Problem with W-8BEN certificate (TAX part II)

Similar Messages

• There is a problem with the security certificate of the proxy server. Error code 18 and 38.

  Hi All,
  After several hours and a short night of sleep I'm out of ideas and hopefully someone here can help me trying to solve this one. First of all the situation:
  Exchange 2013 on a remote location with a CA-certificate.
  Outlook 2010 and 2013 on different locations, locally installed and on RDS.
  When I open Outlook on my laptop all is fine, no errors, good sync, no problem. But when I open Outlook on our Remote Desktop Servers with Outlook 2013 I'm getting errors like "There is a problem with the security certificate of the proxy server. The
  name on the security certificate is invalid or does not match the name of the site. Outlook is unable to connect to this server. (Error code 18)". Opening Outlook 2010 the message is the same, but the error code now is 38.
  After this Outlook opens and is working, there's one more error though. After a while an security warning pops up with the message: "Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the
  site's security certificate. * The security certificate was issued by a company you have not chosen to trust. View the certificate to determine whether you want to trust the certifying authority. * The security certificate is valid. * The name on the security
  certificate is invalid or does not match the name of the site."
  Strangest thing is, it is the certificate of my RDS! It isn't my valid en officially bought certificate from my mailserver. What's going on? I'm out of options, what I've tried so far (in random order):
  - restarting mailserver and AD;
  - restarting switches;
  - restarting routers;
  - restarting RDS, AD and all other servers;
  - bypassed proxyserver for RDS;
  - created a new profile;
  - checked recently installed updates;
  - checked certificate on mailserver;
  - checked RDS on a different location, working fine.
  Nothing helped, what can I do next? Please advice.
  Regards.

  Found a thread that solves half my problem (https://social.technet.microsoft.com/Forums/office/en-US/70d18244-889a-4d95-ac3f-e234672a82b2/there-is-a-problem-with-the-proxy-servers-security-certificate-error-when-starting-outlook?forum=exchangesvrclients).
  The first message can be suppressed by adding this to the Exchange config:
  set-outlookprovider -Identity EXCH -CertprincipalName msstd:webmail.domain.tld
  set-outlookprovider -Identity EXPR -CertprincipalName msstd:webmail.domain.tld
  Giving the command get-outlookprovider, gives me empty information regarding the certprinipalname. Filled
  this and after recreating the profile or deleting the ost-file I still have the second alert with the local certificate of my RDS.
  Not completely where I want to be, any help regarding the second alert is greatly appreciated!

• I have a problem with downloading Indesign CS 6 part 1 (Mac) , it always stop downloading at 6.8MB !!!

  As the title has stated, I have a problem with downloading Indesign CS 6 part 1(Mac) , it always stop downloading at 6.8MB (out of 1.2GB). I tried restarting my mac, using different browser but it is always the same result... Any help???

  Try it from this site
  Download Adobe CS6 Trials: Direct Links (no Assistant or Manager) | ProDesignTools

• There is a problem with this connection's security certificate The remote computer cannot be authenticated due to problems with its security certificate. Security certificate problems might indicate an attempt to fool you or intercept any data you send

  Hi,
  I have this Windows 2008 R2 on which I installed remoteapp some years ago.
  Now the certificate expired and I get the message
  "There is a problem with this connection's security certificate
  The remote computer cannot be authenticated due to problems with its security certificate.
  Security certificate problems might indicate an attempt to fool you or intercept any data you send to the remote computer."
  How should I renew the certificate? I already went to certification store and tried to renew certificate with same key but then it says "the request contains nor certificate template information".
  Please advise.
  J.
  J.
  Jan Hoedt

  Does the computer account have Enroll permission to the certificate template?
  From the Server running your CA, run mmc, click File then Add/Remove Snap-in...
  Add Certificate Templates and click OK.
  Find the certificate template, then right click and select properties.  On my CA its call ed RemoteDesktopComputers but might be called something different depending on what what template your certificate is based on.
  On the security tab, click Oblect types, check Computers then OK. Enter the Computername and click OK.  Then give your computer account Enroll permisssion.
  HTH,
  JB

• I have a problem with my iPad, the "other" part of the capacity summary keeps growing like ****

  Dear all: I have a problem with my iPad, the "other" part of the capacity summary keeps growing like ****, every time I sync the iPad gets bigger and bigger. What is this "other" and what do I do to keep it from getting bigger? Thanks to all!

  Marcos,
  I did not try your trick, didn't see your post until after i visited the Apple store.  The tech at the genius bar did not know why my "Other" memory had grown so huge.  It was over 24GB, which only left me with 1 GB free on my 32GB iPad.   I had been loading and unloading video's yesterday thru itunes to try various compression settings.  I did not notice the other categrory growing until I tried to load a 3 GB movie file and it told me I was out of memory.
  I probably loaded and unloaded 30 different times, trying different compression settings.  In the process of doing this, it apparently loaded up the "Other: stuff.  To me it seems like recycle bin in windows, but no one knows how to free it up. 
  So here is what he did and it worked.  He reset the iPad.  Press and hold both the Sleep/Wake button and the Home button for at least ten seconds, until the Apple logo appears.  Then he hooked it up to itunes on his computer.  Fortunately I have everything backed up on my home computer.  When my iPad showed up on iTunes at the store, it showed the 24 MB of "Other" momentarily, then it reduced to about .7 GB giving me 24.5 GB free.  Resetting it seemed to do the trick, but he still could tell me how this is happening and how to prevent it. 
  I think I'll try to call someone at applecare to get an explanation, hopefully.

• Problem with revocked/expiring certificate

  certificate has been revocked 15 days before the expiration (do not know the reason)
  now i can not install any more the app to one of my devices and thats understandable
  but what it is not clear to me is what is going to happen to all the ipads where my app (with revocked/expiring certificate) is installed. .. can my users still open the app with the revocked/expiring certificate?
  thanks

  This cert was already installed was the message I received when I tried. It might be that there is a default list of certs that are added when Firefox is installed.
  This will tell you what version that it was added by default:
  [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/included/] via [https://docs.google.com/a/mozilla.com/spreadsheet/pub?key=0Ah-tHXMAwqU3dGx0cGFObG9QM192NFM4UWNBMlBaekE&single=true&gid=1&output=html]

• Problem with import of certificate for SSO into backend

  Hi all gurus!
  I'm trying to set up SSO (Single Sign On) between a customers portal and their backend system but have run into a problem I never have had to tamper with before. The customer has an CUA (Central User Administration) with SolMan (Solution Manager) as the central system and a R3 system as one of the children.
  The system Connection I have created is against the R3 system and here are my questions:
  Into what system shall I import the logon certificate I have exported from the portal, into SolMan or into R3?
  Do I have to restart the system after the import of the certificate into the proper system?
  Best regards
  Benny

  <b>Into what system shall I import the logon certificate I have exported from the portal, into SolMan or into R3?</b>
  The certificate has to be imported to the R3 System.
  <b>Do I have to restart the system after the import of the certificate into the proper system?</b>
  Once you are done with the import, you need to make sure that you click Add to ACL, to add the Portal Server to the ACL list. Then as mentioned by Martin, you need to set the profile parameters login/accept_sso2_ticket to the value 1 and if the application server should also be able to create logon tickets, set the profile parameter login/create_sso2_ticket to the value 1 or 2. <b>Then restart the R3 System.</b>
  Refer to for further information on SSO :
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/89/6eb8deaf2f11d5993700508b6b8b11/content.htm
  Hope that helps.
  Regards,
  Sunil

• Problems with my Distribution Certificate.

  Hi,
  My iPhone app is ready to roll and I can't get this distribution certificate to work. The developer certificate uses my name but the distribution certificate needs to be under my company name. Since that is my account name.
  So I requested a certificate from a certificate authority (no cert authorities were selected). I uploaded the file to to developer program portal. I approved the request and downloaded the certificate.
  It looks fine. It's name is iPhone Distribution: My Company name and it is issued by Apple worldwide relations blah blah blah.
  I then created and downloaded a distribution provisioning profile. By dragging it over iTunes.
  Now when I go into the Target info of my app I can only do one of two things. Choose the code signing identity for Any iPhone OS Device to be iPhone Distribution: but with no company name.
  Then in the code signing provisioning profile. I can choose the provising profile that I set up.
  If I enter the iPhone OS Device to be iPhone Distribution: My Company name then the provisioning profile is no longer selectable. I can enter it manually but I get a build error
  CodeSign error: no certificate found in keychain for code signing identity 'iPhone Distribution: My Company Name'
  Can someone please help me? It's driving me not so slowly insane.
  Thanks,
  Travis

  Yes my provisioning profile is in the directory, and yes the name matches exactly.
  Something I read somewhere and what I've tried is leaving the company name off and just entering iPhone Distribution:
  From what I can tell it does a search for certificates with these words. Since the only certificate for distribution is my company one then I think it has found it. I did a build and the keychain part appeared to work (it asked if my company wanted to allow access.)
  It also has the embedded.mobileplatform file.
  Do you think it worked even though I didn't put my company name in there?

• Problem with Track you work web part after installing November CU

  Hello!
  I have SP 2013 + PS
  After installing November CU in "Track you work" web part don't shown numbers of pending task updates or new task... any numbers at all, inspite of zero. So, if user doesn't have any task updates for approvement, he see "Approvements:0 Pending",
  but if he does, he see only "Approvements:".
  The same with Tasks.
  Is it a bug or I do something wrong? Any help is really appreciated!
  Thanks...
  Kate.

  Hello, DaddyPaycheck,
  The USBPre is powered by the USB bus, and it is plugged directly into the MacMini.
  The screws remain in hiding. I'm amazed that I didn't find them on the motherboard or something like that. If they don't turn up fairly soon, I'll try to get replacements from an Apple service center. And I'll make sure I have a better small screwdriver.
  I just did a test with Audacity for OS X and Cool Edit for Windows. I opened files that give me the meter problem in Peak and removed the DC Offset. When I opened the files I had modified in Audacity and Cool Edit, Peak metered the sound correctly. Somehow Peak is sensitive to something in the file that does not bother the other apps, and when the other apps have adjusted the DC Offset, Peak is happy. Peculiar.
  I'm thinking about recording with Audacity now instead of Peak. I'm still concerned that something is wrong, though, since I don't understand the problem.
  -Vinyl_Man

• Win2K problem with self-signed certificate ?

  Hi all,
  We've got a self-signed application that works perfectly well under NT4. Once Webstarted under Win2K, it is correctly downloaded but does not display the warning dialog regarding the certificate installation (like it does in NT4). When the application starts, there's no activity expect the webstart splash.
  Does anyone know the problem ?
  Thanks
  Vince

  I had a similar problem (and solution) on NT 4.0: the splash
  screen would come up, but that was it. Uninstalled, reinstalled,
  emptied out cache and .javaws directories all to no avail.
  When I checked the .cfg file, there were duplicated entries for
  the jre. I ended up deleting these, and replacing them with the
  path to the jre I used for development, and knew was good. It
  worked fine. I think I had a dodgy jre installation that JWS had
  found and was trying to use as its default.
  Good luck.
  John

• Win2k3 AD problem with autoenrolled Server Certificate

  Hi there
  I was running into some problems using an SSL connection to our company active directory server on the win2k3 plattform. During the SSL Handshake, the AD sends his CertificateChain in which the Server Certificate has marked the alternateSubjectName as critical (inside it is actually the FQDN). Because the RFC says, that all extended fields marked as critical should be known and java 1.5 ssl implementation doesn't, the SSL connection will hang up before the handshake has been made.
  Because the AD's certificate was enrolled automatically and my administrator isn't willing to change the certificate, i hung on this problem now for several days.
  How can I avoid that this field is unknown an will generate an exception? Do I really have to implement my own PKIXCertPathChecker to do a workaround? Any suggestion is welcome.
  Ah and if someone is interested what I am doing: I am using Spring LDAP to do a usermanagement software which has the focus on creating, locking and deleting users. In advance it must be possible to set any password within an administrator account. Spring LDAP is built up on (as far as I know) JNDI.
  The field marked as critical is:
  [5]: ObjectId: 2.5.29.17 Criticality=true
  SubjectAlternativeName [
  [DNSName: server.domain.com]]and the exception (from the ssl debug log):
  http-10001-1, SEND TLSv1 ALERT:  fatal, description = certificate_unknown
  http-10001-1, WRITE: TLSv1 Alert, length = 2
  [Raw write]: length = 7
  0000: 15 03 01 00 02 02 2E                               .......
  http-10001-1, called closeSocket()
  http-10001-1, handling exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate contains unsupported critical extensions: [2.5.29.17]
  user.SaveAction:persistIfValid() - Unknown error while perstisting object:Unable to communicate with LDAP server; nested exception is javax.naming.CommunicationException: simple bind failed: server.domain.com:
  636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate contains unsupported critical extensions: [2.5.29.17]]

  hi adler_steven
  thanks for your advice. I already read those threads some days ago but nothing helped me. I still got the error because of this subjectAlternativeName field. I tried to write an own implementation of PKIXCertPathChecker which can handle the 2.5.29.17 extension. But I cannot hang in the code where i need it (only possible if I overwrite some JNDI classes which I try to avoid because of future updates!). My last hope is now to implement my own SSLSocketFactory.
  Or does someone of you know how to make an SSLContext static? ;-)
  [edit]
  Chronology of my SSL handshake:
  -- Client Hello
  -- Server Hello, Certificate, Certificate Request, Server Hello Done
  -- Client tries to read the Certificate chain from the server, fails because of unknown extension and sends back an Alert (Certificate Unknown) <-- which is a little bit confusing, because in my official exception is written as javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate contains unsupported critical extensions: [2.5.29.17]
  [edit]
  Edited by: AnAnAsbAnAnAshAkAr on Oct 11, 2007 8:55 AM

• Problem with Require Client Certificate on on IPlanet 6.0 server

  I installed client certificate. When I connect to the server using browser, I get following error........
  You are not authorized to view this page
  You might not have permission to view this directory or page using the credentials you supplied.
  How can I run the server in Verbose mode and see exactly why this error.
  Default error file does not have any information about this rejection.
  Thanks
  Krishna

  The message is cut and paste of what client (IE) shows on the browser.
  But the Server does not show any thing in it;'s log. I don't see any activity. I have Log Verbose On.
  If I change the client certificate on to off it works fine.
  The problem is only when the client certificate is on.
  The client certificate is created using Iplanet Certificate Server as well the server certificate also generated using Iplanet Certificate Server.
  In this case I am not trying to authenticate user in the client certificate just the client certificate is valid or not.
  Thanks for the reply.
  Regards
  Krishna

• SOAP Receiver: Problem with SOAP Multipart Request (wsdl:part)

  Dear PI experts,
  our partner provided a WSDL with the following definition (I modified it to keep it simple and showing the principles)
     <wsdl:message name="nameOfMessage">
        <wsdl:part element="part1" name="header" />
        <wsdl:part element="part2" name="parameters" />
        <wsdl:part element="part3" name="attachment" />
     </wsdl:message>
  After importing this WSDL in ESR, I found the following definition on tab 'WSDL':
           <xsd:complexType name="nameOfMessage">
              <xsd:sequence>
                 <xsd:element name="header" type="authentication" />
                 <xsd:element name="parameters" type="businessDatal" />
                 <xsd:element name="attachment" type="Binary" />
              </xsd:sequence>
           </xsd:complexType>
  When creating the request message in PI it looks as follows:
  <nameOfMessage>
  <header/>
  <parameters/>
  <attachment/>
  </nameOfMessage>
  However our WebService provider expects the following:
  <soap:env>
  <authentication/>
  <parameters/>
  <attachment/>
  </soap:env>
  When using SoapUI and importing the WSDL the request message looks as expected by the web service provider and the part names are resolved.
  I could try to convert the request using XSLT but this does not seem to be a best practice approach.
  Do you have any advice on how to handle this issue?
  Thank you very much.

  Hi Florian,
  I modified some WS to be handled by another systems, and sometimes, when the SOAP adapter is involved, you send a Request to PI (that has NOT the same structure, than the declared in the MM) but it takes the req. anyway.
  Did you try sending a request?
    Juan.

• Problems with mail server certificates

  Hi,
  i have problems accessing my mail server over ssl since I upgraded from Lion to Mountain Lion.
  The problem is, that when i try to connect to my mail server Mail stops working (and so does Safari and Keychain access).
  I tryed to add my servers certificate to Keychain manually. When i drag the certificate to Keychain it shows up in Certificates, but when i try to set 'Allways trust' the application stops responding (and after that Mail won't send or receive anything and Safari wont load anythin until i restart the Mac).
  Firefox is working without problems (webmail access which uses same certificate), even when Safari and Mail stop working.
  Any idea what to do?

  I found that the problematic process is "ocspd". If you force quit it, the applications continue to work.
  It seams that Apple has a bug here.

• Problem with Generate a certificate and Key

  I have a Cisco S370 and generated a certificate Key to block HTTPS pages.
  I require a CA signs the certificate generated by the Cisco S370, but the CA returns me an error and asks the key is changed to 2048, but I have no option to do this in the GUI, look in the CLI but can not find any option to change the HTTPS certificate key 2048
  You can change the certificate that was generated by the WSA S370 to 2048

  In addtition to Kush's response, we had a similar thread in the past. Please refer to:
  https://supportforums.cisco.com/message/3900340?referring_site=bss&channel=bdp#3900340
  Also, please note it would be advisable to refer to this Feature Request using Cisco Bug ID CSCzv70884 instead of
  86121.
  You can search for Bug IDs using Cisco Bug Search Tool :
  https://tools.cisco.com/bugsearch/
  From this tool, you can not only obtain info about the bug but also open TAC cases and Save the bug so you can get updates.
  Regards,
  -Valter