WRT54GS and Certificate Errors

Similar Messages

• SSL Offloading and Certificate Errors

  I am attempting to offload SSL on an F5 load balancer.  I made the certificate request from the load balancer, procured the certificate from Entrust, and installed on the load balancer.  I then followed SSL Offloading TechNet instructions here:
  http://technet.microsoft.com/en-us/library/dn635115(v=exchg.150).aspx.  My two CAS servers still have the self-signed certificates bound in IIS.  I am getting certificate
  errors when making RPC over HTTPs connections in Outlook and the self-signed certificate is popping up.
  My question is what do I do with the certificates on my 2 CAS servers?  Do I leave the self-signed certificates on there and export the Entrust certificate from my F5 and then import it to my CAS servers and change the bindings in IIS? 
  Or do I have to make the CSR from a CAS server, issue a new Entrust certificate from that, import to both CAS servers, then import to the F5 and make sure all bindings are correct in IIS?
  Or am I completely misunderstanding how this works and need to do something different entirely?
  Thanks in advance for any guidance.

  As I previously mentioned, I have already followed the SSL Offloading guide from technet, which included unticking Require SSL for all the various objects in IIS (OWA, ECP, EWS, RPC etc.) 
  Additionally I made sure SSL Offloading was enabled for Outlook Anywhere in Powershell.  See for example output of Get-OutlookAnywhere:
  RunspaceId                         : 1bdf6a03-d43d-4478-84cc-95e18806b11b
  ServerName                         : TSTEXCG2013
  SSLOffloading                      : True
  ExternalHostname                   : tstowa.XXXX.com
  InternalHostname                   : tstowa.XXXX.com
  ExternalClientAuthenticationMethod : Ntlm
  InternalClientAuthenticationMethod : Ntlm
  IISAuthenticationMethods           : {Basic, Ntlm, Negotiate}
  XropUrl                            :
  ExternalClientsRequireSsl          : True
  InternalClientsRequireSsl          : True
  MetabasePath                       : IIS://TSTEXCG2013.tstXXX.tstXXXX.tst/W3SVC/1/ROOT/Rpc
  Path                               : D:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc
  ExtendedProtectionTokenChecking    : None
  ExtendedProtectionFlags            : {}
  ExtendedProtectionSPNList          : {}
  AdminDisplayVersion                : Version 15.0 (Build 847.32)
  Server                             : TSTEXCG2013
  AdminDisplayName                   :
  ExchangeVersion                    : 0.20 (15.0.0.0)
  Name                               : Rpc (Default Web Site)
  DistinguishedName                  : CN=Rpc (Default Web
                                       Site),CN=HTTP,CN=Protocols,CN=TSTEXCG2013,CN=Servers,CN=Exchange
  Administrative
                                       Group (FYDIBOHF23SPDLT),CN=Administrative
  Groups,CN=XXX XXXX,CN=Microsoft
                                       Exchange,CN=Services,CN=Configuration,DC=tstXXXX,DC=tst
  Identity                           : TSTEXCG2013\Rpc (Default Web Site)
  Guid                               : 9b2bc5e2-41c1-4219-9186-8e6b8cb63dc0
  ObjectCategory                     : tstXXXX.tst/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Directory
  ObjectClass                        : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
  WhenChanged                        : 7/10/2014 7:38:58 PM
  WhenCreated                        : 6/23/2014 2:54:36 PM
  WhenChangedUTC                     : 7/11/2014 12:38:58 AM
  WhenCreatedUTC                     : 6/23/2014 7:54:36 PM
  OrganizationId                     :
  OriginatingServer                  : TSTXXXXDC02.tstXXXX.tst
  IsValid                            : True
  ObjectState                        : Changed

• Autodiscover, domain controllers, and certificate errors

  I have just deployed and Exchange 2013 server in one of my sites. I'm having tons of issues with it, but one issue I'm having trouble thinking through goes like this:
  All users have email addresses that are [email protected] Domain.com is our internal domain name and also a public domain. Now, in a Windows environment, if you were to nslookup domain.com within our network it
  will resolve to any one of the domain controllers. On our infrastructure master DC there is an IIS website, with SSL, that handles certificate services for our internal CA.
  Here's my problem: When a user opens Outlook and autodiscover attempts to find their Exchange connection info it first tries to reach the site
  https://domain.com/autodiscover/autodiscover.xml. If that PC happens to resolve domain.com to the DC that has our certificate services website on it then the Outlook client sends a certificate error.
  If the client is prior to Outlook 2013, the mailbox configuration just halts and throws an error.
  What do I do to prevent this?

  Hi,
  Yes, we can have the following “switchers”
  PreferLocalXML
  ExcludeHttpRedirect
  ExcludeHttpsAutoDiscoverDomain
  ExcludeHttpsRootDomain
  ExcludeScpLookup
  ExcludeSrvRecord
  ExcludeLastKnownGoodUR
  Thanks,
  Simon Wu
  TechNet Community Support

• Build dataguard two more questions. password prompt and certificate error

  The fiirt two data guard instances are built. One is running fine the second I'm getting this error in the primarys alert log. it looks like it is a certificate error but I'm having a hard time nailing it down.
  BTW: Instance is 11.2.0.1
  Thread 1 advanced to log sequence 318 (LGWR switch)
  Current log# 6 seq# 318 mem# 0: +DATA/sfs01/onlinelog/group_6.4762.769266689
  SSL Client: Server DN doesn't contain expected SID name
  Archived Log entry 706 added for thread 1 sequence 317 ID 0x799622d4 dest 1:
  Thu Mar 22 12:46:48 2012
  SSL Client: Server DN doesn't contain expected SID name
  The third and final data guard instance I'm building is 3T and taking forever to restore. Two questions:
  1) Can I suspend rman and restart it.
  2) when I restart rman how do I keep it from prompting me for the password. I would prefer to put a nohup on a shell script.
  Here is the script. Right now I'm running it manually but would relly to run with nohup so I can go get lunch.
  rman target SYS@sor01_primary auxiliary / << EOF
  run {
  allocate channel C1 device type disk;
  allocate auxiliary channel C2 device type disk;
  allocate auxiliary channel C3 device type disk;
  allocate auxiliary channel C4 device type disk;
  allocate auxiliary channel C5 device type disk;
  duplicate target database for standby nofilenamecheck;
  release channel C1;
  release channel C2;
  release channel C3;
  release channel C4;
  release channel C5;
  EOF

  Hello (certificate error is vague. By that I mean whoever wrote that error message)
  Can I suspend rman and restart it? I believe no, stop and restart should work.
  Something like this, I use an env file can post if it helps :
  #!/bin/bash
  . /u01/app/oracle/dba_tool/env/DATABASE.env
  echo "Starting RMAN..."
  $ORACLE_HOME/bin/rman target SYS@sor01_primary auxiliary << EOF
  run {
  allocate channel C1 device type disk;
  allocate auxiliary channel C2 device type disk;
  allocate auxiliary channel C3 device type disk;
  allocate auxiliary channel C4 device type disk;
  allocate auxiliary channel C5 device type disk;
  duplicate target database for standby nofilenamecheck;
  release channel C1;
  release channel C2;
  release channel C3;
  release channel C4;
  release channel C5;
  }My env file ( yours will be different ) use env to check you compare to your profile
  export ORACLE_BASE=/u01/app/oracle
  export ORACLE_HOME=/u01/app/oracle/product/11.2.0.2
  export ORACLE_SID=STANDBY
  export ULIMIT=unlimited
  export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data
  export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/network/lib
  export LIBPATH=$LD_LIBRARY_PATH:/usr/lib
  export TNS_ADMIN=$ORACLE_HOME/network/admin
  PATH=$ORACLE_HOME/bin:$ORACLE_BASE/dba_tool/bin:/bin:/usr/bin:/etc:/etc/X11/xserver/C:.
  export PATHI run from the cron which is similar to nohup as far as env goes.
  Best Regards
  mseberg
  Edited by: mseberg on Mar 22, 2012 2:32 PM
  Edited by: mseberg on Mar 22, 2012 2:41 PM

• ODIInvokeWebservice and Certificate Error

  Hi,
  I am trying to call a Third Party web service. It is an https service and when I try to call the service I am getting the following error
  Invalid Request : javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://xxxxxx?WSDL. It failed with:
  sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.
  I cannot find any option where I can provide the keystore or certificate path.
  Is there a folder where I have to add the certificate?
  Regards,
  Harris

  Hi Harris,
  After copy WSDL URL in OdInvokeWebservice tool, have you tested to connect to WSDL from ODI, if not try this and let me know the result
  In OdiInvokeWebservice properties, copy WSDL URl and provide Application server credentials, select WSDL URL and click on Advance button and it will popup the window there you can see same WSDL URL in address bar and right side of address you can find a globe symbol (Connect to WSDL) just clic and let me know the result.
  In such case it iwll throw an error message that case you can provide host entry of that application server into your machine (where ODI got installed).
  Thanks,
  Phani

• Get certificate error trying to access yahoo mail, and there is no exception to bypass the error.

  I am getting a certificate error trying to access https://mail.yahoo.com. Unlike most other certificate errors, there is no option for "I understand the risks" to add an exception for the page, just the following:
  mail.yahoo.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer)
  I tried setting the proxy to "no proxy" under Advanced settings, as well as clearing all cookies and other cache history. Did not resolve the problem. I cannot access my email.

  hello, which security program is running on your computer?

• Minecraft Won't Launch Because of a Java or Root Certificate Error I Started Having When I Put The Install Disk in And Downloaded Mac OSX Snow Leopard

  I need help. I recently tried opening Minecraft after re-installing Mac OSX Snow Leopard with the Mac OSX Install DvD and now every time I try to open the internet these stupid certificate errors come up and Minecraft says it can't launch because of a broken/missing root certificate

  Hello Shelby,
  Thank you so much for the details regarding the issue you are experiencing with the Snow Leopard installation.  I recommend following these steps if you are having trouble installing Snow Leopard:
  The installation wasn’t successful
  If you were unable to install Mac OS X, try the following:
  Disconnect any external devices you don’t need during installation.
  Remove any cards from manufacturers other than Apple.
  Try installing Mac OS X again.
  If you were unable to install Mac OS X again, choose Utilities > Disk Utility. Select the disk on which you want to install, click First Aid, and then click Repair Disk. After repairing any problems, quit Disk Utility and then click Continue to try installing again.
  If you’re still unable to install Mac OS X, try erasing the disk before installing Mac OS X. Before you erase your disk, try copying your files to an external disk. When you’re ready to erase and reinstall Mac OS X, follow the instructions in the “Restoring your computer to factory settings” section of this document.
  I found this on page 7 of the Snow Leopard Installation Instructions:
  Snow Leopard Installation Instructions
  http://manuals.info.apple.com/en_US/Snow_Leopard_Installation_Instructions.pdf
  Thank you for using Apple Support Communities.
  Best,
  Sheila M.

• I get a certificate error using firefox, I have tried deleting cert8.db, and resetting Firefox. I don't have any errors using IE 10. What can I do?

  I used a link in an email to check the status of a repair from Acer and received the error "customercare.acer.com uses an invalid security certificate.
  The certificate is not trusted because no issuer chain was provided.
  (Error code: sec_error_unknown_issuer)". I tried going directly to the Acer website, and went to support, then to check case status. I received the same error. I reactivated IE 10 on my OS and had no problems with certificate errors. I use McAfee Antivirus suite from ATT Uverse, but the troubleshooting did not indicate any settings for that, only ESET and Bitdefender.

  Could you take a look at the certificate details?
  If you click "I understand the risks" and "Add Exception", then the "View" button, does it look at all like the attached? I suggest using a new window to compare because when the certificate viewer is open, you cannot switch tabs in the same window.
  You can cancel the viewer after checking, you may not want to create an exception until getting further comments.

• Certificate errors with Exchange 2013 and Outlook 2013

  Hello, I wonder if someone could help.
  I've recently set up a network with one Windows 2012 domain controller and one windows 2012 server running Exchange 2013.
  Clients run Outlook 2013 and are all one the same Lan. Outlook's setup wizard finds the exchange server automatically and sets up the profile. However if I choose the manual setup and enter the server
  name and user name it does not find the server.
  When I check the server name in Outlook it shows as 
  [email protected] rather than the real name of the server: AYCEX01.AYC.local.
  When Outlook is opened there is a certificate error saying "The name on the security certificate is invalid or does not match the name of the site." and another error saying "There is
  a problem with the server's security certificate. The name on the security certificate is invalid or does not match the name of the target site mail.ardfernyacht.co.uk. Outlook is unable to connect to the proxy server. (Error code 10)
  The external address by which users connect to OWA and active sych is mail.ardfernyacht.co.uk. The
  certificate which is used is one automatically generated by Exchange.
  Any suggestions you may have would be appreciated.
  Many thanks,
  Ruaridh
  Ruaridh Mackintosh

  Self sign cert wont work With autodiscover.For that you need 3rd part or from Your own CA.
  Please follow this guide to install CA in Your domain:
  http://careexchange.in/how-to-install-certificate-authority-on-windows-server-2012/
  Please follow this guide to request New cert in Exchange 2013:
  http://exchangeserverpro.com/create-ssl-certificate-request-exchange-2013/
  Your cert must contain external hostname of Your mail.domain.com
  Also configure Your Virtual directories to contain internal and external hostname:
  http://blogs.msdn.com/b/mvpawardprogram/archive/2013/03/18/virtual-directories-exchange-2013.aspx
  Regarding servername when using autodiscover,it should automatically resolve mailbox guid instead of servername.
  Please check if Your DNS is setup With autodiscover.domain.local (which is pointed to Your Exchange server)
  Hope this helps!
  Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

• I am getting a certificate error message and there is no link on the page to add this site as an exception.

  I am trying to open up the web page where we log into our employee email. Evidently the security certificate has been changed. I am getting a certificate error message, but I am not seeing a link provided where I can click to add this web site as an exception.

  This is a user to user forum. You are defintely in wrong place.

• Trying to download itunes and website keeps saying certificate error

  i keep trying to download itunes on my computer but keeps saying certificate error please help

  Turn off your Firewall. If that doesn't work, turn off your AntiVirus Protection until you have successfully downloaded it. Make sure you are downloading it from the Apple site:
  http://support.apple.com/kb/DL1615
  Cheers,
  GB

• Certificate error while calling a webservices from application deployed in

  Hi,
  When we are trying to invoke a web service from a client application which was deployed in weblogic server we are getting the certificate error. We are using go daddy certificate. Here is the log file
  Anyone Please advice.
  FileName
  weblogic.log
  FileComment
  <Apr 25, 2011 1:51:15 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=*.wvu.edu,OU=Domain Control Validated,O=*.wvu.edu". The loading of the trusted certificate list raised a certificate parsing exception Could not set value for ASN.1 string object..>
  <Apr 25, 2011 1:51:15 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=*.wvu.edu,OU=Domain Control Validated,O=*.wvu.edu". The loading of the trusted certificate list raised a certificate parsing exception Could not set value for ASN.1 string object..>
  javax.xml.ws.WebServiceException: weblogic.wsee.wsdl.WsdlException: Failed to read wsdl file from url due to -- javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:322)
  at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
  at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
  at javax.xml.ws.Service.<init>(Service.java:56)
  at wvudatacollection.wsproxy.scheduler.TimeClockScheduler_Service.<init>(TimeClockScheduler_Service.java:71)
  at wvudatacollection.wsproxy.scheduler.TimeClockSchedulerServiceWrapper.getStatus(TimeClockSchedulerServiceWrapper.java:96)
  at wvudatacollection.wsproxy.scheduler.GetSchedulerStatusWrapper.getStatusCode(GetSchedulerStatusWrapper.java:10)
  at sun.reflect.GeneratedMethodAccessor185.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at oracle.adf.model.binding.DCInvokeMethod.invokeMethod(DCInvokeMethod.java:561)
  at oracle.adf.model.binding.DCDataControl.invokeMethod(DCDataControl.java:2113)
  at oracle.adf.model.bc4j.DCJboDataControl.invokeMethod(DCJboDataControl.java:3009)
  at oracle.adf.model.bean.DCBeanDataControl.invokeMethod(DCBeanDataControl.java:436)
  at oracle.adf.model.binding.DCInvokeMethod.callMethod(DCInvokeMethod.java:256)
  at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1437)
  at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2120)
  at oracle.adf.model.bean.DCBeanDataControl.invokeOperation(DCBeanDataControl.java:464)
  at oracle.adf.model.adapter.AdapterDCService.invokeOperation(AdapterDCService.java:307)
  at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:693)
  at oracle.adf.model.binding.DCInvokeAction.refreshInternal(DCInvokeAction.java:47)
  at oracle.adf.model.binding.DCInvokeAction.refresh(DCInvokeAction.java:33)
  at oracle.adf.model.binding.DCBindingContainer.internalRefreshControl(DCBindingContainer.java:3107)
  at oracle.adf.model.binding.DCBindingContainer.refresh(DCBindingContainer.java:2759)
  at oracle.adf.controller.internal.binding.TaskFlowRegionController.refreshRegion(TaskFlowRegionController.java:145)
  at oracle.adf.model.binding.DCBindingContainer.internalRefreshControl(DCBindingContainer.java:3038)
  at oracle.adf.model.binding.DCBindingContainer.refresh(DCBindingContainer.java:2759)
  at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.prepareRender(PageLifecycleImpl.java:548)
  at oracle.adf.controller.v2.lifecycle.Lifecycle$9.execute(Lifecycle.java:224)
  at oracle.adfinternal.controller.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:192)
  at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.mav$executePhase(ADFPhaseListener.java:21)
  at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$5.before(ADFPhaseListener.java:395)
  at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.beforePhase(ADFPhaseListener.java:60)
  at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.beforePhase(ADFLifecyclePhaseListener.java:44)
  at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:246)
  at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:193)
  at javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
  at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:54)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)
  at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.security.jps.wls.JpsWlsFilter$1.run(JpsWlsFilter.java:96)
  at java.security.AccessController.doPrivileged(Native Method)
  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
  at oracle.security.jps.wls.util.JpsWlsUtil.runJaasMode(JpsWlsUtil.java:146)
  at oracle.security.jps.wls.JpsWlsFilter.doFilter(JpsWlsFilter.java:140)
  at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:70)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:202)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Caused by: weblogic.wsee.wsdl.WsdlException: Failed to read wsdl file from url due to -- javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:313)
  at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
  at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:312)
  ... 70 more
  Caused by: javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
  at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
  at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
  at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
  at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
  at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
  at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
  at com.certicom.tls.record.WriteHandler.write(Unknown Source)
  at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
  at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
  at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
  at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
  at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
  at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
  at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
  at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:103)
  at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
  at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
  at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
  ... 72 more
  Thanks,
  Sajja
  Edited by: user13514455 on Jun 13, 2011 8:35 AM

  We resolved this problem for the same version of JDeveloper in the WebLogic Console. In the Domain Structure / Evironment / Servers / Settings for Default Server, click the Configuration and SSL tabs. Then change Hostname Verification to None and check the Use JSSE SSL box at the bottom.

• How do I remove the certificat error everytime I try to access the Cisco Unified CM Administration web-page?

  Hi,
  Every time I want to have access to the Cisco Unified CM Console (System version: 7.0.1.11000-2), I use the https://10.10.x.x/ccmadmin/showHome.do homepage on my client computer, but when I open the page, I get a SSL certificate error, stating no trust to this webpage security certificate and if I those "continue to this page (not recommended)", I get access to the Cisco Unified CM Console web page.
  I have tried to add the https://IP-adress to secure web pages in Internet Explorer 7, but this to no avail, it does not help.
  How do I add this certificate to a trusted something, so I do not get this warning every time I open the page?
  Kind regards,
  Carl-Marius

  Hi Michael,
  It worked when I change the IP-address to the name that was written in the certificate, and imported the certificate to Internet Explorer.
  Thank you for your fast and very precise help!
  Kind regards,
  Carl-Marius

• Certificate error when try to send mail

  Masters,
  First of all sorry for my poor english. Im not IT specialist, so please ...
  I need help to fix my problem. I know there are many post with this but i can't figure out.
  We had a working enviroment with no certificate issue.
  I tried to set the Outlook Anywhere, and so i messed up something. Now if user open outlook and send / or reply a mail got a certificate error message. I don't care Outlook Anyhere anymore but i need to fix my issue...
  I have not enough reputation point, so i can't attach image. I used Snag to attach picture.
  Certification error message:
  This is how exchange certs looks like:
  The problem is occure when start outlook and start or reply a mail. Certfication error pop-up, and inside the message windows on the Certification Chain tab i see: "mydomain".local
  When i try to configure outlook anywhere i create and enable new certificate. I think when i did this i have to allow owerrite some service... I deleted that certification already.
  If i install the cert to root CA, then works ok. But i don't want to install it all our server, because its workd earlier. How can i fix this?
  Thank you

  Hello,
   First of all thank you for helpin' me.
   I do not want to use outlook anywhere anymore, but now i know need 3rd certf for work...
   Only i want to get back everything.
   I know if i install to root CA than pop up disappear (i test this one of our server) but because earlier we have no installed this cert...so i don't understand what should i did...
    1. i installed a new self-sign certificate and associate service SMTP for it.
    2. after all test failed i decided to delete this cert...
    3. now outlook get pop up with certificated issued by: ourcompany.local
               - i did not seen any certificate in the certificate store with this name...
   Now i test it again and the no pop up in outlook?! What happend? I check and the mentioned certificate not in the store?!
   If i delete a certificate and assign service to another one, how many time need to affect this to the enviroment?
  Thank you

• Server 2012 R2 - Essentials Experience - - I jacked my CA and certificates all to @#&$%!!

  Windows Server 2012 R2 - Essentials Experience
  In trying to put pieces together, I jacked my CA and certificates all to @#&$%!!
  Some of the factors involved are:
   Server0 - Hyper-V Host
    Server1 - DC, 2012 R2 Essentials Experience role
    Server2 - Exchange 2013
   Client Machines -
    Windows 7 Pro
    XP (Yes, these are my cross to bear... - worth noting their presence, but I'm working them out) 
   The functional requirements:
    Anywhere Access for Remote users
     - Remote Desktop for Windows 7 machines
    Outlook Web Access
  The mistake... 'Web Application Proxy'
   -which uninstalled the CA
  There is a CA back now, but after days of spinning in cirles in a rare area where I feel nearly completely lost (Certificate services) I am asking for help getting these pieces put back together.
  The current situation:
   The network is up with all of the network and business services required to work 'Inside the Office' - so the client is "functional".
   The "Essentials Experience" is broken and won't install to the clients, though it does provide the Essentials website, access to server shared files (fairly gracefully, I might add) and, as an administrator user, I can get to the servers via
  RWA through the site and there are no certificate problems with that since I have a secured certificate for the domain. 
   OWA has been moved to a further back burner while I try to get the Essentials Experience functioning t the point where the remote users can get to their workstations through RWA... This is the biggest current hurdle... RWA for the clients.
  Trying to install the client to the workstations nets me the "The Server is not available.  Try connecting this computer again,..." message at the point of username and password authentication.
  The clientdeploy.log finishes like this:
   [4976] 141016.153746.2670: ClientSetup: Standard Error:
   [4784] 141016.153746.2670: ClientSetup: The exit code of the process (C:\Windows\system32\nslookup.exe) is: 0
   [4784] 141016.153746.2670: ClientSetup: Set CD Fail reason 10 for SQM in ClientDeployment.exe
   [4784] 141016.153746.2670: ClientSetup: RecordClientDeploymentFailReason: Save registry failed in ClientDeployment.exe : System.UnauthorizedAccessException: Cannot write to the registry key.
    at Microsoft.Win32.RegistryKey.EnsureWriteable()
    at Microsoft.Win32.RegistryKey.CreateSubKeyInternal(String subkey, RegistryKeyPermissionCheck permissionCheck, Object registrySecurityObj, RegistryOptions registryOptions)
    at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey, RegistryKeyPermissionCheck permissionCheck)
    at Microsoft.WindowsServerSolutions.ClientSetup.ClientDeploy.Helper.RecordClientDeploymentFailReason(UInt32 failReason)
   [4784] 141016.153746.2670: ClientSetup: Exiting ValidateUserTask.Run
   [4784] 141016.153746.2670: ClientSetup: Task with Id=ClientDeploy.ValidateUser has TaskStatus=Failed
   [4784] 141016.153746.2670: ClientSetup: Task with Id=ClientDeploy.ValidateUser has RebootStatus=NoReboot
   [4784] 141016.153746.2670: ClientSetup: Exting ConnectorWizardForm.RunTasks
   [1272] 141016.153755.0976: ClientSetup: Back from the Client Deployment Wizard
   [1272] 141016.153755.0976: ServerDiscovery:HostsFileUpdater: Removing hosts file entry: 1-WGB-01
   [1272] 141016.153755.0976: ClientSetup: Saving Wizard Data
   [1272] 141016.153755.0976: ClientSetup: End of ClientDeploy: ErrorCode=1603
  The computerconnector.log shows nothing of value.
  What I want to accomplish as a 'first step' toward recovery is to get the workstations properly connected so they show up in the Dashboard 'Devices' pane and can be managed and access by the Essentials tools.
  Secondarily, I would like to get the client side tools in place and functioning (I expect the latter will be a side effect of the former).
  So,... for anyone patient enough to have read this far... uh,... help?

  Actually,... I can now confirm the delicacy of which you speak...
  After a support incident with Microsoft which spanned a marathon 18+ hours on the phone and remote access by no fewer than 7 Microsoft Engineers, we got to a successful result. 
  It is a point of utter frustration for me when people put in threads like this then don't bother to come back and report 'how the issue was solved', and sadly, I am about to have done that merely because my span of functional attention and valuable reporting
  capability was basically gone before I submitted the ticket and following all that was done in my state was not conceivably possible. 
  So - all I can do is apologize for not being able to report a valuable resolution and give a few little tidbits.
  The net result is this - DO WHAT YOU CAN TO AVOID THE SITUATION IN THE FIRST PLACE.  Once your CA is in place, LEAVE IT THE $%@& ALONE!!!!  I mean... my best current advice.
  In all, the CA was uninstalled and reinstalled 4 times after my blunder and significant work was done in ADSIEdit as well as substantial manual manipulation of certificates and CAs that was well outside of my (quite considerable) scope of expertise.
  I wish I had more to offer in the world of resolution.
  With this said, I will make one more request of viewers and moderators alike:
  THIS QUESTION IS OFFICIALLY NOT ANSWERED.  IT WILL NEVER BE ANSWERED.  THE RESOLUTION IS NOT AVAILABLE TO THE MORTAL MAN.
  DO NOT MARK IT AS ANSWERED
  IF YOU MUST DO SOMETHING, DELETE THE WHOLE THREAD, BUT DO NOT BURDON PEOPLE WHO ARE LOOKING FOR REAL ANSWERS WITH THE NECESSITY OF READING THROUGH THIS.
  DO NOT MARK THIS QUESTION AS ANSWERED
  I hope this makes sense for people, and I hope people will appreciate NOT having to read this as though there is some 'resolution' contained within.