http://e-docs.bea.com/wls/docs70/adminguide/utils.html#1143743
b) Look at the resulting PEM file, it should look something like
this:
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
(Be sure there is no extra lines or whitespace after thefooter)
>
c) Change your configuration to point at the PEM file
If that doesn work, then you can try protecting the key with apassword
using
the wlkeytool utility (It should be in the server/bin directory). The
tool should prompt
for a password to use to protect it:
wlkeytool inputkey.pem outputkey.pem
Then change your configuration to use the protected private key, andset
the passwod to use.
Tony
"Makoto Suzuki" <[email protected]> wrote in message
news:[email protected]...
Hello everyone,
I'm trying to upgrade a WLS 6.1 SP2 with WLP 4.0 SP2 instance to WLS 7.0SP2
with WLP 7.0 SP2. Everythng is fine except for that we cannot use the
same
SSL certificate. By defaul the private key is not encrypted withpassword
(SSL.KeyEncrypted = false by default, according to the documentations)in
both WLS 6.1 and WLS 7.0. But running WLS 7.0 startup script resultsthe
following error:
<Sep 17, 2003 5:06:40 PM HST> <Alert> <WebLogicServer> <000297>
<Inconsistent se
curity configuration, java.lang.Exception: Cannot read private key fromfile
C:\
bea7\user_projects\agencyPortal\portal_islandinsurance_com-key.der. Make
sure pa
ssword specified in environment property weblogic.management.pkpassword
is
valid
.>
java.lang.Exception: Cannot read private key from file
C:\bea7\user_projects\age
ncyPortal\portal_islandinsurance_com-key.der. Make sure passwordspecified
in en
vironment property weblogic.management.pkpassword is valid.
at
weblogic.security.service.SSLManager.getServerPrivateKey(SSLManager.j
ava:434)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:153)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1513)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:852)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:295)
at weblogic.Server.main(Server.java:32)
Is this happening because the private key is actually encrypted with the
password? It was working, although the KeyEncrypted is not set to true
and
the startup script for WLS 6.1 instance did have a line
with -Dweblogic.management.pkpassword. Or could this error be result of
something else? The physical machine the instances are located is thesame
and IP address and the DNS entry hasn't been changed, either.
Any insight will be greatly appreciated. Thanks!
Makoto -
'Error while signing data-Private key or certificate of signer not availabl
Hello All,
In my message mapping I need to call a web service to which I need to send a field value consist of SIGNED DATA.
I am using SAP SSF API to read the certificate stored in NWA and Signing the Data as explained in
http://help.sap.com/saphelp_nw04/helpdata/en/a4/d0201854fb6a4cb9545892b49d4851/frameset.htm,
when I have tested using Test tab of message mapping it is working fine and I am able to access the certificate Keystore of NWA(we have created a keystore view and keystore entry to store the certificate) and generate the signed data ,but when I test end to end scenario from ECC system,it is getting failed in mapping with the error
' Error while signing data - Private key or certificate of signer not availableu2019.
Appreciate your expert help to resolve this issue urgently please.
Regards,
ShivkumarHi Shivkuar,
Could you please let me know how you were trying to achieve the XML signature.
We have a requirement where we have to sign the XML document and need to generate the target document as following structure.
<Signature>
<SignedInfo>
<CanonicalizationMethod />
<SignatureMethod />
<Reference>
<Transforms>
<DigestMethod>
<DigestValue>
</Reference>
<Reference /> etc.
</SignedInfo>
<SignatureValue />
<KeyInfo />
<Object>ACTUAL PAYLOAD</Object>
</Signature>
I am analyzing the possibility of using the approach that is given in the help sap link that you have posted above. Any inputs will be apprecited.
Thanks and Regards,
Sami. -
Reading private key: works in jdk 1.5, but throws exception in 1.4
Hello,
I am trying to read an RSA private key from a file. I am using the following code snippet:
KeySpec spec = new RSAPrivateKeySpec(modulus, pExp);
KeyFactory factory = KeyFactory.getInstance("RSA");
PrivateKey key = factory.generatePrivate(spec);
This runs perfectly fine under jdk 1.5 on keys I generate with OpenSSL. However, if I recompile and run under jdk 1.4, I get the following exception:
java.security.spec.InvalidKeySpecException: Unknown key spec.
at com.sun.net.ssl.internal.ssl.JS_KeyFactory.engineGeneratePrivate(DashoA6275)
at com.sun.net.ssl.internal.ssl.JSA_RSAKeyFactory.engineGeneratePrivate(DashoA6275)
at java.security.KeyFactory.generatePrivate(KeyFactory.java:237)
I have also tried using RSAPrivateCrtKeySpec but I get the same error. Can anyone shed some light on what is going on?
Thank you.'Unlimited Strength Jurisdiction Policy Files 1.4' Could be the solution.
I had a similar problem with java 1.4 and those files do the work.
... finally the problem was that the password that protectd the keystore had 7 characters, using one of 5 characters works ok... -
Remote app keeps forgeting Apple TV
Good afternoon! Apple's Remote app 4.2.1 on my iPhone 6 running iOS 8.1.3 keeps forgetting my AppleTV 2 running Apple TV Software 7.0.3. When I open the app, AppleTV isn't an option (other iTunes libraries on my network do appear though). I can get my Apple TV to re-appear temporarily by using the remote that came with the AppleTV to navigate to Settings > Computers > Turn Off Home Sharing and then turning home sharing back on Shortly thereafter, however, the Remote app can no longer see the Apple TV.
Any suggestions for how I can get Remote to permanently remember the Apple TV? Thanks!Is this what you are looking for: http://itunes.apple.com/app/remote/id284417350?mt=8?
-
In the midst of an apocalyptic SSL install in 10.4 server. Currently, I am trying to install a wildcard cert via Server Admin, which may have been a mistake. After smashing my head for a week, I tried a new tack and rebuilt the system keychain and attempted to install the certificate; this failed at the level of Server Admin. However, in Keychain Access I am showing the SSL cert, public and private keys, and the CA's cert, all valid.
Since I know of no other way to do get KA talking to SA so that I can actually use this certificate, I am trying to export the valid certs and keys to import. My problem is this, the certs and public key export fine, the private key fails returning an error of Unable to Export CLINTERNALERROR. I double checked that root is enabled in netinfo. Any ideas on how to rectify this?I believe you have to run Keychain Access as root to export the private key.
sudo /Applications/Utilities/Keychain Access.app/Contents/MacOS/Keychain Access -
Reconver SSL private key?
I have a bit of a dilemma since I tried to install an SSL certificate on my server that needs intermediate certs. Here's what I did:
1) In Server Admin, create a new key for my domain and use that key to create a CSR to send to a certificate authority. (This creates a public key, a private key and a self-signed certificate in the system keychain on the server).
2) Sent the CSR away and got the signed certificate back.
3) Used Server Admin to add the signed certificate to the existing domain cert (this replaces the self-signed cert). Restart services etc.
Here's the problem: the cert that I have needs intermediate certs installed in order to be functional- currently the certificate shows as an untrusted authority. If I delete the current certificate in Server Admin to start again from scratch, it will delete the private key that I need to reinstall. I downloaded the intermediate certificates from the CA's website, but now the certificate installed on the server can't be modified. Besides, there is no place to enter the intermediate certificates. My plan was to try to paste all the certs into the box where it asks for the new certificate, but no joy since it is now locked.
I would like to create a new certificate (there is a place in there to install intermediate certs), but I'll need to get my private key out of Keychain Access into a pem formatted file but I can't seem to get the thing to export.
Questions:
1) Is there a way to export a private key from Keychain Access so that it can be used for server admin?
2) Is there a way to get at this from the command line?
3) Is there some other procedure that can magically fix this problem?
Thanks,
MilesThanks,
This is the part that I was looking for:
Launch Keychain Access as root:
sudo /Applications/Utilities/Keychain\ Access.app/Contents/MacOS/Keychain\ Access &
I then went here http://www.gridsite.org/wiki/Convert_p12 and converted the p12 to pem so I could use it in server admin.
Thanks again,
Miles -
Recovering Private Key Password
I have a customer who is trying to load a private key from a file but can not remember the Private Key password. Does anyone have an idea of what the best way to recover this would be if its possible?
this is not possible since this is the most important part of the security protocol.
You have to created a new key and get a new certificate.
Regards,
Gilles. -
Private key password for Default DemoIdentity Keystore?
Hi
I am trying to Configure SSL in ALSB. I have created the PKI Credential mapping for the Default DemoIdentity Keystore
But it is asking for the password to access the Keypair.
The document states that i need to provide the password set during the creation of the keystore
but as i am using the default keystore i dont know where to look for the password.
Error :
[Security:090809|The key pair could not be retrieved from the keystore with the supplied alias demoidentity and its password
I tried using the KeyStorePassphrase but it didnt help me much ..
Can any one help me on this?
Regards
AnushaJay is right
To be more precise you can use something like
keytool -list -keystore ${wl_home}/server/lib/DemoTrust.jks -storepass DemoTrustKeyStorePassPhrasewhich leads to the following output
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 4 entries
certgenca, Mar 22, 2002, trustedCertEntry,
Certificate fingerprint (MD5): 8E:AB:55:50:A4:BC:06:F3:FE:C6:A9:72:1F:4F:D3:89
wlsdemocanew2, Jan 24, 2003, trustedCertEntry,
Certificate fingerprint (MD5): 5B:10:D5:3C:C8:53:ED:75:43:58:BF:D5:E5:96:1A:CF
wlsdemocanew1, Jan 24, 2003, trustedCertEntry,
Certificate fingerprint (MD5): A1:17:A1:73:9B:70:21:B9:72:85:4D:83:01:69:C8:37
wlscertgencab, Jan 24, 2003, trustedCertEntry,
Certificate fingerprint (MD5): A2:18:4C:E0:1C:AB:82:A7:65:86:86:03:D0:B3:D8:FEThe following list provides the location and passwords of the demo certificates:
Trust store location: ${WL_HOME}/server/lib/DemoTrust.jks
Trust store password: DemoTrustKeyStorePassPhrase
Key store location: ${WL_HOME}/server/lib/DemoIdentity.jks
Key store password: DemoIdentityKeyStorePassPhrase
Private key password: DemoIdentityPassPhrase -
Hi,
I would like to export my Portal private key, so that it can be used for network traffic capture (Wire shark).
Can anyone point me in the direction as to where this file can be exported.
Thanks
Kai
PS. Points will be awarded.....The Path to export the certificate is:
On the Portal
System administration -> system configuration -> Keystore administration -> download verify.der file
Regards,
Chengappa
Maybe you are looking for
-
ITunes (Windows) does not quit properly
Closing windows version using "x" at top right corner of screen or selecting Exit from file menu makes iTunes clear the screen, but it's still runnning. I have to do a ctrl-alt-del and then manually quit the process tree. Otherwise, re-clicking on th
-
Hi all, We are currently going through a pilot of the O365 suite. So far, so good. We are a large, global organisation with offices in regions where it can be challenging to get a half decent Internet circut (ADSL). ADSL isn't used as our primary com
-
DB2 Stored Procedure from Java-JDBC
Hi All, I am using DB2 stored procedure which have been written in COBOL. I have two types of stored procedures. First types of stored procedure takes IN parameter and returns OUT parameter. These stored procedures are working fine. The second type o
-
Multiple Quotation lines against one PR/PRF item
Hi, I want to address projects related senario in which during PR creation only high level details of a product is known e.g. Substation is to be procured. So RFQ is also floated for Substation (only one line item in PR/RFQ). Now when vendor sends th
-
Does anyone know when the new iphone is being released?
I know it says this fall but it doesn't give a date.