SSL enabled - how to get certificates

Similar Messages

• How to get certificates "signed" for SSL configuration

  I have configured EID 3.1 to use SSL, The generate_ssl_keys utility was used to generate the SSL certificates, but when we login to studio we get the "The site's security certificate is not trusted!" message. Has anyone got any advise on how to get the certificates generated signed by a CA?

  In EID 3.1, the generate_ssl_keys utility is used to create a local CA and certificates for securing access to Endeca Server.  Studio uses these certificates/keys internally to access the secured Endeca Server.  These certificates are normally only used to internally secure Studio and Endeca Server (and Provisioning Service) communications.
  Securing Studio with SSL/TLS from the client browser to Studio is a separate task.  The documentation topic is http://docs.oracle.com/cd/E40518_01/studio.310/studio_security/toc.htm#Configuring%20SSL%20on%20the%20Studio%20application%20server which contains links to the application server topics.  This is primarily an application-server task - you would follow the instructions for the application-server and/or your certificate/CA supplier, so you end-up with trusted certificates.
  One common configuration is to secure Studio SSL/TLS terminated on a reverse-proxy such as OHS, so you may want to consider this option.

• How to get certificate from sun one directory server

  I have installed sun one directory server 5.2. Now in order to connect to the server through ldap protocol i need certificate on the client side.
  How to get the certificate from the sun one directory server...??
  ( Earlier i tried the same procedure with active directory .and i got the certificate successfully ...as well as ldap authentication..but don't know what to do with the sun one..???)
  Any tips on this issue will be helpful
  thank you

  You didn't make mention of setting up ssl on the server side, so search these boards for openssl. Some nice person uploaded an nice example of how do use openssl to do this.
  To get the ssl certs for the solaris-client ssl authentication ( tls:simple ) to work you will need to use netscape to connect to the ssl port to get the right format. There are comments in that same doc on how to do that.

• C# How to get Certificate from thumbprint

  Hi everyone,
  Following the below step, i want to get Certificate from thumbprint
  1, Create Certificate by command 
  makecert -sky exchange -r -n "CN=Azure-P2S-Root-Cert"
  -pe -a sha1 -len 2048 -ss My "C:\tools\AzureCertificateName.cer"
  2, Open certmgr.msc
  3, Copy thumbprint of Certificate
  4, using code
   private static X509Certificate2 GetStoreCertificate(string thumbprint)
              List<StoreLocation> locations = new List<StoreLocation> 
                  StoreLocation.CurrentUser, 
                  StoreLocation.LocalMachine 
              foreach (var location in locations)
                  X509Store store = new X509Store("My", location);
                  try
                      store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
                      X509Certificate2Collection certificates = store.Certificates.Find(
                          X509FindType.FindByThumbprint, thumbprint, false);
                      if (certificates.Count == 1)
                          return certificates[0];
                  finally
                      store.Close();
              throw new ArgumentException(string.Format(
                  "A Certificate with thumbprint '{0}' could not be located.",
                  thumbprint));
  => Error: "A Certificate with thumbprint '{0}' could not be located.",
  Any ideas? I am really stuck here.
  Thanks a lot in advance,
  Quyen Pham

  I want to code following the step
  1,Create Virtual Network Gateway
  https://msdn.microsoft.com/en-us/library/azure/jj154119.aspx?f=255&MSPPError=-2147217396
  2, Revoke a Point-to-Site VPN Client Certificate
  https://msdn.microsoft.com/en-us/library/azure/dn547018.aspx
  first, i download file Microsoft_DL_SITE-4-10-2015-credentials.publishsettings
  and then get string ManagementCertificate = "MIIKDAIBAzCCCcwGCSqGSIb3DQEHAaCCCb0Eggm5MIIJtTCCBe4GCSqGSIb3DQEHAaCCBd8EggXbMIIF1zCCBdMGCyqGSIb3DQEMCgECoIIE7jCCBOowHAYKKoZIhvcNAQwBAzAOBAhZCJomXpq4MgICB9AEggTIM/68oC+j8ikOLVp2R5bAya5As1/vwStOjrmh3uQ56AOsbc8y5n1jGhGk4HIT4nd7cPwCPPuaYnC0UCKMOgdZouAUPXPYmgzSNXiqTaSAX4sXYbQYE75pwnCjis1YTcatVuJtIffsBTxllioonSblakob6sMuKWTD49MJS62AzbmM7Y7ioGmpF4uVykUFh6PWry5eMxNztSQ2WZJRl8lJbCKHNBzgH58U2rMELe+hCDshDRdSxXAIVT0fFWMvENKnR5yihfOD9W6m0wkQMeaBhp1tWiwdrP4I68zG/Hr0PgT5YFCnis2IQf29t83gGBNKQFESkaSqB/Hp91/0H5lKKuvn868ESOqvxUbkKwBIs46CXtsbUOh8uI+ewE5/wjeczG+j9FBNtQZxWbhkcX7naDaXWYITgsSrQY/4t5otv0AcsZNmQ05CwXwBn3RLW1Hw4GKvUEjQF9VTk+HWiye3beCniLTkYRwVqZ14sV+NmBGYLGWPzXrkXNSmcInggjcq9y27phdb1PCVeKQ0oNhoOTVd6efgYQ+YLpd3wGK/VYGphQJcacTCSfYn3RJL0JEt1PrSSX1AK9mt5Nfcb3oTU5AxU9mgTjLeBMml75MC6lAtWQ1z28ayyPwpCX4FJz7Z4QhADTCY/Nt0bEBofSth2MZ2VzHPTiqpLXyT+IvUJ/PdDxTZ1cHGzTAHeUZYihUiHKNBQI7fPstA+68j+7rIXS6sa15JJEU6Me+4j8iTHpnYM+3mO0LG2DV7FwsmzsAlY13Q+ClgUrr2bPLbAqxuQOj0HcwSKpsLLI8ynZEFbJJ9hH6re5zfZhUKOi04L2qb6LlnTiob5+cM78nw+ZWX6PKrAsx4ZweyFhAKvTZVR7TkGw81s1lpgyljK38sCaTv5gkBbuizqM6MCD9Z94vfaY+4bEGiLkzdaMFXgqJOtswTe8CZpaCwI/bOc1fum8jjkVwaXSXX/IG3Kph2sNHTvzmFE/hHXRmx5z0ryssrN12jzlVDpwoX6H2yC4T3akqfRkSGpMEzbNwz9if9QgVAJcBhsNlM2QviETKaVtyyxSkrmCm4UdDBNVJZ/IyIA6lQhS/6dxxXhBi10xG+XQ3JhAogxhOTBSMBfSlXWwlOT2KRVZbD+00x5Hm3RCXPapSPD9G1iwISOaRI7kF0oBgIDVCZ2GNUJucEQviogvwmYdx3g6PBni3sxAJV8E8KyPMKSt4TURB5werwCsYxObCNyT8i4lNjoM2W/h1BHmSq7kpmIZ9H07yD2qdN6rg+bKoijrHESdf0Bs6vb8NH0Y2DYbqqPb3N1Ek3DRwJVGwNAY9VunjtDPf6E9Wo9AMqMkCkC/HOa/zVnfXWnKX2XzLsf7gBV/46ip4u1bXW+sYtecdEj1+XPgo7DWpjotOw56hn7VS0VDIZV/ahGFviXm5VvuEhk3NoaC4gq2imH+Jo736U8kV+ti/xNZn52N9wSYHu0rMOKrPfjiyhUcY17suZinkDJLnicUHB1F9UjQktLXP9fyKgNz+9sauUjT+7N0Rqa507OF4Pfw8TYlVrKg/C4/UlVQoX+6c/mA0W7pCOMo5XxSVPEULHmMXj6Oktvtz+le1/u7KRqJlYZET+iW1rQcqHduKectdbMYHRMBMGCSqGSIb3DQEJFTEGBAQBAAAAMFsGCSqGSIb3DQEJFDFOHkwAewBBADAARAAxADYANgA0ADQALQAyADQAMwA4AC0ANAA4AEEAQQAtADgAQQAwADQALQBEAEQAMAAyADEAQQBGAEUARQA1ADkANAB9MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAG8AZgB0AHcAYQByAGUAIABLAGUAeQAgAFMAdABvAHIAYQBnAGUAIABQAHIAbwB2AGkAZABlAHIwggO/BgkqhkiG9w0BBwagggOwMIIDrAIBADCCA6UGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEGMA4ECIyfz8c6xK+RAgIH0ICCA3j6pViWi7ayqb2hOBXuZdLXrwhAXvqktgOD2U/HeJxAliYP+NWAZAhz/02V2zTUfRxdlk1eLiLRF21UadoTlIe9on0xZKy/ZAN3ghaNlfFNvbmV3DOlPovJd5weISr25twv5xYvHooDxs44F4IsPh9/2qH39OHHHFSGbzgjX+bI8pb/yYomQOrPwZCMd1Ydqs7VDD/sQWfd1C9H27/Ym9BMMkcqCtstMFDBQ0JlOupT1UBan+AvYTqs0xul4R0dGJFWyoNsRNWVeWATI3T98hOgYCeR76ZDV7gO6eCVeC7EV6do3Cw9ftHlKr1GQPlu4T2wvYdHvV9FeYGUmrFwehQeADcfeSgmpZEuL8L3qhBw/jURT3O7NkEfA4QL923H3bXKzzXbzrs6jFdFrmDUAHZScezCKlPtHqQ2Nvb7kJyn4yxMtnFboRlbunu9yf8xejbR/cR8T3XlbSneNSTXbSJFjurmoQGn/ZLE7rgq3ZcF2o0CMMrNwRzYKFrfj68pg30nAqZIwuvDnhZslhYD2eUExqyj7nsL7VOvFj9Z05Dyj8pgbyhTSSEvPI8GFmPGirU7yvnorK+xjHL4xE0oyf9oPatSxb1A+SSAN/T8wviEJ6MsYIigJr3mjbw9H225gfGX9Sw7YDXU4P6sj52+TLgoW8x1KV2VxuzFCN0K5wf4ylP9LT1SXaxWptpfJqIJ/ef3YbdHeJ8IO4c591egyf1bIGw9nG5ar6WqOtTbC6VmWQH4HgZgYDzF8fyFWhzneTu6zzJqvJNao/Usq7ynrLOPKgBzWgZZOqp/2P/I9hD0Gdm/9117A0rqB+xsmjOOCCyJz+rvleO8j8a6yyyFaBCTZa28YdRSM5SsbGnWgYLpV2M0fg2AIM9UszX28QnRuULw81aw5ZTAJdBacSacqwGmI+H+DF32jTu5mLtvGVSdvCnoYs+M46r40oUExS0YYEbteu0SYBXNkzn6v1Jf0BhT7yL3yNrSN6OsYkQOvfyvApFqkHZfTN/nvsw5ZXepgxmaUQv4YdXRS7MG8Iz8u6TNs07NxgSvBTUhV3u9prntI09RXZYrd4w2mVWgmAS7IPCU9rq8Sls6XPVODEAibSGVjM4lPrYsfuDMKuArIbNEWCvdwE5K93uKxHitEFMR2RVocuvA5oQ7fkV8p8TSaKwXwiVFJBFWfrMwNzAfMAcGBSsOAwIaBBT38BXHkJJ4lpM17OGhf7V1bCVk4wQUCFr1yJQiWrWnAFvqBvc8ni13foM=";
  X509Certificate2 cert = new X509Certificate2(Convert.FromBase64String(ManagementCertificate));
  using this cert, i can create ok virtual gateway, but i can not upload certificate
  Anything is wrong in here?
  Thanks and best Regards,
  Quyen Pham

• PLEASE HELP! how to get certificat form a JarFile (NOT JarInputStream) ?

  Hi,
  I have a signed JAR-file.
  If I try to verify this file with "jarsigner -verify", I get OK.
  But if I want to get the certificat-chain from this JAR-file with
  "JarFile" and then "JarEntry", I receive only "null".
  For example I try it with this code:
  JarEntry entry;
  java.security.cert.Certificate[] dmCertChain;
  for (Enumeration enumJar2 = zipFile.entries();enumJar2.hasMoreElements() ;) {
  entry = zipFile.getJarEntry((enumJar2.nextElement()).toString());
  dmCertChain = ((JarEntry)entry).getCertificates();
  if(dmCertChain == null) {
            System.out.println("The entry has no certificate.");
  else {
            System.out.println(dmCertChain.length);
            for (int i = 0; i < dmCertChain.length; i++)
            System.out.println(dmCertChain<i>.toString());
  But my JAR-file is ok, because when I try it with "JarInputStream" and
  then "JarFile", I receive the correct certificate-chain.
  (I try it with getNextJarEntry())
  How can I read the certfication-chain from the JarFile?
  I searched the web for a solution, but i don't find an answer!
  So please HELP!

  I found the solution :-)
  I found in Java-api-doc the following sentence:
  "This method can only be called once the JarEntry has been completely verified by reading from the entry input stream until the end of the stream has been reached. Otherwise, this method will return null."
  So I added this lines to my code:
  // JarEntry must be completely verified by reading from the entry
  // input stream until the end of the stream has been reached.
  InputStream is = zipFile.getInputStream(entry);
  int c;
  while ((c = is.read()) != -1) {
  //do nothing here, just to make sure the whole stream is read
  bye

• How to get server certificate before sending off confidential content?

  If my mail client knows for example the SHA1 value of TLS/SSL enabled receiving MTA's certificate, subversion of DNS and Root-CAs could be prevented if after establishing the connection, the com.sun.mail.smtp.SMTPTransport.serverSocket were accessible to retrieve that certificate:
  X509Certificate[] certs = null;
  if (serverSocket instanceof SSLSocket) {
  SSLSocket ssl = (SSLSocket) serverSocket;
  certs = ssl.getSession().getPeerCertificateChain();
  byte[] sha1 = MessageDigest.getInstance("SHA1").digest(
  certs[0].getEncoded());
  //TODO now validate with the sha1 you already know
  Unfortunately com.sun.mail.smtp.SMTPTransport (let alone javax.mail.Transport) have a public getServerSocket() or even better a getX509ServerCertificates() method.
  Any other ideas how to get at those certificates short of using gnu classpathx?
  See also http://forum.java.sun.com/thread.jspa?threadID=615422

  I found the solution for server side. We will use Handler. And base on technology to generate web service's stuff (my server using axis, but my client using jaxWS), we have different ways to implement and deploy Handler. My purpose is only write input/output xml message to log, so with my server, I only adjust server-config.wsdd as bellow:
  <deployment
  xmlns="http://xml.apache.org/axis/wsdd/"
  xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
  <handler name="log" type="java:org.apache.axis.handlers.LogHandler"/>
  <globalConfiguration>
  <requestFlow>
  <handler type="log"/>
  </requestFlow>
  <responseFlow>
  <handler type="log"/>
  </responseFlow>
  </globalConfiguration>
  <transport
  name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>
  </deployment>
  But now I still can not control directory and log file name yet (now it's axis.log by default).
  Edited by: mydesktop on Nov 15, 2010 6:20 PM

• Can port 25 be used for SSL-enable SMTP server ?

  Hi,
  Our customer is using port 25 for a SSL-enabled SMTP server without certificate. When our email client tried to connect to it, the following exception thrown:
  DEBUG SMTP: exception reading response: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  Since we don't want to ask our customer to change their port configuration unless absolutely necessary, we did some tests with our own SSL-enabled SMTP server that uses certificate. Here is what I got:
  1) with port 25, got the same exception as above;
  2) with port 465, worked fine;
  3) with any other randomly pick up valid port, worked fine.
  This made me wonder if 25 is for non SSL SMTP server ONLY. By the way, I'm using Javamail 1.3.4 and JSDK 1.4.2_02. My question is whether we can configure javamail so that port 25 can be used by SSL-enabled SMTP server?
  Your help will be appreciated.

  Yes, port 25 is intended for non-SSL servers only, although that doesn't
  prevent a client from making a plain text connection and then using the
  STARTTLS command to switch the connection to SSL/TLS. JavaMail 1.4
  supports that usage.
  You can configure JavaMail to use port 25 for SSL connections if you
  really want to. JavaMail 1.3.x requires you configure an appropriate
  socket factory to get SSL connections; you can configure whatever port
  you want for use with that socket factory.

• How to get SSL certificates in JRun

  I have some problems in using JRun 3.1 with apache 2.0 in
  microsoft Windows XP professional.
  I want to get SSL peer certificates in a jsp file. But it was
  always failed.
  Could you tell me how to get the remote user's certificate.
  content of JSP file:
  boolean isSecure = request.isSecure();
  if(isSecure)
  X509Certificate[] certChain =
  (X509Certificate[])request.getAttribute("javax.servlet.request.X509Certificate");
  if(certChain!=null)
  else
  out.println("<br>User certificate is
  null.<br>");
  ...

  Configuring Commercial certificates on weblogic server
  http://weblogictips.wordpress.com/2008/07/27/configuring-commercial-certificates-on-weblogic-server/
  How to debug SSL issues with weblogic server
  http://weblogictips.wordpress.com/2010/05/11/how-to-debug-ssl-issues-with-weblogic-server/
  Steps to create self sign certificates for weblogic server
  http://weblogictips.wordpress.com/2008/07/27/steps-to-create-self-sign-certificates-for-weblogic-server/
  thanks,
  sandeep

• How do I ssl enable targets and EM in 10.1.2

  How do I ssl enable targets and EM in 10.1.2 in
  "Standalone console" (is this the correct forum?)
  These are the steps I followed
  1) emctl secure em
  This enabled ssl for EM.
  Problem is with monitoring a target - Oracle Reports
  2) The I SSL Enabled reports. Added a port in webcache and gave default wallet directory. Following works
  https://host:port/reports/rwservlet?getserverinfo
  3) In sysman/emd/targets.xml , for reports target I changed http protocol to https and also changed port
  (Report uses HTTP Fetchlet for getting metrics)
  But I am not able to monitor Oracle Reports successfully.
  I get the following in EM logs
  emias.log
  <MetricGetError ERRMSG="Error connecting to <host:port> return status = -1 " ERRID="32" ERRCODE="3">
  emagent.trc
  2005-01-05 18:29:07 Thread-2228 ERROR ssl: nzos_Handshake failed, ret=29024
  2005-01-05 18:29:07 Thread-2228 ERROR http: 652: Unable to initialize ssl connection with server, aborting connection attempt
  2005-01-05 18:29:08 Thread-2228 ERROR engine: [oracle_repserv,Ben.<host>_Reports_Server:rep_strep13,ServerPerf] : nmeegd_GetMetricData failed : Error connecting to <host>:4447 return status = -1
  Any idea how to do SSL enable targets (in particular Oracle Reports) in 10.1.2 ?

  Open and close iPhoto or GarageBand and relaunch FCP X. Sometimes just relaunching FCP X works also. You can trash FCP X preferences as well if the above doesn't work.

• How to get a server chain certificate

  Hi all,
  I'm installing SSL on Bea Logic server 6.0, but i dont know how to get a server
  chain certificate.
  Does any body know how to get this certificate?
  Also, I read in the e-docs site that we can use utility der2pem and vice versa
  to convert between them, but i odnt know where to get the tools.(It's not in the
  utils.jar)
  thanks for any answer.
  Uy

  Hi all,
  I'm installing SSL on Bea Logic server 6.0, but i dont know how to get a server
  chain certificate.
  Does any body know how to get this certificate?
  Also, I read in the e-docs site that we can use utility der2pem and vice versa
  to convert between them, but i odnt know where to get the tools.(It's not in the
  utils.jar)
  thanks for any answer.
  Uy

• I have a Verizon IPhone 4 and i can't figure out how to get my ringtones from an app to my iTunes account, it doesn't have a tab for Ringtones! I have tried unplugging it and checking if would show up but it didn't, how do you enable the ringtone folder?

  I have a verizon IPhone and i can't figure out how to get my ringtones from the app to iTunes, my account doesn't have a ringtone section in the liRingtone Folder?brary, how do you enable the ringtone folder?

  Edit > Preferences.  Select the check box for Ringtones, this will add them to the listing in iTunes. 
  Not sure that really answers your question though.

• Has anyone figured out how to get speech recognition working with sticky keys enabled on mountain lion?

  I'm trying to use speech recognition to input text on my iMac running the latest mountain lion, 10.8.3.
  I have sticky keys enabled.
  When I try to start speaking by pressing the function key twice nothing happens. I can only get it to work if I disable sticky keys.
  The same problem occurs with all the other modifier keys as shortcut, they do not work with sticky keys.
  When I try to select a different shortcut, I am unable to select a two key combination, but am limited to one.
  If I select the F6 key, or any other single key, I am able to start speech recognition. However the second time that I press the key, it does not stop recognition and process my words. Instead, it restarts the recognition.
  Has anyone figured out how to get speech recognition working with sticky keys enabled?
  Or a way to get an individual key shortcut to start on the first press and process it on the second?
  Or a way to get key combinations to work, as specified by the help:
  Dictation On and Off
  To use Dictation, click On.
  When you’re ready to dictate text, place the insertion point where you want the dictated text to appear and press the Fn (function) key twice. When you see the lighted microphone icon and hear a beep, the microphone is ready for you to speak your text.
  Shortcut
  By default, you press the Fn (Function) key twice to start dictation. If you like, you can choose a different shortcut from the menu.
  To create a shortcut that’s not in the list, choose Customize, and then press the keys you want to use. You can press two or more keys to create your shortcut.

  I noticed with version 10.8.4 of OS X that I am now able to select F6 to activate, and the return key to complete the speech recognition. This is still different than the description of how these should function that's included in the help, but at least it's an improvement.

• How to get a professional certificate for Adobe After Effects?

  To Whom It May Concern,
  My name is Ariff and i live in Malaysia. I would like to know how and where to get certificate for All Adobe Illustrator, Photoshop and After Effects? etc How to be an officially trainer to students
  Sincerely
  Ariff.

  Hi Ariff,
  you will find the informations there: Adobe Certified Expert Training | Adobe Training & Certification
  maybe of interest Adobe's German website with the four steps: Adobe - Support: Lassen Sie sich noch heute zertifizieren und zum ACE ausbilden and
  Adobe - Support: Adobe Certified Instructor (ACI) I didn't find the adaequate websites in English language.
  Hans-Günter

• HT1541 how to get my redeem a code or gift certificate enter it here means

  how to get my redeem a code or gift certificate enter it here means

  Welcome to the user to User Technical Support Forum provided by Apple.
  Clearly state your Issue and the Troubleshooting Steps you have tried to Resolve it.
  Note: iTunes Gift Cards are only Valid in Country of issue

• What do these SSL error messages mean?  How do I fix this problem? (SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT) & (SSL_ERROR_BAD_CERT_ALERT - SSL client cannot verify your certificate.)

  In my error log files for iPlanet Web server 4.1SP9 (running on Solaris) I am seeing the following errors sporadically dispersed seemingly at random throughout the day.
  Error receiving connection (SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT)
  Error receiving connection (SSL_ERROR_BAD_CERT_ALERT - SSL client cannot verify your certificate.)
  Error receiving connection (Not connected)

  Hi,
  Are you trying to install a certificate in iWS.
  When did you get this error messages ?
  For more infomartion about error codes. Please look the below link.
  http://www.mozilla.org/projects/ security/pki/nss/ref/ssl/sslerr.html
  http://knowledgebase.iplanet.com/ikb/kb/ articles/4811.html
  Regards,
  Dakshin.
  Developer Technical Support
  Sun Microsystems
  http://www.sun.com/developers/support.