SSL is expired

Similar Messages

• SSL certificate expiration CCMS Monitoring

  Hi All,
  We are using ECC 6.0 server, HP-Unix and Oracle 10.2.0.5 database.
  CCMS monitoring is setup in our environment for alerts Monitoring. We use SSL certificates for SSO logins.
  As we know SSL certificates get expire in approx one year and when 2-3 days left in certificate expiration system start showing message to all uses for this cetificate expiration.
  Now we are planning to include SSL certificate expiration in CCMS monitoring so that whenever before 10-15 days we get a message for certificate expire and we implmenet the certificate without any User intervention.
  Now we search a lot but I do not find any option available in RZ20 and RZ21 to include this alert in CCMS.
  Please let me do we have any way by which we can get an message of certification before user get this message.
  Shivam

  Hi Murali,
  Thanks for the reply.
  I checked links and they are meeting my requirement but one thing I could not find is SSL information in RZ20.
  I checked RZ20 tcode and I do not find where SSL information is available to assign auto reaction method to it to start getting Alert.
  Can you please help me where I can find SSL certification path in RZ20.
  Shivam

• SSL Ceritifacte Expired

  Hi,
  I am using Solaris OS 9 on Sun Blade 2000 work station. I am not able to connect my application to database on oracle 8i. It is showing SSL certificate Expired on 10 th ferbruary 2005. Kindly explain how to solve this.

  Answered myself.
  When the system was rebooted then the certificate changed.

• SSL Certificate Expired Indesign CS6

  So I open Indesign this morning and find that the SSL Certificate has expired. So my question is, since Adobe has come out with CC, is this going to be the trend at Adobe? Is this going to be Adobe's way of telling me to go CC? Because I am certainly not impressed that I have to go in and change settings so I do not get the message posted below every time I open Indesign, which is a legitimate paid for copy. I am planning on going to CC, but when I am ready. As you can tell I am not pleased to be posting this.

  Fyredept wrote:
  So I open Indesign this morning and find that the SSL Certificate has expired. So my question is, since Adobe has come out with CC, is this going to be the trend at Adobe? Is this going to be Adobe's way of telling me to go CC? Because I am certainly not impressed that I have to go in and change settings so I do not get the message posted below every time I open Indesign, which is a legitimate paid for copy. I am planning on going to CC, but when I am ready. As you can tell I am not pleased to be posting this.
  I may be totally wrong here, but this might be originating in the security settings of your browser or other Internet connection settings. SSL is a more-secure way for stuff to travel the 'Net, and some browsers or other Internet tools that manage your accounts and connections, have a setting to make SSL the connection type every time to open a Web site or page. There should be somewhere in yor browser or elsewhere in your Internet account connections manager, that specifies using SSL always. There may be a way to reset the certificate, or to request that it be renewed. Perhaps check with your ISP (Internet Service Provider) tech support. Possibly the SSL issue is managed at their level. Also, if you're in a corporate environment, check with your IT support folks.
  HTH
  Regards,
  Peter
  Peter Gold
  KnowHow ProServices

• VPN Concentractor SSL Certificate Expired - Urgent Help

  We have VPN concentractor 3030. Whe I log on via web its says that SSL certificate has expires and I cannot login to generate new certificate.
  I even tried login via consol but it won't allow the connection.
  What can I do.

  The CONSOLE has nothing to do with the certificate. No matter what you should see the console prompt. If you cannot, make sure you are using a STRAIGHT THROUGH DB9 cable.
  NOTE: This cable is different from the one used by PIX 520 and IDS boxes.
  Regards
  Farrukh

• SSL Certificate expired

  Hello
  I've updated our internal application SSL certificates on our core WAEs group, for some reason it didn't push the updated ones down to the branch WAEs. The users are getting the expired cert error. The work around for now was to disable the SSL cert. Is there a procedure on how to update the SSL certs on your core WAEs? How can I check the branch WAE where the expired cert if being stored, it's not showing up when you issue a show
  crypto certificates. I went and updated the existing ones with the new ones and the date had changed correctly.
  WAEs - 4.2.1
  CM - 4.4.1

  Hi John,
  I believe Ahmad is talking about this link, here is the corrected one:
  http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v431/configuration/guide/policy.html#wp1138543
  As per the document, the certificates should be propogated to WAE and replace the expired one. Why it did not happen in your case, I believe requires some investigation. It may be that the CM-WAE connectivity is/was broken or may be the WAE is managed by CM but is configured in such a way that CM can not update config on WAE. This could happen if you are using Device Groups and if WAE is not part of that group.
  Hope this helps.
  Regards.
  PS: If this answers your question, please mark this as Answered.

• SSL certificate expired for Google Mail

  Hi there everyone, I am new here so please be gentle with me!  I have had a Palm Pre on the 02 network since October and have been able to use my email fine.  I use Googlemail and 02 using IMAP and today it keeps giving me error messages saying the SSL certificate has expired.  I have tried turning SSL on and off, and have downloaded the software update for Palm OS but it's still not working. Is there an easy fix for this? If I change to POP will that work and how do I do that? Many thanks. Hellywobs.
  This question was solved.
  View Solution.

  Just to say that I have solved this from another source - the date was wrong on my phone.  No idea why, but now I've set the date to today, it's working again. I went to the Date and Time App and made the change.  Just thought I would post here in case anyone else has the same trouble - it is an easy solution.

• Firefox 3.6.13 do not have intermediate certification authority terena ssl ca (expiration 30.5.2020, is this problem specific to this version?

  I was helping a friend to check the status of the certificate of a website. The certificate was not approved (firefox shows de warning page) in my firefox but it was in his.
  I assumed it was because I had uninstalled firefox 3.6.13 and reinstalled it about a week ago. So he uninstalled his firefox software and reinstalled it. After that the site could not be viewed without the varning in firefox 3.6.13 at his computer either.

  Why does Firefox 4.0.1 still not have the Terena SSL certificate built-in? Safari and IE 8 and 9 have access to it. This is a real nuisance. Is there a specific reason for it?
  (I don't need to know the workaround as I already know it. My point is, there shouldn't be a need for a workaround.)
  [http://crt.tcs.terena.org/TERENASSLCA.crt Download Terena SSL Cert here]
  Also, if we must deploy it into Firefox manually, how can this be automated for 7,500 Windows XP PCs and 4,000 Macs? Is there a scripting language for Firefox or can we stick it in a specific directory and Firefox will automatically absorb it?
  I think it would be easier if Firefox just incorporates it. It doesn't make sense for the other major browsers to support it and Firefox doesn't.

• SSL Certificates about to expire

  Please forgive what is probably a "newbie" question
  The first of my OES2 servers is about to have its SSL certificates expire.
  I've done the following:
  - issued new certs via iManager
  - namconfig -k
  - namconfig restart
  Here's where I get stuck..... what else do I need to do to ensure that all services are using the new certificates eg Tomcat/Apache/etc - on NetWare I simply used tckeygen and restarted these services!
  I've done a google on this topic and don't find to find any single conclusive document (perhaps I need new glasses). I would appreciate it very much if the community could point me in the right direction.
  Thanks in advance

  Laura,
  here's an article on the topic:
  http://wiki.novell.com/index.php/Rec...s_on_OES_Linux
  Uwe
  Novell Knowledge Partner (NKP)
  Please don't send me support related e-mail unless I ask you to do so.

• How to enable UWC with SSL on Communication Suite 5?

  Sorry for asking this FAQ level question at first.
  I have watched this for almost one year but still have problem for enabling UWC + SSL + Self signed certificate.
  Would have user to login into https://abc.com/uwc then use the messenger and calendar servers from one single uwc interface, all the connections are secured.
  Is there any step-by-step procedure for reference? I appreciate for your help.
  The application software is JCS 5.
  Best regards,
  Robert
  Edited by: Robert_Chang on Apr 8, 2008 10:24 AM

  Robert_Chang wrote:
  Sorry for asking this FAQ level question at first.
  I have watched this for almost one year but still have problem for enabling UWC + SSL + Self signed certificate.Let me just point out that using self-signed-certificates are not a good idea in a production environment. They can cause a number of headaches (e.g. trust relationships between products) and don't offer the same level of security/verification as a proper CA signed cert.
  Would have user to login into https://abc.com/uwc then use the messenger and calendar servers from one single uwc interface, all the connections are secured.
  Is there any step-by-step procedure for reference? I appreciate for your help.There isn't one -- I have been meaning to write one but it's an extremely time consuming process and I haven't gotten around to it.
  Where it gets complex is if you messaging/calendar on different hosts (hence different certificate names), including LDAP SSL as well (UWC->LDAP, Messaging->LDAP, Calendar->LDAP), Outlook Connector using SSL, Access Manager using SSL, configuring SSL during initial installation vs. post-installation, renewing SSL certificates, problems when SSL certificates expire and so-on...
  I may end up writing a guide for the next release (if time permits).
  Regards,
  Shane.

• How do i "re-trust" the SSL certificate sent from a server I previously marked as untrusted?

  I use Citrix Receiver to access my workplace Windows environment remotely from home, where I run Firefox 7.01 on Ubuntu 11.10. Two days ago the SSL certificate expired, so when I tried to logon remotely it failed. Now the company have renewed the certificate, but now when I try to logon I get an error from the Citrix ICA Client saying "You have not chosen to trust Verisign Class 3 Public Primary Certification Authority - G5, the issuer of the server's security certificate (SSL error 61)"
  I have found a couple of similar queries here, but neither had a solution which worked for me. The entry for Verisign Clas 3... G5 is in /etc/ca-certificates.conf, also there's a link to it in /etc/ssl/certs to an existing ...G5.crt file in /usr/share/ca-certificates - Firefox seems to recognise the issuer as a valid existing certificate issuer. Firefox displays the certificate for the page when I use menu options Tools -> Page Info -> Security -> View Certificate, and the certificate shows as valid for today - for the life of me I can't find a way to make Firefox trust the darn issuer.
  I get the same fault with Firefox 3.6.23 on Ubuntu 10.04.
  (I'd rather not tell everyone here the URL of my company's remote access website)

  Thanks for the swift reply, cor-el - unfortunately, no joy with this approach.
  A. As my named user (called "greg", surprise, surprise, no secret there...)
  Run Firefox; select Edit > Preferences > Advanced : Encryption:
  Here I get no option for Certificates, but I do get View Certificates - then tabs for:
  - Servers, under which my company's remote logon URL is listed - Edit button is grey
  - Authorities, under which the Verisign...G5 entry may be edited; 3 options:
  1. may identify websites (ticked)
  2. may identify mail users (unticked)
  3. may identify software makers (ticked)
  I ticked 2, tried again - same failure. Unticked it.
  B. As root.
  Run Firefox; select Edit > Preferences > Advanced : Encryption:
  Here I get no option for Certificates, but I do get View Certificates - then tabs for:
  - Servers, under which my company's remote logon URL is NOT listed
  - Authorities, under which the Verisign...G5 entry may be edited; 3 options:
  1. may identify websites (ticked)
  2. may identify mail users (unticked)
  3. may identify software makers (unticked)
  I ticked 2 and 3, tried again - same failure. Unticked them.
  Maybe a solution would be, in some way, to add my company's remote logon URL to the list of Servers while running Firefox as root. The Export and Import buttons may help here. However, when I first declined their certificate I was running Firefox as greg, not as root, so I am a bit suspicious there - what can be done as greg should be undoable as greg.
  This is doing my head in. Maybe it's time to step back and think a bit. Maybe try Citrix's online help (already spent a fair amount of time there with no joy either).
  So, thanks again for the reply - I've generally tried to provide a good list of what's up, and your reply has given me food for thought. OK, I'll keep trying.

• Renew Verisign ssl certificate for webaccess

  Hi, We have just had our current Verisign ssl certificate expire.
  We are running Groupwise 7.03 - on our cluster agents and postoffices & gwia.
  The webaccess application is running on a Netware 6.5 sp5 - which is running Apache ver 2.0.54 & Tomcat 4 and also has tomcat5 in the DMZ.
  I have come across a number of support Tids about renewing ssl into edir, but i am looking for some steps to run through regarding WEBACCESS.
  My web app team have just bought a new verisign ssl certicate.
  What do i do from here to renew the webaccess application with the new Verisign ssl certificate.
  Anything that can help with this regarding webaccess and verisign ssl renew certifcaite instruction steps would be helpful.
  regards
  Dennis

  Dennis,
  > My web app team have just bought a new verisign ssl certicate.
  > What do i do from here to renew the webaccess application with the new
  > Verisign ssl certificate.
  >
  > Anything that can help with this regarding webaccess and verisign ssl
  > renew certifcaite instruction steps would be helpful.
  If you still need to do this, drop me an email at hamish at haitch dot
  net and I'll send you a doc I did documenting the process.
  H.
  Hamish
  Run multi-processor NetWare VM's with vmBoost
  http://www.haitch.net

• SSL Certificates Button

  Help.  Can anyone tell me why the SSL Certificate button does not appear in the settings on the mountain lion server 10.8.3?  I am attempting to follow the instructions on how to obtain a trusted certificates from a CA.

  Okay, the fact that everything server related probably should have been a clue, but it eluded me. I talked to Apple Care, who referred me to an enterprise tech. With his help I discovered my dynamic IP resolver service wasn't working and so DNS was resolving to an old IP. Why that problem coincided with my SSL cert expiring I'll never know, but the problem is now, well, resolved.

• Random Session Expiration

  Hi,
  I've been going through all related messages but nobody has answered this question clearly and stated the solution yet.
  On our server, we use latest Resin version and its max session inactive time is 45 minutes. But user sessions are randomly getting timed out before 45 min is reached.
  From a short list that i am suspected about following thigns might be a reason for this problem.
  - An IE patch that people are talking about. (I don't use cookies in our application but people are talkign about changing some IE settigns in order to sovle the problem but it apperas like it is not the solution.)
  - Resin Server
  - A possible system Error (When a problem happens in our system, problem gets reproted and user gets kicked out to login page with a proper error message. But this is again so low probability.)
  - Compilation of a new or modified class file (It is the most common reason but i can assure even thoguh there are no new classes the problem happens)
  - SSL time-outs ?? (I am not sure if this is an exact option but if there is a possiblity of SSL connection expiration, i am suspecting it might be happening and expiring session before its supposable time.)
  If anyone can tell me why a session could expire before max inactivity time is reached and no call is happened from application side to expire the session?
  Thanks in advance.

  URL rewriting is an alternative to using cookie to keep session. Of course if a particular URL does not have the JSESSIONID (or whatever) parameter in it, it is as good as anonymous/unlogon session. You should know if you are using URL rewriting by simply inspecting the URL.
  The reason why I suspect load balancing is because certain load balancing software server may not be sensitive to session and thus redirect traffic (of a logon session) to another server which does not aware that the user is logon. However, most load balancing server does not suffer from this problem nowadays.
  Have you tried to test run your app on a tomcat ? Can it be a resin problem ?
  If you have the time and energy, you might want to try the following :
  1. Use HttpSessionBindingListener to trap session binding/unbinding event. Then log info such timestamp, session id to a log file.
  2. Run a periodic (say every minute) logging of all sessions information (such as browser PC IP addr, session ID, login userid, access URL). Then try to match this log with the session with the HttpSessionBindingListener log. If a session got unbind without prior access to logout URL or timeout (can be determined by finding its last access timestamp), then that may points you to possible causes/circumstances of the problem.

• Cannot connect to sever web sites.

  I am running multiple services with the latest version of OS X 10.6 Server on my MacMini (web, mail, ichat, address book, etc.) . When I try to open my websites I get an "unable to find sever message". Everything has been working fine for the last 2 years and no changes have been made to the server settings, ISP, or DNS. All other services are working as they should. The server is hooked up to an Airport Extreme via a cable modem with a static IP. I have tried the following thus far:
  1) restarted the server, airport extreme, and cable modem
  2) checked the DNS via the web and my site addresses are pointing to my static IP address
  3) turned Web services off and on again in Server Admin
  4) checked the Airport port mapping to make sure Web Service (Port 80) was still open
  Any idea what's causing the problem???
  Thank you.

  Gracoat,
  I checked all cables and they are plugged in and seated properly.
  I typed "changeip -checkhostname" in the terminal and got "serveradmin must be run as root" ...(sorry, I'm not a command line kinda guy)
  Here is a cut/paste of some recent log activity (I X'd out some info for privacy):
  Apr 29 11:38:32 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51868] connect
  Apr 29 11:38:32 xxxxxx-corp jabberd/c2s[231]: SASL callback for non-existing host: xxxxxx-corp.com
  Apr 29 11:38:32 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51868] disconnect jid=unbound, packets: 0
  Apr 29 11:38:35 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51869] connect
  Apr 29 11:38:35 xxxxxx-corp jabberd/c2s[231]: SASL callback for non-existing host: xxxxxx-corp.com
  Apr 29 11:38:35 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51869] disconnect jid=unbound, packets: 0
  Apr 29 11:38:38 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51870] connect
  Apr 29 11:38:38 xxxxxx-corp jabberd/c2s[231]: SASL callback for non-existing host: xxxxxx-corp.com
  Apr 29 11:38:38 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51870] disconnect jid=unbound, packets: 0
  Apr 29 11:38:39 xxxxxx-corp org.apache.httpd[47665]: Syntax error on line 13 of /etc/apache2/proxy_sites/0000_any_8443_localhost.conf:
  Apr 29 11:38:39 xxxxxx-corp org.apache.httpd[47665]: SSLCertificateKeyFile: file '/etc/certificates/xxxxxx-corp.com.XXXXXXXXXXXXX9747C96C30F1986D48D59D227F1.key .pem' does not exist or is empty
  Apr 29 11:38:39 xxxxxx-corp com.apple.launchd[1] (org.apache.httpd[47665]): Exited with exit code: 1
  Apr 29 11:38:39 xxxxxx-corp com.apple.launchd[1] (org.apache.httpd): Throttling respawn: Will start in 10 seconds
  Apr 29 11:38:41 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51872] connect
  Apr 29 11:38:41 xxxxxx-corp jabberd/c2s[231]: SASL callback for non-existing host: xxxxxx-corp.com
  Apr 29 11:38:41 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51872] disconnect jid=unbound, packets: 0
  Apr 29 11:38:44 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51873] connect
  Apr 29 11:38:44 xxxxxx-corp jabberd/c2s[231]: SASL callback for non-existing host: xxxxxx-corp.com
  Apr 29 11:38:44 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51873] disconnect jid=unbound, packets: 0
  Apr 29 11:38:47 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51874] connect
  Apr 29 11:38:47 xxxxxx-corp jabberd/c2s[231]: SASL callback for non-existing host: xxxxxx-corp.com
  Apr 29 11:38:47 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51874] disconnect jid=unbound, packets: 0
  Apr 29 11:38:49 xxxxxx-corp org.apache.httpd[47667]: Syntax error on line 13 of /etc/apache2/proxy_sites/0000_any_8443_localhost.conf:
  Apr 29 11:38:49 xxxxxx-corp org.apache.httpd[47667]: SSLCertificateKeyFile: file '/etc/certificates/xxxxxx-corp.com xxxxxxxxxxxxxxxxC96C30F1986D48D59D227F1.key.pem' does not exist or is empty
  Apr 29 11:38:49 xxxxxx-corp com.apple.launchd[1] (org.apache.httpd[47667]): Exited with exit code: 1
  Apr 29 11:38:49 xxxxxx-corp com.apple.launchd[1] (org.apache.httpd): Throttling respawn: Will start in 10 seconds
  Apr 29 11:38:50 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51877] connect
  Apr 29 11:38:50 xxxxxx-corp jabberd/c2s[231]: SASL callback for non-existing host: xxxxxx-corp.com
  Apr 29 11:38:50 xxxxxx-corp jabberd/c2s[231]: [8] [::ffff:10.0.1.3, port=51877] disconnect jid=unbound, packets: 0
  I attempted to open my websites, and connect remotely via VPN, from multiple sources without any luck ...it appears the server cannot be reached. All worked fine a few days ago and had been for quite some time.
  My SSL certificate expired several months ago and I created a new one back then. It worked after the new certificate was installed and is still current. I have tried disabling SSL in the sites security settings but still they cannot be reached.
  The only changes I can think of that may have been made in recent months to the sever is a system software update. Other than that, I'm at a loss. Any help is greatly appreciated!!