We typically install p7b certs but this time for other reasons we received a p12 cert. I have instructions for installing the p7b certificate but I can't seem to find any information online pertaining to installing the p12 cert on the windows MQ server using ikeyman. Please advise.
I haven't attempted to perform anything as yet. I was thinking of finding out how to backup the current/expired cert and then trying to install the p12 using the instructions that I have for installing the p7b cert. I decided not to move forward until I did some more research.
Related
Hostgator provides free Let's Encrypt SSL cert so I let my Comodo cert expire. Netbeans won't connect now and gives java.security.cert.certificateexpiredexception.
I'm in the process of renewing the comodo cert but wonder if there is a way to fix this. The plugin SSL Cert Exception in Netbeans did not fix this issue for me.
Netbeans does not want to connect to remote server because the comodo certificate expired. I get this error in the popup:
java.security.cert.certificateexpiredexception
It is not recognizing the Let's Encrypt certificate which is still valid that is also on the server.
This SSL issue did not go away when the new comodo cert was installed. But I was able to use FTP in Netbeans without TLS.
SSL issues appear to have been caching related, Hostgator have since cleared any applicable cache and issues with connecting via FTP on TLS have stopped.
I probably did not need to buy the new comodo cert to fix this issue. Sorry I don't have info on exactly which cache was cleared on the server, but maybe this is enough info to get someone who runs into this issue onto the right path.
our company proxy brokes the SSL Connections and the proxy use our own CA.
So i have always tell the applications i use (RubyGems, Python Pip, Azure CLI ...) to use our company CA Certificate.
Does anyone know, how i can use our CA Certificate with a local Terraform installation?
Is the CA deployed to your OS's certificate store or can you import it? If so, Terraform (and probably other tools) should just be able to work with a proxy like this with no other configuration. If you need some further direction, tell us what operating system and how you typically access you have to the CA.
Edit:
#Kreikeneka have you have the certain the location CentOS expects to import into the store. There is a command you need to run that actually imports it update-ca-trust. Have you run this? If the cert is being used for SSL and you just need to trust it when going through your proxy, that is all you should need to do. You shouldn't need to tell your tools (Terraform, PIP, etc) to trust it for SSL with the proxy. If the cert is imported into your certificate store, it should be passively usable from any connection on from the machine from any process.
If you are using the cert for client authentication to the proxy then just trusting the cert by placing it in the certificate store probably won't work.
I'm not clear from your comments if you need the cert for SSL or for client authentication to the proxy. Check with your IT what it is really used for if you aren't sure and get back to us.
As of CentOS 6+, there is a tool for this. Per this guide,
certificates can be installed first by enabling the system shared CA
store:
update-ca-trust enable
Then placing the certificates to trust as CA's
in /etc/pki/ca-trust/source/anchors/ for high priority
(non-overridable), or /usr/share/pki/ca-trust-source/ (lower priority,
overridable), and finally updating the system store with:
update-ca-trust extract
Et voila, system tools will now trust those
certificates when making secure connections!
Source:
https://serverfault.com/questions/511812/how-does-one-install-a-custom-ca-certificate-on-centos
I'm setting up my development environment using the binary files that I have downloaded from WSO2's website.
I'm getting an issue related to the SSL certificate which prevents me to call some URI's from my Ruby script. How can I can fix this kind of problem?
Have you tried installing the SSL Certificate into the client-truststore in repository/resources/security?
I have been tasked with using OpenSSL to create certificates for a webservices project and then importing the certs into glassfish 3.1. I do NOT have access to Apache. (The application that is being created works with username/password verification but we want to add in certificates)
I have googled and read many tutorials, but have yet to get certs working. Does anyone know of the quintessential tutorial to point me to?
I have created the CA, CSR and CRTs using OpenSSL and have tried many ways to get them imported into Glassfish's keystore, but the closest to success I have gotten is the following log message
[#|2012-09-21T16:14:05.859-0500|WARNING|glassfish3.1.1|com.sun.grizzly.config.GrizzlyServiceListener|_ThreadID=17;_ThreadName=Thread-2;|GRIZZLY0007: SSL support could not be configured!
java.io.IOException: SSL configuration is invalid due to No available certificate or key corresponds to the SSL cipher suites which are enabled.
I made some research in Google and was unable to find the way to get CA certificates already installed in system
My problem is that my application should pass authentication through swissID authentication system.
SwissID provides with USB key which stores certificates. When user inserts USB to soscket windows/MAC automatically installs p12 certificates to system.
My problem is that I can't find way to get this certificates from OS and pass them to NetworkAccessManager.
Programming language is: C++
Framework: Qt4.7
OS: Windows/MacOS/Linux
Any help is appreciate.
Thanks
Best Regards
Taron Sargsyan
What I was looking for was
QList QSslConfiguration::caCertificates ();
From Qt4 documentation.
Returns this connection's CA certificate database. The CA certificate database is used by the socket during the handshake phase to validate the peer's certificate. It can be moodified prior to the handshake with addCaCertificate(), addCaCertificates(), and setCaCertificates().