Renew certificate broke TLS - how do I fix it?
While troubleshooting another problem I followed a suggestion in a Technet document to renew my Exchange server self-signed certificate. Quite easy, right-click, renew certificate. Doing so did not fix the problem I was working on, but it did thoroughly
trash my entire Exchange setup. I managed to get Outlook and OWA working again, but TLS is broken. I have a Receive Connector set up to relay email from other internal servers and appliances. It was set up to use TLS and/or Externally Secured Authentication
and under Permission Groups, Anonymous users and Exchange servers are allowed to connect. After renewing the certificate, I had to remove TLS authentication. When enabled, those systems on which TLS is required or optional will fail to connect to send mail.
When disabled, with Externally Secured the only checked option, those systems which do not require TLS can successfully send mail, others which require TLS fail (obviously). I know that this is some failure of Exchange to use the renewed certificate to establish
TLS connections but I can't find anywhere to check or correct it. The certificate is enabled through EMC for all services but UCM, which we don't use, and I also ran enable-exchangecertificate -thumbprint "xxxxxxxxxxxxxxxxxx" -services "SMTP"
in EMS using the thumbprint value found on the Details tab of the certificate from MMC. Any help on fixing this?
Thanks for the suggestion, but that's not applicable here. The communications are all internal to our domain and really shouldn't have to be secured. Our Helpdesk application was using the connector w/TLS until I did the renew, then it was unable to email
us when new requests came in or to send emails back to the requestors when we closed a ticket. That was easy, when I uncheck the TLS box, it doesn't try to use TLS and it works fine. Two other servers don't email all that often and I'm not sure yet if they
work or not, I have no way to force an email from them. Then we have a couple appliances, like the chiller for a large piece of equipment, which email people when they detect a problem. That chiller has to use TLS, it's not configurable, so it's not emailing
anyone right now. It's not a member of our or any domain, it's just running an embedded OS with a built in SMTP server that's not at all configurable. The worst part is, this all worked great until I did the renew. I'm thinking I'm going to have to delete
the connector, delete the server certificate, and start over with a new certificate and connector, but that seems like such an obtuse way to fix what should be a simple problem.
Similar Messages
-
The following addons appear to have been permanently corrupted by upgrading to firefox beta 5:
Too Many Tabs (TMT)
Session Manager
Tab Utilities
I had others, but have been disabled since before the upgrade.
The problems:
I can't scroll through either webpages or through tabs (that may be an addon feature), the display looks way off, like the resolution inside the window is smaller (not sure how to describe), the options window from the tools menu gave a blank firefox brown window w/ OK/Cancel buttons, the addons/extension window became a tab I couldn't close, and clicking on the Feedback under Help menu did nothing - I had to go to Help>Restart w/ addons disabled to make it work.
I'm running:
Win XP
4gb RAM
3.2ghz dual core
ATI 4200 integrated graphics
Uptime = ~6.5hrs
What I did:
I installed latest beta (today). Problems arose (see details). I uninstalled beta. Installed previous beta. Problems continued. Uninstalled beta. Problems continued. Uninstalled version 4. Reinstalled and problems continued.It sounds to me like there are two separate processes being intertwined above:
1. Setting up your daughter's MacBook with identifying info; e.g., Apple ID for the user account on that machine.
2. Transferring the iTunes library (a very different operation).
Have you used Apple's Migration Assistant to move your daughter's information from her old machine to the MacBook? That would have avoided this whole issue.
If not, either start the process over and use Migration Assistant, or try to more carefully and precisely define exactly what you did to accomplish this transition. You said, for example, "there was already an Apple ID assigned to this computer." That statement almost certainly did not originate with iTunes. -
My old laptop broke so I got a new one. I am trying to install Photoshop elements 7 and am entering my serial number but it isn't accepting it. How do I fix this?
There is no serial number for CC Cloud versions. They are authenticated via your Adobe ID.
Sign in to your Cloud account with your Adobe ID and download the software via the Cloud app. -
What is an APSP certificate? and how do I renew it?
I have a Mac Mini server with Mountain lion server on it. I use it for Web site serving, and I have File Sharing active on it.
I started getting the following notifications:
Certificate Expires Soon - APSP:34a61ab4-43ce-43e1-8a45-036445c241a0
The following certificate is about to expire on your server, web4.local:
Name: APSP:34a61ab4-43ce-43e1-8a45-036445c241a0
Expiration Date: 16 December, 2012 10:59:27 AM EST
It seems that the server has 4 of these certificates and I get 4 notifications every day.
I could find nothing about them. What's the service they support? where to renew them? How do I turn off this notification if there isn't much that I can do about them.
Under the server hardware's settings pane, I checked all the SSL Certificates that I have and the local self-signed ones and none of them expire in 2012.
So I'm confused to say the least.I'm in the same boat. Here's what I've found out:
These certificates are used by the "Apple Push Notification Service" (APNS) and apparently have nothing to do with Cisco's Access Point Security Protocol (APSP). Push Notifications are used to do things like immediately alert you of new mail on your iPhone (rather than have the iPhone polling every few minutes to check if there is new mail).
Now, how to renew them (in theory because it doesn't work for me - it might for you):
1) open the "Server" application
2) in the Hardware section (top left), click your server
3) click the "Settings" tab
4) presumably "Enable Apple push notifications" is already checked. (if not, delete or move the expiring certificates out of /etc/certificates and that should stop the alert emails)
5) click the "Edit" button after "Enable Apple push notifications"
6) a drop down panel will show the apple ID and expiry for your Apple Push Notification Service certificate. The expiry will probably be in red. Click the Renew button.
7) enter the password for your Apple ID and click Renew certificate.
Hopefully that works for you. I end up with a "An unexpected error (-1) has occurred". If I click on the "Manage your certificates" link, I'm directed to an apple site that has a certificate expiry about 8 months after the one in the Settings page. I'm guessing that's the one being used and not the one shown in my settings page. I'll wait until after the certificates expire, see if anything breaks then delete the expired certificates.
If anyone knows how to determine which APSP:<uuid> certificate is being used on OSX Server or how the Apple Push Notification picks which certificate to use, please let me know. I have five APSP certificates in /etc/certificates and I suspect only one is needed.
Cheers,
Dean -
The strap of my bag broke when my laptop was in it, now it is making a buzzing noise all the time when I am using it. I have warranty with protection plan, how do I fix it?
Take it in and have it assessed. They do not have to know about the bag incident unless the explicitly ask for the specific details (like when you are being questioned by a TSA screener, LEO, etc.). As far as you know, the noise started up and it is getting warm. With luck it is just an unbalanced fan that needs replacement.
-
My computer broke and i lost all my music but the music is still on my ipod how do i fix this?
please help me...
my computer broke and i lost all my music but the music is still on my ipod how do i fix this?Also See Here for using your iPod to put your Music back on your Computer:
http://support.apple.com/kb/HT1296
http://support.apple.com/kb/HT1848
http://www.apple.com/support/ipodtouch/syncing/
Cheers, -
What does this mean and how do I fix it? Error ITMS-9000 "Invalid Code Signing The executable ´viwer.app/ viewer´ must be signed with the certificate that is contained in the provisioning profile"
If you had Firefox save your Yahoo password, first try deleting that here:
orange Firefox button ''or'' classic Tools menu > Options > Security > "Saved Passwords"
The "signed out" message seems to be related to how Yahoo authenticates you. Some users have reported that disabling automatic proxy detection solves the problem, and it also resolves an issue of getting logged out every few minutes, if you have ever experienced that.
To make the change:
orange Firefox button ''or'' classic Tools menu > Options > Advanced
On the "Network" mini-tab, click the "Settings" button, then choose "No Proxy" and OK your way back out.
If your work connection requires you to use a proxy server, try the "Use system settings" option instead.
Does that help? -
Screen broke on my mac, its bleeding colors and it has cracks in it and it has dark ink spots on it can how can i fix this ?????????
I want to at least slow the cracking and bleeding of the LCD/ pixelsYou cannot slow the cracking, etc., but you can take it to an Apple store genius bar and have the technicians look at it and give you an estimate for a screen replacement.
-
My iTunes stopped working on my windows laptop so I uninstalled it then tried to download iTunes again ,but now says my certificate is invalid or out of date . What is wrong and how do I fix it. I have windows vista on my laptop
Try the direct download links in the further information area of Troubleshooting issues with iTunes for Windows updates.
tt2 -
my ipad sait that the certificate for this server is invaled and i may be on a fake site how can i fix this
What server? What were you connecting to, and what app were you using?
-
ON my new Macbnookpro 2 days old, how do I obtain my itunes purchses in full ???
My old macpro is broken, do I need to somehow make my new macpro my main computer ?
The song are ALL Cut in half i can;r listen to anything I purchased ?
How do I fix this ?
Thanks
PatrickAND yea i afraid to sync my iphone and lose everything ;( i had everything perfect sync ing perfect ical,contacts,mail,apps and now sence new library I dont wana lose everything.....my hole life runs on my fone i need help bad
-
Adobe Reader won't install in any of the website-given ways. How can I fix this?
I've been trying to install Adobe Reader 11.0 on my Windows 8 computer for about an hour now. When I download the regular installer, the first thing my PC does is give a security warning. Strange already, but the website mentioned this could happen, so I said "download anyway". Then when I execute the installler file, I get a small error window titled "Host" which tells me "the certificate could not be verified". The only thing I can do is press "OK", which makes it go away, but the installer still does nothing, of course.
So I tried the other "direct" download which is given as a possible solution. The AdbeRdr11000 file I get from that downloads without any security issues.
When I execute it, it asks me if I give this installer permission to run. I say "yes", the window dissapears and then nothing happens. At all. I can wait all I want, it's like I never clicked anything to begin with.
So how can I fix this. I really feel like downloading such a widespread product shouldn't be so difficult.
Any help would be greatly appreciated.When I follow your link, after filling out the information (operating system, language), I still can only choose for version 11,0.
This is the same version the "direct" download gives me (the one that doesn't do anything after executing). -
Weird error message- how do I fix
I keep getting this error message when trying to sync music purchased online to my Zen Vision M:?"It is not possible to obtain device's certificate. Please contact the device manufacturer for a firmware update or for other steps to resolve this problem."?The music has been downloaded from a few different sites. I used to never have a problem with any of this music until I upgraded to WMP . I even uninstalled it and reinstalled it the other day to make sure I didnt have a beta version. ?Can anyone help??Thanks
here's the error message i get in reader 11
Problem signature:
Problem Event Name: BEX
Application Name: AcroRd32.exe
Application Version: 11.0.7.79
Application Timestamp: 536b80b0
Fault Module Name: StackHash_0a9e
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Offset: 0050005c
Exception Code: c0000005
Exception Data: 00000008
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e7
my word program is officei home and business 2010
In a message dated 5/20/2014 12:48:18 P.M. Eastern Daylight Time,
[email protected] writes:
i reinstalled X pro on my newish computer and get appcrash error message -
how do i fix? bill
created by Test Screen Name
(https://forums.adobe.com/people/TestScreenName) in Acrobat Installation & Update Issues - _View the full
discussion_ (https://forums.adobe.com/message/6394814#6394814) -
How do I fix this error message??
How do I fix this error message
"This message could not be delivered and will remain in your Outbox until it can be delivered.
The SMTP server "smtp.mac.com" doesn't support TLS (SSL) on port 25. Please check your account settings and try again."
ThANK YOU!!!
RichMail Help has some articles devoted to sending problems, e.g. “I can't send email” or “I can't send email because the connection to the server on port 25 timed out”. You may want to take a look at them in case there is something there that applies to you.
Something that usually works if you’re trying to use an outgoing (SMTP) server different from the one provided by your ISP (and in the case of .Mac in particular) is changing the outgoing server port to 587 instead of 25 in Preferences > Accounts > Account Information > Outgoing Server Settings. -
Hi, my built in webcam has stopped working on Skype following an update. Does this mean my macbook air has blocked videochat on skype? How can I fix this problem?
See this thread:
https://discussions.apple.com/thread/5306216?tstart=0
FIX:
1. You need Time Machine
2. Go to folder /Library/CoreMediaIO/Plug-Ins/DAL/
3. Copy AppleCamera.plugin to good place (usb memory stick is the best place).
4. Go to Time machine in date that skype work fine.
5. Change AppleCamera.plugin with file from Time Machine
6. Restart system, Now skype need to work with camera.
If that doesnt pass,
Suggest looking here, much success has been found:
http://community.skype.com/t5/Mac/OS-X-10-8-5-broke-Video-on-MacBook-Air/td-p/18 91729/page/4
Maybe you are looking for
-
I can't uninstall or update iTunes. I get an error message that it can't find the file itunes64.msi. where is it suppose to be?
-
Why can't my MacBook find my external hard drive through wireless network
I have a 1 TB Western Digital My Book Essential external hard drive connected to my AirPort Extreme. I've been using it with my MacBook via my wireless network (mainly for music and movies) now for about 2 years without any trouble. Recently my MacBo
-
EXE with Parameter in Commandline
Hi there I want to make a VI an EXE that I can pass a value in the command line and 2 calculated values get back. How does it work with LabView? Solved! Go to Solution.
-
Photoshop cs6 shortcut ⌘=≠? or empty
I have been having problem using my shortcuts in Phosothop cs6. First the shortcut didn't work so I tried the tip posted on Apple support. Edit>Keyboard Shortcut>File>Open (just select)> Accept. It worked for couple of times then somehow I messed thi
-
What do I do!? My phone's screen is white, the phone itself is very hot.
I woke up, went to check the time on my phone, and no matter what buttons I pushed it wouldn't respond. I noticed it was hot as well. Then, the screen turned on, but it is completely white and still won't respond to anything. I've tried to turn it of