Purchasing a digital certificate for SCOM usage

Similar Messages

• How to filter list of digital certificates for signing PDF

  Is it possible to change the configuration of Reader installation to filter the list of installed certificates that can be used for digitally signing documents?
  The filtered list will appear when users attempt to select a certificate for digitally signing a document.
  Thanks.

  Hi Carla,
  Unfortunately, Extended Key Usage is not one of the properties you can enforce.
  The things you can set are:
  appearanceFilter (i.e. enforce the use of a custom signature appearance)
  certspec(i.e. the signing certificate must meet some specific criteria)  <<<----- This is what you are more interested in, more below
  digestMethod(i.e. enforce the use of a specific cryptographic hashing algorithm)
  filter (i.e. enforce the use of a specific security handler if you want to use something other than the one built into Acrobat)
  legalAttestations (i.e. enforce the reason or purpose of the certifying signature)
  lockDocument (i.e. enforce any further changes to the document after the signature is applied)
  mdp (i.e. the rules for changing the document applied as part of a certifying signature)
  reasons (i.e. a list of one or more reasons the signer can use, as opposed to them adding their own)
  shouldAddRevInfo (i.e. force the inclusion on the revocation information (CRL or OCSP response) in the PDF file)
  subFilter (i.e. require the use of a specific signature format. This is very arcane)
  timeStampspec (i.e. require the use of a specific time stamp server)
  version (i.e the minimum version of Acrobat that can decipher the signature. the only two options are versions 6 or 8)
  The second item is the certspec, and this is what I've been pointing you towards. For the sake of discussion, think of everything you can read in a certificate as an extension. The serial number is an extension, the subject is an extension, the valid from date is an extension, etc. When a certificate is created, some of these extensions are required, other optional, and you can even add in extension that are not publicly defined, and only you will know about.
  Acrobat has the ability to enforce the signer to use a certificate that contains some, but not all of the known extensions. The extensions it can enforce are:
  issuer (i.e. require the use of a certificate that is issued by a specific Certificate Authority)
  keyUsage (i.e. require the signers certificate contain one or more of the nine possible values that can be included)
  oid (i.e. require that the Certificate Policy extension contain a specific value)
  subject (i.e. require that the document is signed by one specific person using one specific digital ID)
  subjectDN (i.e. require that the document is signed by one specific person, but they get to choose which digital ID to use)
  url (i.e. if a required digital ID is not available, where the signer can procure an acceptable digital ID)
  urlType (i.e. if the user is directed to the URL, should it be a web server where they can download a digital ID or a remote signing server where the digital ID stays on the remote server)
  That's it. If it's not one of these items then Acrobat cannot enforce that the item is available. Extended Key Usage is not on the list.
  Steve

• Best practices for buying a digital certificate for Exchange 2013

  Good dayfriends,
  Could you indicateme which are the bestpractices when buying
  a public digital certificatefor use onExchangeServer 2013.
  I'd be interested in knowing your opinion about
  using wildcardor SAN certificates.
  Likewise what are the best recommendations
  to include names and why they should or
  should not include the internal FQDN
  of my servers.
  Currently I have an infrastructure that has two
  MailBox servers,two CAS servers and an EDGE
  2010 server, but I'm planning update it to Exchange 2013.
  I searched what are the best
  practices according to Microsoft but
  have found little information.
  I would appreciate
  if you can post links like
  Microsoft KBs and other technical documents that
  discuss the above mentioned.
  Thanking your
  invaluable support.
  Greetings.

  Hi,
  Personal suggestion, we can use two namespaces for your Exchange 2013:
  Autodiscover.domain.com (Used for autodiscover service)
  Mail.domain.com (used for all Exchange services external and internal URLs)
  Please pointed mail.domain.com and autodiscover.domain.com to your internet facing CAS 2013.
  For more information about Digital Certificates and SSL in Exchange 2013, please refer to the
  Digital Certificates Best Practices part in the following technet article:
  http://technet.microsoft.com/en-us/library/dd351044%28v=exchg.141%29.aspx?lc=1033
  Additionally, here are some other scenarios about certificate planning in Exchange 2013:
  http://blogs.technet.com/b/exchange/archive/2014/03/19/certificate-planning-in-exchange-2013.aspx
  Regards,
  Winnie Liang
  TechNet Community Support

• Bank of America Digital Certificates for Bank of America Direct & iphone 3G

  I did a quick search and didn't see anything that i think i am looking for.
  I am trying to access The Bank of America Direct Web Page. To do this from my work computer, I am given a Digital Certificate, that i download to my computer. I am then able to access the website, (after imputing usernames and passwords of course)
  At work i use an IBM (LENOVO) ThinkPad.
  I know i can export the digital certificte to other computers so that i can access the webpage from home or another desktop if i need to.
  Does any know if it is possible to export this digital certificate to the Phone 3G, so that the webpage can be accessed from the safari browser?
  Thank you
  Joe

  Thanks, but i beleive the BofA Direct website is separate from the general BofA personal account site.

• How to use digital certificate for client authentication in PCK

  My sap jca adapter need support digital certificate on client authentication. how to implement it in j2ee or pck?
  Message was edited by: Spring Tang

  refer the following links
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/092dddc6-0701-0010-268e-fd61f2035fdd
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/b2a56861-0601-0010-bba1-e37eb5d8d4a9
  please let me know if u dont find relevant information

• Creating Digital certificates for SOAP Receiver Adapter

  Hi
  In Visual Admin...> if we go to the "key storage" and try to create the certificates, we have the options of
  selecting the below algorithms.
  RSA-512,1024
  DH -512,1024
  DSA-512,1024
  But SOAP Receiver Adapter supports only the below encryption algorithms.
  3DES
  DES
  RC2-40
  RC2-64
  RC2-128
  Still if I try to use any of the RSA, DH, DSA algorithms to create the certificates in visual admin and if I
  use the same certificate in SOAP Receiver adapter, I am getting the below error in sxmb_moni
  com.sap.aii.af.ra.ms.api.DeliveryException: Unsupported keysize or algorithm parameters.
  Could you plz advise, is there any provision in XI to create the certificates using the algorithmS 3DES, DES, RC2 ? or We got to import the certificates from third-party which supports 3DES, DES and RC2 ??
  Regards
  kumar

  can't wait further so closing the thread

• How do I get a digital certificate for WebLogic Server?

  I has three files(*.der, *.pem, *.pem)generated by weblogic certificate sevlet. And I has also got file from verisign throuth my CSR file. But when I give the *.der file to server key file name field on the console, some error occur in my weblogic:
  <2002-6-12 %u4E0A%u534811%u65F622%u520614%u79D2> <Alert> <WebLogicServer> <Security configuration pr
  oblem with certificate file config/mydomain/eintech-key.der, java.io.EOFExceptio
  n>
  java.io.EOFException
  at weblogic.security.Utils.inputByte(Utils.java:133)
  at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
  at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
  at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
  at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1045)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:480)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
  at weblogic.Server.main(Server.java:35)
  I don't know where is the error raise? help me?

  Hi.
  Just a guess, but sometimes this happens when the .der file is actually in .pem format, or vice versa. You might try changing the name of the cert to .pem, specify it in the console and see if that helps.
  You also might get a better answer posting this question on the security newsgroup.
  Regards,
  Michael
  javachina wrote:
  I has three files(*.der, *.pem, *.pem)generated by weblogic certificate sevlet. And I has also got file from verisign throuth my CSR file. But when I give the *.der file to server key file name field on the console, some error occur in my weblogic:
  <2002-6-12 %u4E0A%u534811%u65F622%u520614%u79D2> <Alert> <WebLogicServer> <Security configuration pr
  oblem with certificate file config/mydomain/eintech-key.der, java.io.EOFExceptio
  n>
  java.io.EOFException
  at weblogic.security.Utils.inputByte(Utils.java:133)
  at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
  at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
  at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
  at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1045)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:480)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
  at weblogic.Server.main(Server.java:35)
  I don't know where is the error raise? help me?--
  Michael Young
  Developer Relations Engineer
  BEA Support

• TS1292 I have purchased a gift certificate for iTunes from my account and got it in email for my daughter.  we tried to enter the code in the sign-up page in iTunes and it says the cade is not valid?

  I have the gift certificate I sent to My Daugther and it has two codes, one is PIN and the other one is a gift card number!  I tried entering each one and every time it says code not valid!
  Does anyone have a solution?

  You have a phone that was returned as defective. How it got into the market again is anyone's guess, but the ONLY way to resolve it is to call Apple, and that may not resolve it either if it was pilfered by someone at an Apple repair center.

• How to get digital certificate informaiton of the email in mail adapter

  Hi, expert:
  I have a requirement to verify the validation of coming email with digital certification. The mail is with digital certification. If the coming email is valid, I 'll get the attachemt of the mail for further processing. I have a sender mail adapter and receiver file adapter configued.
  I have already my own developed adapter module, which is configued in mail adapter. My question is how to retrieve the detailed certificate information in the adapter module developed by myself. Is it feasible?
  Thanks a lot.

  Hi Oscar !!
  refer this blog & links , you will get all you are looking for
  <b>How to use Digital Certificates for Signing & Encrypting Messages in XI</b>
  /people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi
  http://help.sap.com/saphelp_nw04/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
  Thanks !
  Regards
  Abhishek Agrahari

• Custom certificates for JAR file signing

  Hi,
  Can anyone please let me know how to check that we have custom certificates for JAR file signing set up in our instance
  Thanks,
  Praveen

  It depends on the version of your $ADJVAPRG. See the referenced note.
  How to use,create and /or update Digital Certificates for Jinitiator in 11i Applications
  http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=365735.1

• Cisco ISE User Authentication Certificates for Wired and Wirless Users (BYOD)

  Can any one tell me from where we can purchase User Authentication Certificates for Wired and Wireless Users (BYOD) for Cisco ISE. Also Confirm what certificates we required for the purpose.
  Please suggest the Website form where we can purchase and ipmort in Cisco ISE certificate Section.
  Thanks.

  Dear Mohana,
  Thanks for your reply, Can you please confirm me in regards EAP-TLS certificate, which authorities you recomend if i go to Go dadday or very Sign to buy it and then import in ISE.
  Looking forward for your reply.
  Regards,
  Muhammad Imran Shaikh
  Resident Engineer, IT Network Section - PPL
  Mobile : 0092-312-288-1010
  LinkedIn : pk.linkedin.com/pub/muhammad-imran-shaikh/10/471/b47/

• Exporting Digital Certificates in Yosemite

  I just freshly installed Yosemite and my apps on my MBP, along with digital certificates for secured emailing. I'm trying to export these certificates from the Keychain for safekeeping but for some reason I can no longer export them as Personal Information Exchange Files (.p12). I get several other options but I'm not sure which option to choose, or if I should use any of those options. Any information will be greatly appreciated.

  It appears that this problem was related to the same problem in my other discussion, which you were kind enough to respond to, as well:
  Password Needed For Sending Emails - EVERYTIME
  After I reseted the keychain I was able to export as a .p12 file just fine.
  Correct me if I'm wrong, but it seems that only the .p12 format exports certificates with a paraphrase attached for security.

• Do you have to deal with a CA to get digital certificates?

  Hi,
  I'm investigating the use of digital certificates for communication
  between our WLS internally. I would like to be able to generate my own
  certificates and keys for our testing purposes. I'm under the impression
  that the only way to do this is to deal with a Verisign or somethin like
  that and to buy a license. Am I correct? Or is there another way to do
  this?
  Thanks,
  L
  Laurent Duperval <mailto:[email protected]>
  Je suis le plus fort! ... Je suis encore plus fort que tout à l'heure! ...
  Tiens... pour me définir, le mot fort ne l'est plus assez!
  -Léonard le génie

  thanks everyone, helped alot, cant wait to buy one of these

• Multiple SAP Passports(Digital Certificates)

  Hi Guys,
  I want to know how i could have multiple digital certificates created to login to service.sap.com.
  My case is that i have 2 S IDs. I have created an SAP Passport(digital certificate) for 1 S ID, so that i dnt have to enter the user name and password every time i login to service market place. However i would want to create a digital certificate for my other S ID as well. How do i do that..
  Help appreciated
  Rgds,
  Prabinath

  Hi Aj,
  When your SAP passport expires SAP recommends to delete your old SAP Passport and create new passport. Since the new SAP Passport is valid already, there is no reason to retain the old one.
  Please check and let me know if you need any information.
  Regards,
  Kiran .V

• I want to give an email gift certificate for a single song download ($1.10)

  Hello
  Is there a way to give an email gift certificate for less than $10 USD?
  I want to give an email gift certificate for a single song download ($1.10) and can't figure out how to do it.
  Please help
  Thanks
  Richard

  There isn't a way to purchase a gift certificate for that specific amount, but it is possible to gift one particular song to someone as a gift. You can read about it here.