Private Key for RSAalgorithm
Hello,
I used RSA algorithm for encryption and i can send the encrypted text to the server , on the server side
in order to decrypt the message i passed the public key, but how to generate the private key on the server side, i am a beginner in cryptography, can anybody help me , if possible give me the coding for encryption and decryption which will work on the client side for encryption and server side for decryption,i need RSA algorithm for it
well, but i just used receivers public key to encrypt the data at the senders side, at the receivers side both secret and public key is generated, and the receivers secret key is used to decrypt. The ecrypted text can be accessed at the receivers side but it can't be decrypted, my program part is given below
Sender's side
// Create a new instance of Message class, to encrypt / decrypt message
Message M = new Message();
// Create a new instance of Keys, to generate keys
Keys K = new Keys ();
// Set the Plain Text message
M.PlainText = ta.getText(); (ta is the text area i displayed the text file)
// Display the Plain Text message
System.out.println (" Message:" + M.PlainText);
// Set the Number of Rounds
M.NumRounds = 2;
// Display the Number of Rounds
System.out.println (" Rounds:" + M.NumRounds);
// Create RSA Public, Secret key pairs
K.CreateKeys();
// Display Public Key individual number
System.out.println ("Public Key:" + K.PublicKey);
// Display Secret Key individual number
System.out.println ("Secret Key:" + K.SecretKey);
// Display n, the shared number (of Public and Secret Keys)
System.out.println (" n:" + K.n);
// Encrypt the Message
M.Encrypt (publicKey, n);
/* where publickey and n are generated at the receivers side and saved in the database, which is taken
at the senders side to encrypt the data. */
// Display the Encrypted Message
System.out.println (" Encrypted Message:" + M.CipherText);
String crp=M.CipherText.toString();
AT the receiving side
// Create a new instance of Message class, to encrypt / decrypt message
Message M = new Message();
// Create a new instance of Keys, to generate keys
Keys K = new Keys ();
// Set the Plain Text message
//M.PlainText = ta.getText();
// Display the Plain Text message
//System.out.println (" Message:" + M.PlainText);
// Set the Number of Rounds
M.NumRounds = 2;
// Display the Number of Rounds
System.out.println (" Rounds:" + M.NumRounds);
// Create RSA Public, Secret key pairs
K.CreateKeys();
// Display Public Key individual number
System.out.println ("Public Key:" + K.PublicKey);
pbk=K.PublicKey.toString();
// Display Secret Key individual number
System.out.println ("Secret Key:" + K.SecretKey);
// Display n, the shared number (of Public and Secret Keys)
System.out.println (" n:" + K.n);
bi=new BigInteger (bi.toString().concat(String.valueOf(K.SecretKey)));
bn=new BigInteger (bn.toString().concat(String.valueOf(K.n)));
System.out.println("SECRET:"+bi);
System.out.println("N:"+bn);
M.Decrypt(bi,bskbi); // where bi is secret generated at the recivers side and bn is retrieved
from the database , n = (p-1)*(q-1) where p and q are two large priome numbers */
at the receivers side the encrypted text can be accessed , but the text can be decrypted, what is the problem here, can u help me to change the codings
thanks in advance
Similar Messages
-
Private key for encryption / decryption in PI
Hi Experts,
Where do we find the private key installed in PI system that is used for secur communication ?
Thanks,
DhawalHi Dhawal,
Did you try to search on SDN before asking this ?
There are many article available. Have a look at http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/40a08db9-59b6-2c10-5e8f-a4b2a9aaa3d2?quicklink=index&overridelayout=true and http://help.sap.com/saphelp_NW04/helpdata/en/39/83682615cd4f8197d0612529f2165f/content.htm.
Regards,
Sunil Chandra -
I purchased a security certificate, and the site tells me that it was successfully installed. I need to export the certificate so that I can create the public and private keys, but I cannot find the certificate to do so.
Thank you.
-
Hi
I have a question about Terminal adapter.
My current aim is to create process "Execute script through ssh on remote Linux system" with input parameters ( login, path to private key, path to script)
It was very helpful to find this discussion https://supportforums.cisco.com/message/3543289#3543289 .
Is there a way to create Public-key Authenticated Admin Runtime User with private key for authentication by using NB webservice ?I will second Shaun's comment...
Unfortunately, it looks like this is not possible in 2.3.X. (That is you can create the user but the fields you need to use to configure that user properly do not appear to be exposed to the Northbound Web Service).
It looks like something that will be fixed in a future release of Process Orchestrator.
Svetlana -
Private key from 5.1 to 7.0
Hi, we're currently upgrading from WebLogic server 5.1 to 7.0. The private
key generated by WLS 5.1 does not use any password, and can therefore not be
used with 7.0
Do I have to generate a new private key and order a new SSL certificate, or
is there a way I can assign a password to my existing private key so I can
continue using this ??
Thanx in advance !!!
Jan Espen HansenThanks a lot Tony !!!!! This solved my problem.
JEH
"Tony" <TonyV> wrote in message news:[email protected]..
Incorrect PEM headers/footers can confuse the tool.
Double check that the header and footer for your PEM file match thecontents
of the
data in the file.
If it was an unprotected RSA private key, the header and footer shouldlook
like
this:
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
It should not say it is a certificate (which is the default for theder2pem
utility), and it
should not say it is an encrypted private key.
Tony
"a" <[email protected]> wrote in message news:3f9f7705$[email protected]..
Hi, and thank you for your answer. I've tried the tool you mention, but
I
get the following error message:
"Error parsing BER private key data 3000"
Since my private key is in .der format I have first run the weblogicutil
utils.der2pem on it, but I still get this error message.
Any ideas ??
JEH
"Tony" <TonyV> wrote in message news:[email protected]..
You should not have to generate a new key.
There is a native tool that is supplied on the WLS kit that can
protect
an
unprotected private key for you:
wlkeytool inputkey.pem outputkey.pem
It will prompt for passwords, I believe that will do what you want.
Tools such as OpenSSL should also be able to protect the private key.
Tony
"Janne K" <[email protected]> wrote in message
news:[email protected]..
Hi, we're currently upgrading from WebLogic server 5.1 to 7.0. Theprivate
key generated by WLS 5.1 does not use any password, and can
therefore
not
be
used with 7.0
Do I have to generate a new private key and order a new SSL
certificate,
or
is there a way I can assign a password to my existing private key so
I
can
continue using this ??
Thanx in advance !!!
Jan Espen Hansen -
Having multiple CAs share the same private key
We are developing a system which implements an HA cluster across two separate geographical locations.
Each site will have several Windows Server 2012 machines and at least one DC, and we basically have to do a master-master replication between the two sites.
The entire system will be under a single domain.
We will be deploying AD CS since some of our sub-systems need certificates,
but we want to limit the variety certificate to just one (i.e. we want all CAs to issue identical certificates).
To do that, we have to setup AD CS so that all the DCs (both intra-site and inter-site) share the same private key.
Is it possible to have all DCs in a domain to share a single private key?
This article on TechNet suggests that we can do it within a cluster,
https://technet.microsoft.com/en-us/library/cc742450%28v=ws.10%29.aspx
but we are not sure if we can do it across different sites.
Any advice and comments are highly appreciated.
WankoHi Wanko,
Its not much clear what you mean by "DCs to have single private key".
However as per the article it indicates that you can use the same (SAN) certificate on both servers (nodes) of the cluster, the certificate SN will be the common clustername.
This is common when you are using clustering or load-balanced system which requires you to have a common name, but individual nodes.
Basically if you want to use single private key for the HA nodes, use the same certificate across all the nodes, that would be generated on the first node(generally). You don't need to issue identical certificates(this will not work as per my understanding)
CA First Node: Export the Cert
On the Welcome page of the CA Backup Wizard, click Next. Select
Private key and CA certificate, and provide a directory name where you want to temporarily store the CA certificate and optionally the key. Click
Next.
Provide a password to protect the CA key, click Next, and then click
Finish.
CA Second Node: Import the Cert
Open the Certificates snap-in for the computer account.
In the console tree, double-click Certificates (Local Computer), and click
Personal.
On the Action menu, click All Tasks, and then click
Import to open the Certificate Import Wizard. Click Next.
Enter the file name of the CA certificate that was previously created on the first node, and click
Next. If you click Browse to find the certificate, change the file type to
Personal Information Exchange (*.pfx,*.p12).
Type the password that you have previously used to protect the private key. The password is required even if there is no private key in the .pfx file. Do not mark this key as exportable. Click
Next.
Place the certificate in the Personal certificate store, and click
Next. To complete the certificate import process, click
Finish, and then click OK.
Secondly I don't get what do you mean by: "we basically have to do a master-master replication between the two sites."
Please note a Cluster can only run a single instance of Certificate Services. A failover cluster of any size can be used to provide a high availability environment for certificate services. However, Microsoft does not support more than one instance
of certificate services on a cluster.
References:
Overview of CA Clustering-2003
Active Directory Certificate Services (AD CS) Clustering - Requirements-2012
Regards,
Satyajit
Please“Vote As Helpful”
if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you. -
How to enter a Private key into a keystore
Hi,
We have a propriteary CA, developed by us. I need to use this CA for my Signed Applet. I would enter this CA's public key(a X509 certificate) into my cacerts file.
Following is what I have done :
1) I have generated my own keystore, public and private key for signing the applet.
2) Signed the applet with the private key in the keystore.
To Do :
Now, the self generated public key(with which applet was signed) has to be signed by the properitary CA, so that when applet is downloaded my certificate is authenticated by the proprietary CA.
The problem is :
1) To get my public key certificate authenticated by the proprietary CA, I need the private key of proprietary CA.(so that I shall sign my public key file by the CA's private key) . The CA could give the private key as a byte array file. ( Or we could write a program to format the private key file, if any format exists and required). jarsigner requires keystore to sign. How could I create a keystore and enter my private key and public key into this keystore?
2) Is there any other way to do this?
Please help to resolve this problem.
RajeshCheck this:
<A HREF="http://java.sun.com/j2se/1.4/docs/guide/pugin/developer_guide/rsa_signing.html -
Installing Domain Controller certificates remotely - private key remains on local server!
Using a 3rd party CA (Entrust), I have successfully requested and installed Domain Controller certificates via the Certificates MMC snap-in.
I did this from one Domain Controller, and then just used the (right click) "Connect to another computer" option to do the rest. Everything looks absolutely fine, the certificates look ok.... certificate chain is complete, and valid (all
CA certs are installed) and the certificates say "You have the private key that corresponds to this certificate".
If I do a LDAPS bind using LDP.exe, it works fine on the first DC.
Do this on the next and I get the error:
Cannot open connection
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to DCHostname.
After some checking I looked in the folder C:\ProgramData\Microsoft\Crypto\Keys
This contains a lot of files on the DC I was logged onto when installing the certs, and no files on any of the other DCs. I am guessing this is the private key file and it has stored all of them on the local machine I was running MMC from rather than
on the machines I connected to from MMC.
Is there any way to get these keys onto the correct DCs now - or will I have to re-request all of the others. The private key was not exportable.
I figured copying and pasting them was probably not going to work with a private key, but I tried it anyway just to be sure!
It is pretty annoying as no clue was given during the process of requesting and installing the certificates, and there is no error when you look at the certificate - they all think they have the private key associated to them, even though it rather looks
like they don't!
It's a bit painful requesting certificates here, so any help in avoiding this would be appreciated! Thank youThank you Elke,
So I copied the key files across from the server where they were all generated to the server I remotely connected to (which had no key files at all). Copied all just to be sure, though I’m
pretty sure which one actually relates to that server as I did them all in order - reflected by the time stamps.
Ensured all the permissions were the same, and that they were marked as ‘system’ files.
Ran the command
certutil -repairstore my [SerialNumber of cert]as
you suggested, but no luck unfortunately.
So firstly, I get the same error message:
Cannot find the certificate and private key for decryption.
CertUtil: -repairstore command FAILED: 0x80090010 (-2146893808)
And then I get:
CertUtil: Access denied.
Not sure why the access denied, I am running elevated with full local and domain administration rights.
Toby -
WLS 5.1 certificate issue: encrypted private key
My organization has acquired some certificates for use with WLS. However, the private
keys for these certs were inadvertently encrypted with a password. We have a mix
of 5.1 and 6.1 servers. We got the keys working with our 6.1 servers, but 5.1
is a little tougher. How can we use these keys with our 5.1 servers?I dont think 5.1 supports password encrypted private keys
Jason Norman wrote:
My organization has acquired some certificates for use with WLS. However, the private
keys for these certs were inadvertently encrypted with a password. We have a mix
of 5.1 and 6.1 servers. We got the keys working with our 6.1 servers, but 5.1
is a little tougher. How can we use these keys with our 5.1 servers? -
Private key password for Default DemoIdentity Keystore?
Hi
I am trying to Configure SSL in ALSB. I have created the PKI Credential mapping for the Default DemoIdentity Keystore
But it is asking for the password to access the Keypair.
The document states that i need to provide the password set during the creation of the keystore
but as i am using the default keystore i dont know where to look for the password.
Error :
[Security:090809|The key pair could not be retrieved from the keystore with the supplied alias demoidentity and its password
I tried using the KeyStorePassphrase but it didnt help me much ..
Can any one help me on this?
Regards
AnushaJay is right
To be more precise you can use something like
keytool -list -keystore ${wl_home}/server/lib/DemoTrust.jks -storepass DemoTrustKeyStorePassPhrasewhich leads to the following output
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 4 entries
certgenca, Mar 22, 2002, trustedCertEntry,
Certificate fingerprint (MD5): 8E:AB:55:50:A4:BC:06:F3:FE:C6:A9:72:1F:4F:D3:89
wlsdemocanew2, Jan 24, 2003, trustedCertEntry,
Certificate fingerprint (MD5): 5B:10:D5:3C:C8:53:ED:75:43:58:BF:D5:E5:96:1A:CF
wlsdemocanew1, Jan 24, 2003, trustedCertEntry,
Certificate fingerprint (MD5): A1:17:A1:73:9B:70:21:B9:72:85:4D:83:01:69:C8:37
wlscertgencab, Jan 24, 2003, trustedCertEntry,
Certificate fingerprint (MD5): A2:18:4C:E0:1C:AB:82:A7:65:86:86:03:D0:B3:D8:FEThe following list provides the location and passwords of the demo certificates:
Trust store location: ${WL_HOME}/server/lib/DemoTrust.jks
Trust store password: DemoTrustKeyStorePassPhrase
Key store location: ${WL_HOME}/server/lib/DemoIdentity.jks
Key store password: DemoIdentityKeyStorePassPhrase
Private key password: DemoIdentityPassPhrase -
SSL: how to use Multiple Private key/Certificate pair for authentication.
Hi all,
i am implementing SSL in java using X509 Certificate/private key combination.
i have two set of private key/certificate pair.
one is factory default and another is generated at run time.
my problem is to try ssl connection with both pairs on same tcp/ip connection.
e.g. on server side: first try ssl connection with factory default certificate, if it fails try connecting with generated certificate on same tcp/ip connection.
on client side: if generated certificate(this certificate was generated at server side) is present first perform server authentication using this certificate otherwise authenticate server with factory default certificate.
can someone please help and let me know how do i need to configure both ends(client and server) for achieving the same.
Thanks In Advance
Saurabh AhujaClient code does not contain any default truststore and needs a certificate for authentication.Of course it does. OpenSSL has a way of doing that: some kind of equivalent for the truststore. None of the stuff you've posted here about generating certificates at runtime has any bearing on that problem.
It's like this. The idea of PKI with SSL is as follows:
- the server has a private key and a signed certificate. Preferably it's signed by a CA that the client already trusts, otherwise if it's self-signed it has to be exported from the server's keystore and imported into the truststores of all the clients.
- the client has a truststore that trusts the server, one way or the other, see above.
- the server's private key is private to it. Nobody else has it. Nobody else can ever get it. If it ever leaks, the server is compromised, and server authentication via that private key now means absolutely nothing. You have lost security.
- the server sends its cert to the client along with a digital signature signed by its private key.
- the client (a) decides whether it trusts the cert, via its truststore, and (b) verifies the digital signature, which establishes that the server owns the certificate.
At this point the server is authenticated to the client and the SSL connection is open. It can now be used as an ordinary socket connection.
If you want client authentication too, you need all the above in reverse as well, i.e. reading server for client and client for server throughout. Note particularly that each client must have its own private key. Otherwise the private key isn't private, so signing something with it doesn't establish ownership, so client authentication isn't valid.
You need to understand all this stuff and relate it to the apparently broken security design of your application. Generating a private key and a certificate at runtime is complete nonsense within the context of PKI and SSL. It proves nothing, establishes nothing, authenticates nothing; it just wastes time. -
SFTP adapter(file path for private key)
Guys,
Can anyone help me in uderstand usage of file path for private key in SFTP adpter, who would provide this key file.
When this file is kept on Transaction AL11 is this format specifc? only .ppk files should be kept.
Should i ask my FTP vendor for this key file ? is it script or something like that . everytime my file is picked up from my mentioned directory what does this private key option searched for?
Appreciate your thoughts in this..
Regards
ChaithanyaHey,
SFTP is not supported by XI / PI , Supports FTPS - FTP with SSL.
Check this Links,
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51?overridelayout=true
http://help.sap.com/saphelp_nw04/helpdata/en/e3/94007075cae04f930cc4c034e411e1/frameset.htm
Cheers
Agasthuri -
Cannot export private key: "key not valid for use in specified state"
Hi,
This is a bit of a long story but I hope someone can give us some guidance.
We use authentication certificates issued from our own Enterprise CA to control user and machine authentication via RADIUS/NPS for our wireless network. Certificates are deployed via group policy/autoenrollment. In general this works well but
we have an intermittent problem where user authentication stops working for a user who was fine before. The user certificate looks OK via Certmgr (shows as valid, shows that there is a private key associated with the certificate). The NPS server
logs show that the machine has been authenticated and granted access, but the user in this situation doesn't show up in the server logs at all.
The only solution in this case is to connect to the wired network and request a new certificate for the user (either via certmgr or just by deleting the duff cert and logging off/on again to get the cert via autoenrollment).
The interesting thing is that while a "working" certificate can be exported with no problem, a duff certificate cannot be exported with its private key, giving the error "key not valid for use in specified state". (Obviously the certificates
come from the same template, and the key is not marked unexportable). The key files are present in %userprofile%\Appdata\Roaming\Microsoft\Crypto\RSA and the user permissions on these files look correct.
After much searching of the forums I tried running certutil-repairstore on the duff certificate and that also returned the same error. I also tried an undocumented switch Certutil -user -key -v and again, got a very similar error "Loadkeys returned
key not valid for use in specified state. 0x8009000b (-2146893813)".
I'm assuming that the fact that the key is unexportable/corrupt is also the reason why the certificate can no longer be used for authentication.
Does anyone have any clues as to what might be causing this, and/or if a certificate with a key in this state can be repaired?
Thanks!I can just share an experience I once had that was somewhat similar:
In this case certificates could sometimes not be enrolled and the CSP came up with a related error message.
The root was the software / driver (?) for a hardware dongle required to run some software. This "driver" added a registry key to the list of CSPs (under these HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider - but I have seen this with
XP, so the exact location might be different now).
This fake CSP entry that had quite a weird name effectively broke other CSPs. After removing the access to / generation of keys worked fine.
So it would be interesting to know if you run some software that is "close to CSPs or cryptography".
Elke -
Hello everyone,
I'm trying to upgrade a WLS 6.1 SP2 with WLP 4.0 SP2 instance to WLS 7.0 SP2
with WLP 7.0 SP2. Everythng is fine except for that we cannot use the same
SSL certificate. By defaul the private key is not encrypted with password
(SSL.KeyEncrypted = false by default, according to the documentations) in
both WLS 6.1 and WLS 7.0. But running WLS 7.0 startup script results the
following error:
<Sep 17, 2003 5:06:40 PM HST> <Alert> <WebLogicServer> <000297>
<Inconsistent se
curity configuration, java.lang.Exception: Cannot read private key from file
C:\
bea7\user_projects\agencyPortal\portal_islandinsurance_com-key.der. Make
sure pa
ssword specified in environment property weblogic.management.pkpassword is
valid
.>
java.lang.Exception: Cannot read private key from file
C:\bea7\user_projects\age
ncyPortal\portal_islandinsurance_com-key.der. Make sure password specified
in en
vironment property weblogic.management.pkpassword is valid.
at
weblogic.security.service.SSLManager.getServerPrivateKey(SSLManager.j
ava:434)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:153)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1513)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:852)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:295)
at weblogic.Server.main(Server.java:32)
Is this happening because the private key is actually encrypted with the
password? It was working, although the KeyEncrypted is not set to true and
the startup script for WLS 6.1 instance did have a line
with -Dweblogic.management.pkpassword. Or could this error be result of
something else? The physical machine the instances are located is the same
and IP address and the DNS entry hasn't been changed, either.
Any insight will be greatly appreciated. Thanks!
MakotoThanks Tony - it worked!!
"Tony" <TonyV> wrote in message news:[email protected]...
It may be because the private key is both unprotected and in DER format.
There are some things to try:
1) Convert the private key file from a DER file to a PEM file and try
that:
a) Follow the for converting an unprotected private key at:
http://e-docs.bea.com/wls/docs70/adminguide/utils.html#1143743
b) Look at the resulting PEM file, it should look something like
this:
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
(Be sure there is no extra lines or whitespace after thefooter)
>
c) Change your configuration to point at the PEM file
If that doesn work, then you can try protecting the key with apassword
using
the wlkeytool utility (It should be in the server/bin directory). The
tool should prompt
for a password to use to protect it:
wlkeytool inputkey.pem outputkey.pem
Then change your configuration to use the protected private key, andset
the passwod to use.
Tony
"Makoto Suzuki" <[email protected]> wrote in message
news:[email protected]...
Hello everyone,
I'm trying to upgrade a WLS 6.1 SP2 with WLP 4.0 SP2 instance to WLS 7.0SP2
with WLP 7.0 SP2. Everythng is fine except for that we cannot use the
same
SSL certificate. By defaul the private key is not encrypted withpassword
(SSL.KeyEncrypted = false by default, according to the documentations)in
both WLS 6.1 and WLS 7.0. But running WLS 7.0 startup script resultsthe
following error:
<Sep 17, 2003 5:06:40 PM HST> <Alert> <WebLogicServer> <000297>
<Inconsistent se
curity configuration, java.lang.Exception: Cannot read private key fromfile
C:\
bea7\user_projects\agencyPortal\portal_islandinsurance_com-key.der. Make
sure pa
ssword specified in environment property weblogic.management.pkpassword
is
valid
.>
java.lang.Exception: Cannot read private key from file
C:\bea7\user_projects\age
ncyPortal\portal_islandinsurance_com-key.der. Make sure passwordspecified
in en
vironment property weblogic.management.pkpassword is valid.
at
weblogic.security.service.SSLManager.getServerPrivateKey(SSLManager.j
ava:434)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:153)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1513)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:852)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:295)
at weblogic.Server.main(Server.java:32)
Is this happening because the private key is actually encrypted with the
password? It was working, although the KeyEncrypted is not set to true
and
the startup script for WLS 6.1 instance did have a line
with -Dweblogic.management.pkpassword. Or could this error be result of
something else? The physical machine the instances are located is thesame
and IP address and the DNS entry hasn't been changed, either.
Any insight will be greatly appreciated. Thanks!
Makoto -
In the midst of an apocalyptic SSL install in 10.4 server. Currently, I am trying to install a wildcard cert via Server Admin, which may have been a mistake. After smashing my head for a week, I tried a new tack and rebuilt the system keychain and attempted to install the certificate; this failed at the level of Server Admin. However, in Keychain Access I am showing the SSL cert, public and private keys, and the CA's cert, all valid.
Since I know of no other way to do get KA talking to SA so that I can actually use this certificate, I am trying to export the valid certs and keys to import. My problem is this, the certs and public key export fine, the private key fails returning an error of Unable to Export CLINTERNALERROR. I double checked that root is enabled in netinfo. Any ideas on how to rectify this?I believe you have to run Keychain Access as root to export the private key.
sudo /Applications/Utilities/Keychain Access.app/Contents/MacOS/Keychain Access
Maybe you are looking for
-
Duet has encountered an error during Approve , Reject Reassign the workflow
Hi, We have implemented DUET with two scenario (LEMA & WOMA) in our organization. When try Approve , Reject or Reassign the Duet work flow Item Duet has encountered an error . The scenario was working fine earlier. Suddenly the error has start comin
-
How to get report for deleted line items from sales orders
Dear FRIENDS, please infirm the t.code or report for viewing the deleted line items from sales ordrers. Kindly do the neeedful. regards, N.M.PAWAR
-
Ease-in ease-out weirdness in motion tab FCP
I've been doing a lot of animating stills in FCP by keyframing SCALE and CENTRE in the MOTION TAB of the VIEWER. I discovered the EASE-IN and EASE-OUT options by control-clicking the end key frames, but when I play back the animated clip, it does the
-
Having sync problem with google calendars I deleted the Caldav account. But I got an error message saying that the process could not be completed. The result is that some calendars were not removed and even worse I do have some events without calenda
-
Good Morning This code compiles fine: IF v_status_code = '3' THEN INSERT INTO CRAM_STG (ID, ITEM_NO, CHGNBR, UI, SUPPLYACTIONCODE, QTY, ACCT, RECEIPTDATE, REQUISITIONDATE, PROCESSDATE) VALUES ( to_char(sysdate,'YYMMDDHH24MISS') || test_seq.nextval, n