The OCR backend has an invalid format) in OCR initialization

Similar Messages

• Tp profile has an invalid format

  Hello
  I run report RSTPTEST and recive messages:
  Profile               Cannot read tp profile
  Version               tp profile has an invalid format
  DB Connect            Link to database failed
  Offline Call          error in transportprofil (param missin.
  is there any idea?

  Hello Denis
  Download from SAP Service Marketplace, alias /patches the latest
  TP and R3trans programs (see note 19466) for your release.
  Please also check that you are using sapevt compatible with your
  kernel
  You must also ensure that background job RDDIMPDP is scheduled in
  the source and target systems.
  Thanks
  Kenny

• File has an Invalid format (Error no 11)

  I get a file has an Invalid format (Error no 11) message when opening a text file in Diadem 11, is there any specifics you can add to the error # 11 message, to help me resolve the error.

  Hi Atlas56,
  How were you loading the ASCII file into DIAdem?  Using a posted DataPlugin from the web?  Using a DataPlugin from a colleague?  Using the ASCII DataPlugin Wizard in DIAdem?  Using the ASCII Import Wizard in DIAdem?  Copying and pasting values into a VIEW table?
  I'm not familiar with that error message,
  Brad Turpin
  DIAdem Product Support Engineer
  National Instruments

• Error ' MEX2 USD has an invalid format' in FM 'AC_DOCUMENT_DIRECT_INPUT'

  Hi Friends,
  I see the error 'MEX2 USD has an invalid format' in FM 'AC_DOCUMENT_DIRECT_INPUT'.Do you guys have any idea as to why has this error occured.Please let me know.
  Is this a config issue ?

  can you check the currency key which your passing ..

• Input "(ALL_MEMBERS)" has an invalid format

  Hello Fellow Coders,
  I am using BOBJ Design Studio version 1.3 and am facing a very weird error when executing my application.  I have three cascading drop down filters in my application for STATE, CITY and LOCATION.  Based on my state selection, only relevant Cities belonging to that state is populated in the drop down.  Same is the case with LOCATION drop down which gets populated based on CITY selection.
  The issue that I am facing is when I don't select anything for CITY, system sends ALL_MEMBERS as the filter criteria.  Eventhough my end result is correct, I get this error message Input "(ALL_MEMBERS)" for Ship To City Code has an invalid format.  In my code, I am sending blank for the filter values but it is still giving issue.  Has anyone ever came across this issue and would like to share it with me?  I do really appreciate y'all's input. 
  Please see the attached screenshot

  Hi Raj,
  Showing your original script will help us to get clarified with this issue ,
  to be generic When you select your STATE dropdown, the corresponding cities gets populated
  in the  CITY dropdown, when you select CITY, the corresponding LOCATION.
  The problem arises when you skip the CITY dropdown selection , but you have populated the location with the city selection .
  One thing which may help is call CITY dropdown Onselect event at the event of STATE dropdown selection so that it selects the default value.
  If you have already done all this, Kindly ignore and try to post the exact script which you have used.
  Thanks
  karthik Swaminathan

• Bogus error message: "The field jnlp has an invalid value: https."

  We are running into a variant of an old bug. With a Windows XP client using JRE 1.5.0_05, we get:
  {noformat}Launch File Error: The field <jnlp> has an invalid value: https
  Java 1.4+ is required for HTTPS support{noformat}
  which of course is a strange thing for a 1.5 JRE to be squawking about. We found a Sun bug report 6433293 that reports this behavior as occuring on Solaris but not on Windows. We're seeing it on Windows. The bug report suggests that the error message text is the "wrong message" and may be totally unrelated to the actual problem (although it is triggered by having an https URL in the "href" attribute of the <jnlp> tag).
  Because of our customer environment, upgrading the JRE beyond 1.5.0_05 is NOT an option for us. I googled the message and found one blogpost that suggested the error may be related to the XML encoding (which seems surprising, but they claimed changing the encoding fixed the problem for them). I tried fiddling with the encoding values, but to no avail. Anyone know anything about this bug, and any possible workarounds?

  We finally found the solution to this, so I will follow up for the sake of posterity. Thanks, Andrew, for the pointer to JaNeLa. While it didn't tip us off to this particular problem, it did get us thinking in the right direction: that there was something about the JNLP file, completely unrelated to what the error message was reporting, that was causing the problem. Turns out that the Java 1.5.0_05 WebStart JNLP parser had a bug, such that it was tripped up by a JNLP file containing more than one XML comment in immediate succession. It seems unbelievable, but it was completely reproducible. Our JNLP file began like this:
  <?xml version="1.0" encoding="utf-8"?>
  <!-- here's a valid XML comment -->
  <!-- here's another valid XML comment, but it freaks out JWS 1.5.0_05 -->
  <jnlp spec="1.0+" codebase="https://ourserver/ourApp" href="https://ourserver/ourApp/ourApp.jnlp"/> By accounts, this was patched in 1.5.0_10, and we know that the problem didn't occur in 1.6.0_13. In case anyone else has this problem, that's something to look for. (Note: this isn't the only cause of this erroneous error message. It apparently got printed out when the parser was unhappy about various things. I saw another report that someone had a problem with their "encoding" attribute value on their xml header, and fixing that solved their problem.)

• Getting "... file has and invalid format. (Error no. 11)" when importing .tdms file into DIAdem 11

  I developed a script for processing .tdms files in DIAdem 11.1, now I'm deploying the script on the very PXI system that created the .tdms files.  This system had DIAdem 11.0, but when I try to open (DataFileLoadSel) the tdms file in my script I get the error message:
  "D:\MyFileName.tdms" has an invalid fiel format.  (Error no. 11)
  The tdms files are created by a LabView application.
  If I delete the correspondin .tdms index file, I get a little further, it loads the first two of four groups, using DataFileLoadSel on the first group, and DataFileLoadRed on the 2nd group, on third group, another DataFileLoadRed, I get the following error:
  Error in <MyScript> (Line: x, Column: y):
  Cannot load the file "D:\MyFileName.tdms" with the loader "TDMS"
  Further information:
  Cannot open the file "D:\MyFileName.tdms".
  Is there a difference between DIAdem 11.0 and 11.1 that affects the import of .tdms files, if so, can I get around it?
  Thanks,
  Eric
  Solved!
  Go to Solution.

  Hello eberg,
  Before we go into more detailed error trapping, could you please try to install the TDMS 2.0 format on the DIAdem 11.0 computer (DIAdem 11.1 and LabVIEW 2009 come with the TDMS 2.0 stuff already installed).
  Please get the download here: http://zone.ni.com/devzone/cda/tut/p/id/9995
  Once installed, please try running the Scripts again (in DIAdem 11.0) and let us know if that fixed the issue. It might not help to install this, but it's a quick thing to try before we dig deeper into the issue.
  Best regards,
        Otmar
  Otmar D. Foehner
  Business Development Manager
  DIAdem and Test Data Management
  National Instruments
  Austin, TX - USA
  "For an optimist the glass is half full, for a pessimist it's half empty, and for an engineer is twice bigger than necessary."

• The time string has a valid format but it corresponds to the future time

  First all, I want to thank richwolf ... without his Woolamaloo.. I don't know if I can every have this to work---> for a person that is not a programmer, that application really helps a lot.
  When I use the debug function in Woolamaloo, it gave me the information about that time string has a valid format but it corresponds to the future time. And, because of that only "all" access is allowed.
  If we can't change the server time setting, is there any way I can modify the script to correct this? I place the modified itunesu (from the apple sample code, shell folder) file to the cgi-bin folder on the server. Any help will be really appreciated thank you all.
  Trouble R.

  First of all, thank you for using Woolamaloo. You are too kind.
  The time token is used to create your signature token ... and you need the signature to have a valid token string. So I can't see a way for you to do what you ask.
  Is there any way you can use the server that you don't control to do authentication only ... and generate the token string on a server whose time you can set?

• When connecting my external hardrive to my mac, I can't copy files onto it or off of it. It gives me the message 'the operation cant be complete because you dont have permission to access some of the items' It has also been formatted to a mac.

  It gives me the message 'the operation cant be complete because you dont have permission to access some of the items'
  I tried to even format it to a mac to use it with time machine but it is saying i dont have ownership. I am gettin really frustrated with this, please help

  Then use a proper backup application. 
  Periodically using drag & drop isn't very reliable or complete, and backing-up your entire system is much better than just some selected data.  When your internal HD fails (they all do, sooner or later) or something else awful happens, reinstalling everything can be a very large, tedious, and error-prone process.  Among other things, 3rd-party apps will have to be reinstalled from the original discs or re-downloaded, and purchase keys or serial numbers re-entered.
  You already have Time Machine -- it's built-in to OSX, and very easy to use.  You might want to review the Time Machine Tutorial, and perhaps browse Time Machine - Frequently Asked Questions.
  And/or, you can use a 3rd-party "cloning" application such as SuperDuper or CarbonCopyCloner.   See Time Machine vs. Clones and Archives for an overview of the differences.

• Problem with partion resulting in "One of the source volumes specified has an invalid format and cannot be protected using Windows Backup. Only volumes formatted with NTFS/ReFS can be protected."

  We have two new Windows Servers 2012 R2 that I'm trying to set backups on using a script. When I used the -allCritical switch, I get the error specified in the subject. When I look at the partition information using diskpart, I see a 2048 MB partition with
  no drive letter labeled as System that is FAT32. I was never prompted to my recollection of what file system to format the partition with. Is it safe to assign this partition a letter, convert to NTFS, and then remove the drive letter?
  Thanks

  I did. I assigned the drive a letter and ran  CONVERT [drive letter]:
  /FS. I was really worried during the reboot, but it came up OK, and after it was back online, I removed the drive letter.

• Help diagnosing "The selected certificate has errors: Invalid Signature"

  I am unable to sign a PDF using a new certificate I have received.  I have tried Acrobat X and XI.  I have also tried importing both the root and issuing CAs as trust anchors.  Those certs seem to verify fine.  This issue appears to be with the signature on my cert.
  My suspicion is that the issue stems from the issuing CA's use of the "AlternateSignatureAlgorithm", 1.2.840.113549.1.1.10 RSASSA-PSS, for my user cert.  Acrobat does not seem to recognize this algorithm.  It simply lists the OID value when I look at the signature algorithm under details.
  The certificate is validated fine using certutil.exe and works fine when I use it for client SSL authentication.  I am using Windows 7 and have tried both 32 and 64 bit PCs.
  Has anyone experienced this before?
  ================ Certificate 0 ================
  ================ Begin Nesting Level 1 ================
  X509 Certificate:
  Version: 3
  Serial Number: 100000
  Signature Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.5 sha1RSA
      Algorithm Parameters:
      05 00
  Issuer:
      CN=xyz QA CA
      O=xyz Technical Resources Ltd
      C=US
  NotBefore: 11/15/2012 2:14 PM
  NotAfter: 11/16/2022 2:14 PM
  Subject:
      CN=xyz Issuing CA
  Public Key Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
      Algorithm Parameters:
      05 00
  Public Key Length: 2048 bits
  Public Key: UnusedBits = 0
      0000  30 82 01 0a 02 82 01 01  00 e3 0b d4 99 e6 01 f1
      0010  0e a4 e1 82 8a 8c 39 27  62 7a 03 23 fe 03 3f b5
      0020  0d b6 fa c2 1b 86 44 d6  2f 76 65 b0 02 ff 83 69
      0030  b7 6a 8d b2 d7 22 74 e3  04 9a 01 ec 4c 0f de ff
      0040  c3 db 8f b5 c1 d3 7d 80  f5 ca cc ca 6d ef df 2a
      0050  31 25 18 0b 92 1b 4b 1f  41 c0 5f b6 b2 7e f4 43
      0060  99 43 01 cf c2 60 de 79  75 ec dc 61 11 ea 87 d0
      0070  76 56 a6 4f 00 4a 31 94  37 a5 37 7b 0d 61 49 74
      0080  67 88 31 df 81 16 a2 ed  5c 77 6b 23 6b 92 35 c8
      0090  b3 05 cc 5a 06 3c a3 b3  6c d8 ad 1e 66 28 4e 90
      00a0  3f ad 66 db 6d 13 dd c8  44 29 a0 4f 62 9c f5 5a
      00b0  c1 7e 84 fc e6 24 57 c2  bd ce f1 80 b7 bd 13 b8
      00c0  9f d1 8a bb 41 43 67 9f  68 25 f6 a6 a2 be 44 89
      00d0  11 4f 12 3d 2d d3 85 be  38 f9 97 bd e1 ce 5c 8c
      00e0  4e d4 ce be 19 0b a7 91  5d ee 1e c1 84 2c 2a 5e
      00f0  bb e5 4a fb 7f 2a f4 b8  06 2b 63 1f d9 c3 d9 d3
      0100  5a 13 2d ea 19 63 dd 7c  e5 02 03 01 00 01
  Certificate Extensions: 9
      2.5.29.19: Flags = 1(Critical), Length = 5
      Basic Constraints
          Subject Type=CA
          Path Length Constraint=None
      2.5.29.14: Flags = 1(Critical), Length = 16
      Subject Key Identifier
          8a 54 1f f7 43 b9 fd 19 3f 82 28 08 13 3d fa 73 42 11 e3 6f
      2.5.29.15: Flags = 1(Critical), Length = 4
      Key Usage
          Certificate Signing, Off-line CRL Signing, CRL Signing (06)
      2.5.29.35: Flags = 1(Critical), Length = 7e
      Authority Key Identifier
          KeyID=c5 91 51 88 76 e2 a4 13 5a 2f 11 84 29 54 de cf 4f 93 28 eb
          Certificate Issuer:
               Directory Address:
                    CN=xyz QA CA
                    O=xyz Technical Resources Ltd
                    C=US
          Certificate SerialNumber=00 96 b6 de 15 a7 4b 97 ac
      2.5.29.31: Flags = 0, Length = 36
      CRL Distribution Points
          [1]CRL Distribution Point
               Distribution Point Name:
                    Full Name:
                         URL=http://pki.xyzre.qa1/crls/root-ca.crl
      1.3.6.1.5.5.7.1.1: Flags = 0, Length = 37
      Authority Information Access
          [1]Authority Info Access
               Access Method=Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
               Alternative Name:
                    URL=http://pki.xyzre.qa1/root-ca.cer
      2.5.29.32: Flags = 0, Length = 6e
      Certificate Policies
          [1]Certificate Policy:
               Policy Identifier=2.16.840.1.101.3.2.1.48
               [1,1]Policy Qualifier Info:
                    Policy Qualifier Id=CPS
                    Qualifier:
                         http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/documents/test_policy.pdf
      1.3.6.1.4.1.311.21.1: Flags = 0, Length = 3
      CA Version
          V0.0
      1.3.6.1.4.1.311.20.2: Flags = 0, Length = c
      Certificate Template Name (Certificate Type)
          SubCA
  Signature Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.5 sha1RSA
      Algorithm Parameters:
      05 00
  Signature: UnusedBits=0
      0000  41 a4 3f 79 99 d2 aa fa  f9 4b 88 0c a6 be 6f 40
      0010  0b df 10 93 f5 bb 48 c7  1f 89 73 73 09 58 b4 22
      0020  f2 b8 0f 78 b1 da 16 81  cd 2d 86 5a 22 90 67 cd
      0030  22 03 56 d5 c2 f4 df 79  b2 2a 82 e0 2e 5a 9a c3
      0040  92 b5 4d f2 fe 3d 6b f0  97 b0 b7 85 b6 e9 99 4c
      0050  f5 87 34 81 bc 27 f0 77  a1 c6 b2 50 b1 c8 b6 2f
      0060  6f 01 61 0d 1d bc cd 3b  07 2d 18 71 d3 f1 f2 03
      0070  78 e6 82 24 27 b1 65 d5  4b be 6c 20 f7 60 30 4c
      0080  49 42 07 4c 13 d9 7d 77  7f 10 a4 32 bc 30 d4 82
      0090  bf 40 06 0f 84 32 43 65  67 47 d0 19 59 0e e7 c2
      00a0  d9 c1 10 0a 5e df a2 18  04 86 e5 e4 09 80 99 75
      00b0  fd 21 ad 86 5f 77 ab 5d  aa 79 74 ed eb ba c4 e8
      00c0  f1 fb b2 ae 6a dd 07 5c  cc 3d 93 99 ff 45 e6 f6
      00d0  c6 d6 d3 22 69 c3 43 50  c0 69 e4 7f 3e 73 df 76
      00e0  6f 9d fc 73 ed 54 0b 49  3b 6f c8 99 32 b1 9b d5
      00f0  15 bd 5f 40 07 a2 f2 92  0e 74 2b f2 01 39 52 b0
  Non-root Certificate
  Key Id Hash(rfc-sha1): 8a 54 1f f7 43 b9 fd 19 3f 82 28 08 13 3d fa 73 42 11 e3 6f
  Key Id Hash(sha1): e7 a5 38 8b 64 5e bd 6e ee 7b 3f 61 bb 8a ed 2c cc 4b 2c 2f
  Cert Hash(md5): 69 84 7c 7c d8 2a 35 12 e9 6b e8 6a fd ca be 92
  Cert Hash(sha1): eb 2f 11 1b b0 c2 92 a0 14 74 50 42 50 1e de c5 53 de d7 df
  ----------------  End Nesting Level 1  ----------------
    CERT_MD5_HASH_PROP_ID(4):
      69 84 7c 7c d8 2a 35 12 e9 6b e8 6a fd ca be 92
    CERT_SHA1_HASH_PROP_ID(3):
      eb 2f 11 1b b0 c2 92 a0 14 74 50 42 50 1e de c5 53 de d7 df
    CERT_KEY_IDENTIFIER_PROP_ID(20):
      8a 54 1f f7 43 b9 fd 19 3f 82 28 08 13 3d fa 73 42 11 e3 6f
  Cannot find the certificate and private key for decryption.
  ================ Certificate 1 ================
  ================ Begin Nesting Level 1 ================
  X509 Certificate:
  Version: 3
  Serial Number: 96b6de15a74b97ac
  Signature Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.5 sha1RSA
      Algorithm Parameters:
      05 00
  Issuer:
      CN=xyz QA CA
      O=xyz Technical Resources Ltd
      C=US
  NotBefore: 11/13/2012 3:35 PM
  NotAfter: 11/13/2032 3:35 PM
  Subject:
      CN=xyz QA CA
      O=xyz Technical Resources Ltd
      C=US
  Public Key Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
      Algorithm Parameters:
      05 00
  Public Key Length: 2048 bits
  Public Key: UnusedBits = 0
      0000  30 82 01 0a 02 82 01 01  00 d2 5f 7d c0 c5 25 7f
      0010  2c 4c a2 4a 9b 6f e7 7a  35 cd 9a 2a 88 30 36 9b
      0020  f8 a4 d8 31 64 72 36 1c  1b 2c dc 73 11 d6 57 a2
      0030  97 91 6d bb d0 3c 13 65  28 4d 78 4e e1 c7 06 ac
      0040  16 c1 2a 62 39 ba 39 f9  a1 b9 4a 14 39 28 58 0d
      0050  f4 97 83 d5 ee 45 91 4a  41 06 e5 b9 60 40 20 48
      0060  85 f4 2d 8e 04 7f 81 12  3a 26 e1 0f 21 32 49 bc
      0070  20 ef 12 69 5a 20 a4 51  65 6d 85 4c 0f 4c 91 4c
      0080  26 47 27 a7 9e 49 e0 f7  56 08 fc 90 47 11 6c a9
      0090  b8 81 c6 83 c8 b2 2d e8  c4 ba 8b 45 32 c5 dd a0
      00a0  d9 1c 85 10 d6 6b 42 50  9a 42 d6 e4 51 32 73 59
      00b0  92 5b d1 44 82 dc be 75  65 94 e7 4a 79 15 ed 23
      00c0  f8 a3 3e 28 92 31 75 5c  fa b9 1b 6d e0 c3 d0 24
      00d0  7a 09 86 d0 2d c7 42 eb  6b fc 95 ed 62 13 21 35
      00e0  2f 0e b6 cd c2 c3 66 d4  a6 1b 53 15 49 64 ac 34
      00f0  11 20 8b e4 46 bc 60 68  3e 1b cb 5c b8 05 f4 a8
      0100  0a a3 53 d0 37 2a 2d 73  01 02 03 01 00 01
  Certificate Extensions: 7
      2.5.29.19: Flags = 1(Critical), Length = 5
      Basic Constraints
          Subject Type=CA
          Path Length Constraint=None
      2.5.29.14: Flags = 1(Critical), Length = 16
      Subject Key Identifier
          c5 91 51 88 76 e2 a4 13 5a 2f 11 84 29 54 de cf 4f 93 28 eb
      2.5.29.15: Flags = 1(Critical), Length = 4
      Key Usage
          Certificate Signing, Off-line CRL Signing, CRL Signing (06)
      2.5.29.35: Flags = 1(Critical), Length = 7e
      Authority Key Identifier
          KeyID=c5 91 51 88 76 e2 a4 13 5a 2f 11 84 29 54 de cf 4f 93 28 eb
          Certificate Issuer:
               Directory Address:
                    CN=xyz QA CA
                    O=xyz Technical Resources Ltd
                    C=US
          Certificate SerialNumber=00 96 b6 de 15 a7 4b 97 ac
      2.5.29.31: Flags = 0, Length = 36
      CRL Distribution Points
          [1]CRL Distribution Point
               Distribution Point Name:
                    Full Name:
                         URL=http://pki.xyzre.qa1/crls/root-ca.crl
      1.3.6.1.5.5.7.1.1: Flags = 0, Length = 37
      Authority Information Access
          [1]Authority Info Access
               Access Method=Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
               Alternative Name:
                    URL=http://pki.xyzre.qa1/root-ca.cer
      2.5.29.32: Flags = 0, Length = 6e
      Certificate Policies
          [1]Certificate Policy:
               Policy Identifier=2.16.840.1.101.3.2.1.48
               [1,1]Policy Qualifier Info:
                    Policy Qualifier Id=CPS
                    Qualifier:
                         http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/documents/test_policy.pdf
  Signature Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.5 sha1RSA
      Algorithm Parameters:
      05 00
  Signature: UnusedBits=0
      0000  69 25 3a 36 f1 13 25 88  73 94 eb cf 5b 70 2e 86
      0010  8c 0d 7a 8f 3a 49 0e 42  18 da c9 00 26 68 ea 42
      0020  cd 2a 24 43 0d ec 6b 15  73 14 33 69 c2 60 3d 40
      0030  1c 4d 59 12 7a e9 03 00  81 ba 1e 50 55 05 bd 60
      0040  88 84 bb 8e e3 f5 ce 00  42 ae fd 01 05 fd bc 5f
      0050  af cc e3 a4 4d f2 84 8b  9b 0d 24 16 d6 d4 51 da
      0060  50 9c c4 69 d6 b8 18 be  e5 5c 48 b8 8a a3 d4 22
      0070  0e 26 f2 15 d8 ff 19 34  d4 1d 69 50 02 51 da e8
      0080  ad 05 a3 2f 1c e9 0f da  e3 4c 36 c4 cd 6e a5 76
      0090  88 19 90 78 ad fe 94 62  46 91 2b 0a 36 df e2 ea
      00a0  4a a9 f4 5c dc 77 4d e5  f4 ab e9 b9 da f6 b0 9f
      00b0  6c f5 50 74 14 19 05 df  96 b5 ee af a3 31 a5 af
      00c0  8f 6c be 67 43 78 55 0e  39 46 80 05 12 5f c2 4f
      00d0  24 fc 13 f7 e5 ee 64 0f  dd 9a 49 5c 57 10 1c 4b
      00e0  7a 9f 5a 1f 0c ec 5b 8d  b4 c4 ed d8 09 cc 1c d9
      00f0  9f 04 3f 85 ab 95 48 8e  77 e0 91 81 39 46 fb a3
  Signature matches Public Key
  Root Certificate: Subject matches Issuer
  Key Id Hash(rfc-sha1): c5 91 51 88 76 e2 a4 13 5a 2f 11 84 29 54 de cf 4f 93 28 eb
  Key Id Hash(sha1): f0 fc 52 1c c1 a6 16 2d 28 c1 71 84 ae d4 18 87 74 c4 f8 1c
  Cert Hash(md5): c9 af 16 63 9e 51 7b 8e 22 25 96 d7 a7 66 fa ab
  Cert Hash(sha1): e6 0b ef c1 fb e6 94 13 dc 9f 26 80 33 31 43 d9 ec af d7 be
  ----------------  End Nesting Level 1  ----------------
    CERT_MD5_HASH_PROP_ID(4):
      c9 af 16 63 9e 51 7b 8e 22 25 96 d7 a7 66 fa ab
    CERT_SHA1_HASH_PROP_ID(3):
      e6 0b ef c1 fb e6 94 13 dc 9f 26 80 33 31 43 d9 ec af d7 be
    CERT_KEY_IDENTIFIER_PROP_ID(20):
      c5 91 51 88 76 e2 a4 13 5a 2f 11 84 29 54 de cf 4f 93 28 eb
  Cannot find the certificate and private key for decryption.
  ================ Certificate 2 ================
  ================ Begin Nesting Level 1 ================
  X509 Certificate:
  Version: 3
  Serial Number: 1500000003a24d67389af826d7000000000003
  Signature Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.10 RSASSA-PSS
      Algorithm Parameters:
      30 00
  Issuer:
      CN=xyz Issuing CA
  NotBefore: 11/15/2012 3:13 PM
  NotAfter: 11/15/2013 3:13 PM
  Subject:
      [email protected]
      CN=(e) Hugh Kelley
  Public Key Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
      Algorithm Parameters:
      05 00
  Public Key Length: 2048 bits
  Public Key: UnusedBits = 0
      0000  30 82 01 0a 02 82 01 01  00 e4 55 77 34 c0 b7 58
      0010  55 cd 71 1e da d4 83 fd  f4 bd a5 d5 26 52 6c 7e
      0020  8d 74 ea 0a b6 2c 0c ae  b4 8f fc 95 07 9b 1a d4
      0030  e1 9f ed e3 7e d7 f4 f0  04 2c e4 ed 4c 49 2b d7
      0040  b4 42 c0 1c 12 7c b8 76  22 83 e6 d9 44 78 ce 26
      0050  20 5c 9c 71 30 3c 78 01  74 fa ac f9 7b b3 83 28
      0060  a8 18 52 10 d4 a5 f0 29  40 15 40 16 5c 90 4b 5d
      0070  c4 57 9d 3d 29 4e ce 80  b1 f1 ae 17 a4 cc 85 0b
      0080  a2 5e 73 0f ac 0f ff 8b  05 0c b9 f2 17 b3 ad 2f
      0090  b7 33 c7 ac bf 16 0f 09  2a e6 b7 f9 90 42 0b 6f
      00a0  3b 7f df 86 e6 e9 33 b6  d5 2d be 5f 65 4b 87 45
      00b0  d4 53 fc 8e de 0f 49 fd  8b 84 f5 2e cd 00 a9 cd
      00c0  0c b2 e2 7e 3e f9 e3 28  2f 9a 55 85 3e b8 b2 3a
      00d0  89 ce 19 bd 88 b2 74 da  42 ac bf 07 6c 4a b8 2e
      00e0  94 36 3b 28 f0 45 ec 59  f4 22 f3 03 47 85 ef 4c
      00f0  ba f5 24 3e 55 60 8b e8  6e e3 e9 1e bf 3c c9 75
      0100  88 9c 39 6c 20 66 c0 92  85 02 03 01 00 01
  Certificate Extensions: 10
      1.3.6.1.4.1.311.21.7: Flags = 0, Length = 30
      Certificate Template Information
          Template=1.3.6.1.4.1.311.21.8.11609700.13554795.12405411.13975648.10011376.129.8742862.14 66929
          Major Version Number=100
          Minor Version Number=5
      2.5.29.37: Flags = 0, Length = 22
      Enhanced Key Usage
          Client Authentication (1.3.6.1.5.5.7.3.2)
          Secure Email (1.3.6.1.5.5.7.3.4)
          Encrypting File System (1.3.6.1.4.1.311.10.3.4)
      2.5.29.15: Flags = 1(Critical), Length = 4
      Key Usage
          Digital Signature, Key Encipherment (a0)
      1.3.6.1.4.1.311.21.10: Flags = 0, Length = 28
      Application Policies
          [1]Application Certificate Policy:
               Policy Identifier=Client Authentication
          [2]Application Certificate Policy:
               Policy Identifier=Secure Email
          [3]Application Certificate Policy:
               Policy Identifier=Encrypting File System
      1.2.840.113549.1.9.15: Flags = 0, Length = 37
      SMIME Capabilities
          [1]SMIME Capability
               Object ID=1.2.840.113549.3.2
               Parameters=02 02 00 80
          [2]SMIME Capability
               Object ID=1.2.840.113549.3.4
               Parameters=02 02 00 80
          [3]SMIME Capability
               Object ID=1.3.14.3.2.7
          [4]SMIME Capability
               Object ID=1.2.840.113549.3.7
      2.5.29.14: Flags = 0, Length = 16
      Subject Key Identifier
          c2 1d d2 c8 90 64 9c 38 a9 66 9d 12 8b 1a a6 ab a8 72 2a 11
      2.5.29.35: Flags = 0, Length = 18
      Authority Key Identifier
          KeyID=8a 54 1f f7 43 b9 fd 19 3f 82 28 08 13 3d fa 73 42 11 e3 6f
      2.5.29.31: Flags = 0, Length = 44
      CRL Distribution Points
          [1]CRL Distribution Point
               Distribution Point Name:
                    Full Name:
                         URL=http://pki.xyzre.qa1/crls/xyz Issuing CA.crl
      1.3.6.1.5.5.7.1.1: Flags = 0, Length = 45
      Authority Information Access
          [1]Authority Info Access
               Access Method=Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
               Alternative Name:
                    URL=http://pki.xyzre.qa1/xyz Issuing CA.crt
      2.5.29.17: Flags = 0, Length = 50
      Subject Alternative Name
          Other Name:
               Principal [email protected]
          RFC822 [email protected]
  Signature Algorithm:
      Algorithm ObjectId: 1.2.840.113549.1.1.10 RSASSA-PSS
      Algorithm Parameters:
      30 00
  Signature: UnusedBits=0
      0000  51 58 a1 89 fc fe 9d b3  67 36 9f 4d 41 75 9e 9f
      0010  b8 30 10 3b c8 f1 0b 6a  b8 ab 84 73 2e 91 7e 05
      0020  e0 3a 5b 34 cd 0a 35 bd  e0 f6 c2 7c 7f d0 d6 b3
      0030  03 3d 8c dd 52 04 7f 62  55 a5 14 a7 5a 20 77 5d
      0040  0f bb f6 4d a3 8c 2e 98  76 39 f4 30 18 bf be 5f
      0050  0c 62 20 40 39 34 e6 de  d2 dd 01 dd e9 bb d0 e5
      0060  1e 93 93 0e de c4 c5 86  9e 15 72 ea 4c 37 5c 6c
      0070  3d dc 69 8d 17 9d f8 b6  2a 51 1f f5 bc f5 fb 58
      0080  2c 03 4f 88 b8 58 a3 cd  ca 38 28 3a c9 34 79 4a
      0090  46 7c de a1 a8 fa 28 34  1f 23 96 69 51 f1 c7 41
      00a0  0b c8 a9 39 71 6c 4f 57  81 7f ec a7 2f 65 b9 97
      00b0  c8 2d 1e 24 ff fc d9 58  5c 07 e9 2c 83 77 64 a9
      00c0  8f 5d 42 9e c3 ea 85 88  39 7b 23 56 38 6d c9 15
      00d0  4c 80 de cf 00 e0 73 27  e2 f1 b3 d4 c9 b5 83 74
      00e0  4f 6e 6f 03 2f df c1 29  24 de 6a 70 cf de d4 1f
      00f0  fb 07 08 85 89 f9 08 f7  68 5c 68 29 2e 3c 6c de
  Non-root Certificate
  Key Id Hash(rfc-sha1): c2 1d d2 c8 90 64 9c 38 a9 66 9d 12 8b 1a a6 ab a8 72 2a 11
  Key Id Hash(sha1): 42 9c bd 63 60 4c d2 a8 55 bd 1b f4 70 25 34 cd 72 38 ca 8c
  Cert Hash(md5): af 8b 1e 76 71 f5 53 f4 93 62 1d e7 5e a8 d1 ff
  Cert Hash(sha1): 4f 3b d3 48 ba 05 65 dd 99 bb 33 65 5b 5e ba 13 28 fe 2d 80
  ----------------  End Nesting Level 1  ----------------
    CERT_MD5_HASH_PROP_ID(4):
      af 8b 1e 76 71 f5 53 f4 93 62 1d e7 5e a8 d1 ff
    CERT_SHA1_HASH_PROP_ID(3):
      4f 3b d3 48 ba 05 65 dd 99 bb 33 65 5b 5e ba 13 28 fe 2d 80
    CERT_KEY_PROV_INFO_PROP_ID(2):
      Key Container = {0136F9BB-2135-4642-827C-B883E0BDAF41}
    Unique container name: 1119ced7dad9cbd7d39924c9f35b5886_f10cfee5-eccc-4ef4-b0fb-7042bc1815c3
      Provider = Microsoft Enhanced Cryptographic Provider v1.0
      ProviderType = 1
      Flags = 0
      KeySpec = 1 -- AT_KEYEXCHANGE
    CERT_CEP_PROP_ID(87):
    Enrollment Policy Url: ldap:
    Enrollment Policy Id: {D8416D24-E050-45B1-B348-B9218292357C}
    Enrollment Server Url: Q-PKI-01.xyzre.qa1\xyz Issuing CA
    Request Id: 3
    Flags = 0
      DefaultNone -- 0
    Url Flags = 20 (32)
      PsfAllowUnTrustedCA -- 20 (32)
    Authentication = 2
      Kerberos -- 2
    Enrollment Server Authentication = 2
      Kerberos -- 2
    CERT_REQUEST_ORIGINATOR_PROP_ID(71):
      Q-APPDEV7-01.xyzre.qa1
    CERT_KEY_IDENTIFIER_PROP_ID(20):
      c2 1d d2 c8 90 64 9c 38 a9 66 9d 12 8b 1a a6 ab a8 72 2a 11
    Unique container name: 1119ced7dad9cbd7d39924c9f35b5886_f10cfee5-eccc-4ef4-b0fb-7042bc1815c3
    PP_KEYSTORAGE = 1
      CRYPT_SEC_DESCR -- 1
    KP_PERMISSIONS = 3f (63)
      CRYPT_ENCRYPT -- 1
      CRYPT_DECRYPT -- 2
      CRYPT_EXPORT -- 4
      CRYPT_READ -- 8
      CRYPT_WRITE -- 10 (16)
      CRYPT_MAC -- 20 (32)
    D:(A;ID;GAGR;;;SY)(A;ID;GAGR;;;BA)(A;ID;GAGR;;;S-1-5-21-2052111302-1708537768-839522115-2 4370)
      Allow Full Control    NT AUTHORITY\SYSTEM
      Allow Full Control    BUILTIN\Administrators
      Allow Full Control    xyzRE\hugh.kelley
  Private Key:
    PRIVATEKEYBLOB
    Version: 2
    aiKeyAlg: 0xa400
      CALG_RSA_KEYX
      Algorithm Class: 0xa000(5) ALG_CLASS_KEY_EXCHANGE
      Algorithm Type: 0x400(2) ALG_TYPE_RSA
      Algorithm Sub-id: 0x0(0) ALG_SID_RSA_ANY
    0000  52 53 41 32                                        RSA2
    0000  ...
    048c
  Encryption test passed
  CertUtil: -dump command completed successfully.

  Hi Hugh,
  As you figured out the certificate was using a signature algorithm that Acrobat did not understand. The "signature algorithm" is a composite of the the digest algorithm (e.g. sha1), and the encryption algorithm (e.g. RSA). Acrobat understands the following digest algorithms; MD5, SHA-1, RIPEMD-160, SHA-256, SHA384, and SHA512. As far as encryption algorithms go, it understands DSA and RSA. Just to make things a little more complicated, version XI also can handle elliptic curve, but versions 6 thru 10 were limited to DSA & RSA. If you are using a digital ID created with the DSA encryption algorithm then the only digest algorithm Acrobat can use with is SHA-1. Just like you saw sha1RSA, you could also use a digital ID with the sha1DSA signature algorithm. If you are using RSA then it will pair with all six digest algorithms I noted above (e.g. sha256RSA).
  The Probabilistic Signature Scheme is not something Acrobat understands at all.
  Steve

• The selected certificate has errors: Invalid policy constraint

  Hi
  What does this exactely mean?
  The signer of the document in question used an official p12 keystore, issued by QuoVadis. QuoVadisRootCa3 is globally trusted by all software we know so far.
  The certificate chain is shown correctely in adobe reader, but the usercertificate shows the yellow warning flag along with above message.
  What can/must we do on the signer's side to get the document accepted in adobe reader at the customer site?
  Thanks for your help
  Marcel

  A CA may issue many different signing certificates and System Administrator may restrict which signatures signed with certificates issued by this CA should be accepted as Valid on particular Reader installations.
  Policy constraints are set on individual Acrobat/Reader installations. Usually they are set by IT but can be also done manually by the users. When policy constraints are enabled Reader validates only signatures signed with DIgital IDs that meet specified policy constraints. In Reader/Acrobat policy constraints are specified per trusted root certificate. In Reader XI go to Edit->Preferences->Signatures, click on More.... in "Identities&Trusted Certificates" and select "Trusted Certificates". In the list of ttrusted certificates select the root certificate of the chain in the problem signature and click "Edit Trust" button. In the dialog that comes up select "Policy Restrictions" tab. It contains on top explanation of what policy restrictions are.
  Apparently the installations that exhibit this problem have some "Certificate policies" entered for QuoVadis trusted root. When it happens Reader will mark as Valid only signatures signed with the QuoVadis-issued Digital IDs that include matching policy constraints. There is nothing you can do about it on the signer's side, because it is controlled by the preferences on the recipients' side.

• When I try to download the latest version of iTunes on my iPod Classic I get the message that "iTunes has an invalid signature" and that "Content was blocked because it was not signed by a valid security certificate.  Anyone know how to fix this?

  When I try to download the latest version of iTunes from apple.com, I get the message "Content was blocked because it was not signed by a valid security certificate."When I open iTunes and try to download the latest version there, I get the message "iTunes has an invalid signature.  The download has been removed."  I have also gotten an Internet Script Error stating that an error has occured in Line 0, Char O and that "Access is denied to images.apple.com/global/scripts/lib/iepngfix.htc."  This problem has never occurred with earlier versions of ITunes.  Anyone know how to fix this problem? 

  Are you downloading iTunes form an Apple website or somewhere else? If the answer is somewhere else, try downloading it from Apple. Click on iTunes in the black menu bar above and go from there.
  Let us know what happens.

• Sony Bravia 26" "Invalid Format"

  When I first hooked my Mac Mini To the Sony Bravia, using the DVI adapter, it worked OK, but when I increased the resolution I get an Invalid Format message, and I can't change it back. I have tried going back and forth, from the Bravia to my Apple display. No matter what I change the Resolution to on my Apple display, when I go back to the Bravia I get the same message.

  Welcome to Apple Discussions!
  I suspect the reason your Bravia continues to remain blank despite you tweaking settings when using your Apple display is that the mini is 'remembering' the Bravia and the settings used with it, so reverting to those each time the system boots with it connected.
  You could try several things at this point:
  1: With the mini connected to the Bravia, boot into safe mode by holding the shift key down during startup. Safe mode may result in the system reverting to a basic resolution, allowing a display on the Bravia, which you can then reset to something you know worked before with it.
  2: Boot with the mini connected to the Apple display, then without powering down, disconnect that and connect the Bravia.
  3: Boot with no display connected, and wait until sufficient time has passed that you would normally be seeing the desktop, then connect the Bravia. This sometimes forces the system to boot into ultra-low res mode, which may remain after the Bravia is connected, allowing you to reset to a known-good resolution and refresh rate.
  4: Boot with the system connected to the Apple display, and then search for file names containing 'windowserver' (no quotes) using the Finder's Find command in the file menu. Depending on which version of MacOS you're using, you may need to set the 'Kind' to 'system files' and then switch 'don't include' to 'include' instead. Drag all instances of windowserver files which end in '.plist' to the trash and then reboot (there may be 1, 2 3, or even 4 such files). These files contain display settings preferences, so will force the system to forget the Bravia. When booting again, it will create new ones but more importantly, since it will no longer remember the Bravia's settings you used, it should give you a working display.

• I'm trying to download itunes 10.5 (windowsxp w/servicepack3) and i get "Itunes has an invalid signature.It will not be installed". Suggestions?

  I'm trying to download Itunes 10.5 on myPC (WindowsXp w/service pack3) and I get the message "ITunes has an invalid signature.It will not be installed". Any suggestions?

  For general advice see Troubleshooting issues with iTunes for Windows updates.
  The steps in the second box are a guide to removing everything related to iTunes and then rebuilding it which is often a good starting point unless the symptoms indicate a more specific approach. Review the other boxes and the list of support documents further down page in case one of them applies.
  Your library should be unaffected by these steps but there is backup and recovery advice elsewhere in the user tip.
  tt2