Problems trusting certificates from other users

Similar Messages

• I loaded microsoft office on my mac airbook. I have no problem accessing it from my user. When the other log on user is clicked the software icons are not avauilable. How do I have any user on my airbook have access. i.e. my wife

  I loaded microsoft office on my mac airbook. I have no problem accessing it from my user. When the other log on user is clicked the software icons are not avauilable. How do I have any user on my airbook have access ? . i.e. my wife

  Greetings Niel
  I was able to copy down the Word, Excel and PowerPoint icons and access "however" when I exit out of the guest user it deletes them from the tool tray at the bottom.... I need them to stay there not have to copy them down..
  Can you still assist?

• Weblogic Start script fails while Loading trusted certificates from jks

  Hi,
  I have a Weblogic Portal 10.3.2 installation on a Solaris Unix box. There is one Admin server and two Managed servers. I am trying to deploy an EJB based application on one of the Managed servers. Note that this application has been working fine in the Weblogic 9.2 environment.
  When the Managed Server is started, I get the below messages in the Weblogic console log. We have an internal SSO authentication system, which is integrated with this application. When this integration is removed, we are able to login to the application without any issues. When it is turned on, the redirection from SSO to the application fails - most likely because of the below SSL related errors.
  I have accessed the below link and accordingly set the property -Dweblogic.ssl.JSSEEnabled=true. But it didn't help.
  http://justasg.blogspot.com/2012/04/tlsssl-certificate-errors-and-warnings.html
  Please let me know if you have any suggestions.
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /data/applications/norkom/BEA103/wlserver_10.3/server/lib/DemoTrust.jks.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /opt/jdk1.6.0_32/jre/lib/security/cacerts.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=Entrust Root Certification Authority - G2,OU=(c) 2009 Entrust\, Inc. - for authorized use only,OU=See www.entrust.net/legal-terms,O=Entrust\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=thawte Primary Root CA - G3,OU=(c) 2008 thawte\, Inc. - For authorized use only,OU=Certification Services Division,O=thawte\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "OU=Security Communication RootCA2,O=SECOM Trust Systems CO.\,LTD.,C=JP". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=VeriSign Universal Root Certification Authority,OU=(c) 2008 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=KEYNECTIS ROOT CA,OU=ROOT,O=KEYNECTIS,C=FR". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Jun 4, 2012 4:51:59 PM MEST> <Error> <Server> <BEA-002606> <Unable to create a server socket for listening on channel "DefaultSecure[1]". The address 127.0.0.1 might be incorrect or another process is using port 7022: java.net.BindException: Address already in use.>
  <Jun 4, 2012 4:51:59 PM MEST> <Error> <Server> <BEA-002606> <Unable to create a server socket for listening on channel "DefaultSecure". The address 10.228.12.24 might be incorrect or another process is using port 7022: java.net.BindException: Address already in use.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 10.228.12.24:7020 for protocols iiop, t3, ldap, snmp, http.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Server> <BEA-002613> <Channel "Default[1]" is now listening on 127.0.0.1:7020 for protocols iiop, t3, ldap, snmp, http.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <WebLogicServer> <BEA-000332> <Started WebLogic Managed Server "NCA_Server" for domain "norkom" running in Development Mode>
  <Jun 4, 2012 4:52:01 PM MEST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING>
  <Jun 4, 2012 4:52:01 PM MEST> <Notice> <WebLogicServer> <BEA-000360> <Server started in RUNNING mode>
  <WSEE:27>Warning: JMS queue 'weblogic.wsee.DefaultQueue' is not found, as a result, Web Service async responses via jms transport is not supported. If the target service uses JMS transport, the responses will not be able to come back.<JmsQueueListener.connect:287>
  <WSEE:27>Warning: JMS queue 'weblogic.wsee.DefaultQueue' is not found, as a result, Web Service async responses via jms transport is not supported. If the target service uses JMS transport, the responses will not be able to come back.<JmsQueueListener.connect:287>
  <WSEE:27>Warning: JMS queue 'weblogic.wsee.DefaultQueue' is not found, as a result, Web Service async responses via jms transport is not supported. If the target service uses JMS transport, the responses will not be able to come back.<JmsQueueListener.connect:287>
  <WSEE:27>Warning: JMS queue 'weblogic.wsee.DefaultQueue' is not found, as a result, Web Service async responses via jms transport is not supported. If the target service uses JMS transport, the responses will not be able to come back.<JmsQueueListener.connect:287>
  <WSEE:27>Warning: JMS queue 'weblogic.wsee.DefaultQueue' is not found, as a result, Web Service async responses via jms transport is not supported. If the target service uses JMS transport, the responses will not be able to come back.<JmsQueueListener.connect:287>
  <WSEE:27>Warning: JMS queue 'weblogic.wsee.DefaultQueue' is not found, as a result, Web Service async responses via jms transport is not supported. If the target service uses JMS transport, the responses will not be able to come back.<JmsQueueListener.connect:287>
  Note: We have another Solaris Unix box, with the same installation of Weblogic with the same SSO redirection, but another EJB application is deployed. Also, there is no Managed and the application is deployed on the Admin server itself. But when the server is started, I don't see any attempts to load any certificates and also there are no issues.
  So either please suggest how this certificate loading can be rectified or suggest a way to disable the certificate loading (if at all its an option).
  Please let me know if you need any further details.

  Firstly,
  938767 wrote:
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /opt/jdk1.6.0_32/jre/lib/security/cacerts.>
  <Jun 4, 2012 4:51:59 PM MEST> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=Entrust Root Certification Authority - G2,OU=(c) 2009 Entrust\, Inc. - for authorized use only,OU=See www.entrust.net/legal-terms,O=Entrust\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>I don't think that this will be your problem... Unless you are actually using some of those certificates you can ignore those messages.
  But the following looks suspicious, I guess 7022 is your SSL port...
  <Jun 4, 2012 4:51:59 PM MEST> <Error> <Server> <BEA-002606> <Unable to create a server socket for listening on channel "DefaultSecure[1]". The address 127.0.0.1 might be incorrect or another process is using port 7022: java.net.BindException: Address already in use.>
  <Jun 4, 2012 4:51:59 PM MEST> <Error> <Server> <BEA-002606> <Unable to create a server socket for listening on channel "DefaultSecure". The address 10.228.12.24 might be incorrect or another process is using port 7022: java.net.BindException: Address already in use.>Hope that helps.
  Cheers,
  Vlad
  Give points - it is good etiquette to reward an answerer points (5 - helpful; 10 - correct) for their post if they answer your question. If you think this answer is helpful, please consider giving points.

• Trusted certificates from your previous version of Adobe Reader were found.

  After upgrading Adobe Reader from 10 to 11, some users are getting "Adobe Reader Security - Trusted certificates from your previous version of Adobe Reader were found.  Would you like to import them."  I need to know what registry settings we can modify to either set this automatically to "Import" or "Use Default"  I need to add one of these options into our Adobe Reader Settings GPO that is using group policy preferences.  This only appears for users who have data in C:\Users\%username%\AppData\Roaming\Adobe\Acrobat\10.0\Security and only the very first time the user opens Adobe Reader after the upgrade per user profile on a given server.

  I'm not sure this is true: "If they don't exist then there is no dialog. " Could be, but I've never heard of it.
  However, acrodata files perform a number of functions for several features, so removing them is unwise. Also, they will just come back when a user exercizes certain features.
  Better to just turn off the feature with the supported preference.
  Ben

• How to backup files from other user logged in as administrator

  RE: How to backup files from other user logged in as administrator AND/OR how to repair drive with "Invalid catalog PEOF"
  Hello,
  My MacBook Pro computer’s hard drive is not booting.
  I booted with the base operating system and ran Disk utilities and I got the following messages:
      Invalid catalog PEOF
      The volume could not be verified completely.
      This disk needs to be repaired.
      Disk utility can’t repair this disk. Backup as many files as possible, reformat the disk,
      and restore your backed-up files.
  The problem is that I have a couple of USERS set up on this computer, and it won’t let me backup the files of the second user.  The folders are locked and I can’t access them, even though I am logged in as the administrator.
  I made a boot disk on my other computer ( a MacPro Early 2008 ) desktop computer with the DiskWarrior 4.4 updater,
  but it won’t boot on my MacBook Pro.
  How can I backup these user files so that I can copy them back once I fix the drive?
  or better yet,  How can I repair the Invalid catalog PEOF on this drive?
  Thank you in advance for your time! 
  Bill
  THIS IS THE COMPUTER
  ================
  17” MacBook Pro 2.8GHZ 4GB Ram (purchased in 2009).
  Model: A1297
  Running Mac OSX 10.9.5

  Try using Disk Utility/Restore to copy the backup to a new location. Please note that this will reformat the destination partition which will erase all data.
  Do a backup. Boot to the Recovery Volume (command - R on a restart or hold down the option/alt key during a restart and select Recovery Volume). Run Disk Utility Verify/Repair and Repair Permissions until you get no errors.  Reformat the drive using Disk Utility/Erase Mac OS Extended (Journaled), then click the Option button and select GUID. Then re-install the OS.
  OS X Recovery
  OS X Recovery (2)
  When you reboot, use Setup Assistant to restore your data.

• Provide steps to send Root CA certificate to the Lync client, getting error" There was a problem verifying certificate from the server"

  Hi,
    I Build an Lync 2013 set up with FEpool, Director pool and Exchange server is integrated. I have windows 8 client machine, with Lync client installed. When I try to login to the lync client, I am getting error like"There was a problem verifying
  certificate from the server".
  When I installed ROOT CA cert  manually on client machine I am able to login to the lync client. similarly if I add my client machine in my domain, I am able to login to the Lync client.
  Now is there any other way to send the certificate automatically to the client machine (Which are NOT part of the DOMAIN) from the server, instead of manual installation process.
  Please help me troubleshoot this problem

  Agree with S Guna, there is no easy way to push a certificate automatically to a client that you don't control other than building an installer package and asking them to run it.  In this situation, if there are a lot of non-domain joined machines
  a third party certificate is the way you need to go.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• Using the Import utility from other users and going to a different schema

  I has a user today with rights
  Insert into XXXX.TABLE values(); Works just fine for another schema's table which has select,insert,update,delete.
  We tried to utiile the import utility from OTHER USERS
  Insert failed ORA-00942
  Do you want ot ignore all errors
  Even though we have rights to the schema under OTHER USERS.
  When connected as the owner it works fine.

  I've be trying to find a work-around to this issue & found this old post -- I'm having the same problem.
  I'm using Oracle 11g and SD 2.1.1.64.
  I have user A with a table that grants select,insert,update, and delete privs to user B. Logging into user B I, of course, can do inserts, deletes, etc. on the the table in user A's schema.
  When I use the import data feature to load data from a CSV file I can't get it to work while logged into user B. It does work fine if logged into user A. It looks like the issue may be that it doesn't put the schema prefix of "A." on the insert statements.
  Has anyone found a way to get around this issue yet?

• Sound output from other user accounts

  It used to be that I would hear sounds from other logged-in user accounts; I'd hear my wife's new mail arrival sound, I'd hear her Skype ringing when calls were coming in, etc. I also used to be able to play iTunes in one account, fast-user-switch to another, and the music would still play.
  This has all gone away recently. I'm not exactly sure but I think it coincided with the 10.4.4 update.
  This is a big concern because my wife was used to hearing her incoming Skype calls ringing when I was using the Mac, but now she misses all her calls if someone else is logged in!
  I haven't found any other mention of this in any forum. Is this just me having this problem? Any way I can fix it?

  Okay, I just got off the phone with Apple support and they say that sound outputting from other user accounts was a "bug" that has now been "fixed." They said that this was patched sometime between the 10.4.3 and 10.4.4 updates. I'm surprised to hear that you are having this problem in 10.4.2 because I'm sure it worked for me under 10.4.3 at some point. None of the security updates released under either 10.4.3 or 10.4.4 make any mention of this patch.
  Apple support says that there's no preference for this setting and we've just got to live with it now.
  This is so irritating! I've got my Skype ring tone, she's got hers, and we'd hear it ringing and know who it was for no matter who was logged in. Now that functionality is busted, and when one of us is logged in the other misses all the calls, and if one of my kids is logged in then both of us miss our calls! I can't believe Apple considers this "bug" to be "fixed".
  There's got to be a way around this; maybe by using the "defaults write" command or something? That command sets a lot of preferences that Apple claims are not user-settable.
  eMac   Mac OS X (10.4.4)  

• Hide Site's profile from other users

  Hello Everyone,
  First, I know this is an odd question for a social feature in SP.  However I need to ask.
  Is there a way to hid a Site profile from other users in SP 2013?  Just like I can hide someone from the GAL in Outlook I want to be able to hide someone's Site profile.  For example, I have a user that created a Site profile but
  does not want anyone in the organization to see his profile.
  Thanks for any feedback....

  Hi  ,
  According to your description, my understanding is that you want to hide a user’s user profile property from other users in SharePoint 2013.
  For achieving your demand, you can modify the “ShowHide” Boolean field of the user profile using PowerShell script as below:
  $context =Get-SPServiceContext -Site http://mysite
  $upm =New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($context)
  $up =$upm.GetUserProfile("Domain\UserName")
  $up["ShowHide"].Value
  This returns True if its checked and False for uninitialized and unchecked.
  Update the value in PowerShell with:
  $up["ShowHide"].Value= $true
  $up.Commit()
  Reference:
  http://sharepoint.stackexchange.com/questions/77091/show-hide-and-change-user-profile-properties
  Thanks,
  Eric
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support,
  contact [email protected]
  Eric Tao
  TechNet Community Support

• How do I hide my mailbox and mail contents from other users, leaving other functions of my iMac accessible?

  How do I hide my mailbox and mail contents from other users, leaving other functions of my iMac accessible?

  You don't have to shut down the computer to switch accounts. All you do is click the Apple symbol in the upper left and choose Log Out and that's it. You can also set up Faster User Switching by:
  1. Open System Preferences - Accounts
  2. Click Login Options
  3. Check the box called "Show fast user switching menu as" then choose from either icon, short name or name.
  Then when someone wants to switch users they can. The advantage of this method is if you are have a document open and don't want to close it the document will remain open. If the other user attempts to shut down the computer they can't until you have logged out thereby saving all your data.
  A very simple and elegant solution.

• Is it possible to copy security Groups from other user in CMC

  Hi,
  Usually in SAP security we can create user ids with the option of copy the roles from other user. means we can create user id Y same as like X. then Y will get all roles and security same as X.
  it is possible the same in BO also, is there any way for this.
  Regards,
  Sri

  Not that easily - I agree. However, normally permissions are granted to groups - not users. So as long as User Y has the same group memberships as User X it should be the same.
  There are also 3rd party tools available that can make this work and of course if you like coding - using the SDK you can build a tool yourself .

• Sleep processes from other users?

  Hi,
  I have noticed that processes from other users is still consuming ressources when I use my profile on my mac.
  If my girlfriend is logged in, and have used Firefox, and I switch to my user, Firefox is using cpu and large amount of memory.
  Is there a way to sleep other users processes?
  Regards
  Ronni

  No, you can't "sleep" other processes.  Well behaved processes from other users should be using little to no CPU, though they will use a fair bit of memory.  If you're paging out, then it's an issue.
  You could "kill" the other processes via Activity Monitor if you're an administrator, though you may have an angry girlfriend to answer to if you go that route
  Maybe better would be to enable "re-open applications that were running when I logged out" in system preferences and then just log her out.

• I am logged on to a wifi and can see files from other users on this network.  Can they see my files as well?

  I am logged on to a wifi and can see files from other users on this network.  Can they see my files as well?

  Yes and no. It depends on your settings.
  Go into "System Preference" and click on "Sharing"
  If you have services checked such as "File Sharing" then others can see your computer on the network. But you really don't need to worry because others would need your username and password to have access to your files.
  What you see are just computers annousing themselfs on the network. To have access to said computers, Username and Passwords are required.
  Hope this helps

• How to secure our program working folder from other users  and prog

  i want to secure my programme from other user and admin

  Yes that is always a good idea... Although you shouldn't do anything to upset your admin.

• How do I add a custom trusted certificate to a user's login keychain without needing the user's interaction?

  In using ARD I can send the certificate to the user's desktop and install the Lync application but so far the only way I can get the certificate into the user's login keychain is by having them enter their password.  This of course becomes inefficient when having to adminster 75 systems.
  Which command can I send to the individual systems to store the certificate into their login keychains without having them to verify their password?
  Any and all help is greatly appreciated

  unfortunately no, MS Lync references the user's login keychain - at this point I can run a command through ARD that allows me to move the cert into the keychain and have the cert accept a password from the root account but now the problem is finding a command line to change the default trust settings to 'Always Trust'