I'm setting up my development environment using the binary files that I have downloaded from WSO2's website.
I'm getting an issue related to the SSL certificate which prevents me to call some URI's from my Ruby script. How can I can fix this kind of problem?
Have you tried installing the SSL Certificate into the client-truststore in repository/resources/security?
Related
Hostgator provides free Let's Encrypt SSL cert so I let my Comodo cert expire. Netbeans won't connect now and gives java.security.cert.certificateexpiredexception.
I'm in the process of renewing the comodo cert but wonder if there is a way to fix this. The plugin SSL Cert Exception in Netbeans did not fix this issue for me.
Netbeans does not want to connect to remote server because the comodo certificate expired. I get this error in the popup:
java.security.cert.certificateexpiredexception
It is not recognizing the Let's Encrypt certificate which is still valid that is also on the server.
This SSL issue did not go away when the new comodo cert was installed. But I was able to use FTP in Netbeans without TLS.
SSL issues appear to have been caching related, Hostgator have since cleared any applicable cache and issues with connecting via FTP on TLS have stopped.
I probably did not need to buy the new comodo cert to fix this issue. Sorry I don't have info on exactly which cache was cleared on the server, but maybe this is enough info to get someone who runs into this issue onto the right path.
our company proxy brokes the SSL Connections and the proxy use our own CA.
So i have always tell the applications i use (RubyGems, Python Pip, Azure CLI ...) to use our company CA Certificate.
Does anyone know, how i can use our CA Certificate with a local Terraform installation?
Is the CA deployed to your OS's certificate store or can you import it? If so, Terraform (and probably other tools) should just be able to work with a proxy like this with no other configuration. If you need some further direction, tell us what operating system and how you typically access you have to the CA.
Edit:
#Kreikeneka have you have the certain the location CentOS expects to import into the store. There is a command you need to run that actually imports it update-ca-trust. Have you run this? If the cert is being used for SSL and you just need to trust it when going through your proxy, that is all you should need to do. You shouldn't need to tell your tools (Terraform, PIP, etc) to trust it for SSL with the proxy. If the cert is imported into your certificate store, it should be passively usable from any connection on from the machine from any process.
If you are using the cert for client authentication to the proxy then just trusting the cert by placing it in the certificate store probably won't work.
I'm not clear from your comments if you need the cert for SSL or for client authentication to the proxy. Check with your IT what it is really used for if you aren't sure and get back to us.
As of CentOS 6+, there is a tool for this. Per this guide,
certificates can be installed first by enabling the system shared CA
store:
update-ca-trust enable
Then placing the certificates to trust as CA's
in /etc/pki/ca-trust/source/anchors/ for high priority
(non-overridable), or /usr/share/pki/ca-trust-source/ (lower priority,
overridable), and finally updating the system store with:
update-ca-trust extract
Et voila, system tools will now trust those
certificates when making secure connections!
Source:
https://serverfault.com/questions/511812/how-does-one-install-a-custom-ca-certificate-on-centos
First to explain our application, its as follows...
1)We have one UBUNTU server where we are running Apache Tomcat and also RESTCOMM.
2) We have two application war files. One is the main application and another is a customized OLYMPUS Application to facilitate WebRTC calls. Now our Main application has a menu option which when clicked will load customized OLYMPUS Application into the browser and facilitates the WEBRTC for users.
3) We have tested this properly by using Self Signed Certficate and all is working well. But now we want to use CA apporved SSL Cert.
4) for this we have bout SSL CERT from GODADDY and for this the CSR was generated for Apache and then by using that CSR we downloaded the SSL CERT for Apache and configured by following the same process of how we configured Self Signed Cert.
5) Our main application is working well with the newly installed CA SSL Certificate. But when we try to load the customized OLYMPUS application we are getting the following error ...Web socket connection to ‘wss://>:/’ failed: WebSocket opening handshake was canelled.
We are able to get all working with self signed cert, but we are stuck with this problem when we use CA Approved SSL Cert from GO DADDY.
Request your suggestions pls.
Thanks in advance
Ias M
You need to configure Restcomm to use SSL Cert as well since the Websokets secure connection goes directly to Restcomm. Which method are you using for runnning Restcomm, using the zip file or the docker image ? Also which version of Restcomm are you running ?
We're migrating a website from a different hosting provider whom uses cPanel to our server which uses Plesk.
I've attempted to copy the text of the private key and certificate over to the appropriate fields in Plesk and submitting; however, visiting the site using the HTTPS throws a "The site's security certificate is not trusted!" error.
I tried to find the CA certificate and it was not to be found in cPanel. I have the CSR, but there doesn't appear to be a place to put it in plesk.
What steps am I missing?
Since you are using linux on both servers, instead of reissuing, you can just export the certificate from your cPanel and install it in Plesk.
I found some links that might help you with the installation:
https://support.globalsign.com/customer/portal/articles/1229840-install-certificate---plesk
http://www.sslshopper.com/plesk-8-ssl-installation-instructions.html
Hope this helps!
In my application I need to access a web service using Starfield Class 2 Certification Authority. When running on the emulator everything is working as it should but when debuging on a device I can't access the service. I only get Status code "Not found".
After a while I tried to manually install the certificate on the device and it now works.
On this site they list it as one of the supported certificates.
http://msdn.microsoft.com/en-us/library/windowsphone/develop/gg521150(v=vs.92).aspx
Does anybody have any knowledge about this? How could this be solved without installing the certificate manually?
Windows Phone doesn't seem to support cope well with some UCC certificates.
The fix for me was replacing the UCC with a wildcard certificate.