I am new to Adobe AIR and I was following the steps given in the site :
"http://net.tutsplus.com/tutorials/tools-and-tips/introduction-to-adobe-air/", to create my first AIR application.
I was almost successful in creating my first AIR application but at the last step of Deploying AIR Application, after the successful creation of certificate when I am trying to create the.air file. I am getting the error :
"Could not generate timestamp: Connection refused: connect".
Can you please help me in resolving the issue as soon as possible.
As a short-term workaround, you can specify "-tsa none" on the ADT command line. (If you are using Flash Pro or Builder, there should be an option in the UI). -tsa none disables timestamps.
A timestamp requires an internet connection in order to get a signed timestamp token from a server. This is used to verify that your certificate was valid when the app was signed. Without a timestamp, your app won't be installable after your code signing certificate expires. With a timestamp, your app installer will not expire.
Proxy connections are sometimes the issue. Since ADT is a Java program, you have to configure the Java proxy settings if this is the source of the trouble.
Related
I have Data Virt running via the standalone.sh script, and can log in with my username and password. My next task is configuring it so that it automatically runs whenever the instance is up and running (without having to execute standalone.sh), and uses SSL (port 443) rather than my username and password to log me in. I added the vault.keystore, dv_keystore.jks, and dv_truststore.jks files, and modified both standalone.sh and standalone.xml, according to the JBoss and other online documentation, to account for using these files. I start the standalone.sh script, which runs without any errors. When I browse to:
http://<IP>:8443/dashboard
after starting standalone.sh, I get the following error:
This page can't be displayed
Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://:8443 again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4, which is not considered secure. Please contact your site administrator.
The settings Use TLS-1.0-ON, Use TLS-1.1-ON, and Use TLS-1.2-ON are all checked in the Browser properties.
By contrast, when I browse to
http://<IP>:8443/dashboard
when standalone.sh is not running, I get the following:
This page can't be displayed
- Make sure the web address https://:8443 is correct.
- Look for the page with your search engine.
- Refresh the page in a few minutes.
It appears the browser is sensing something going on when standalone.sh is running, but something is not allowing the browser to access the dashboard.
What am I missing here?
Have you validated any other ssl access? Is it just an issue with the dashboard application?
We have a plug-in that runs on Outlook 2016. Our plug-in is using VSTOInstaller.exe file to install new updates from the installation folder URL. Now, the certificate of our plug-in is about to expire, so we bought a new certificate and deployed a new version with the new certificate.
But during the installion of the new update with the new certificate, the plug-in have encountered a security error that is preventing it from updating to the new version, see error below:
Exception: Customized functionality in this application will not work because it has not been granted trust. The certificate used to sign the deployment manifest is unknown, and the customization itself (Time Tracking System) is not on the inclusion list. Contact your administrator for further assistance.
************** Exception Text **************
System.Security.SecurityException: Customized functionality in this application will not work because it has not been granted trust. The certificate used to sign the deployment manifest is unknown, and the customization itself (Time Tracking System) is not on the inclusion list. Contact your administrator for further assistance.
at Microsoft.VisualStudio.Tools.Office.Runtime.OfficeAddInDeploymentManager.VerifyAddInTrust(ClickOnceAddInTrustEvidence evidence)
at Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.VerifySecurity(ActivationContext context, Uri manifest, AddInInstallationStatus installState)
at Microsoft.VisualStudio.Tools.Applications.Deployment.ClickOnceAddInDeploymentManager.InstallAddIn()
The Zone of the assembly that failed was:
MyComputer
After searching for a solution over the internet, I found this article: http://www.aivanoff.net/Blogs/Details/VSTOwithHSA256fail.
For short, changing the RSAKeyValue from the "HKEY_CURRENT_USER\Software\Microsoft\VSTO\Security\Inclusion" in the registry with the RSAKeyValue of the new certificate will fix the problem. I have tried this solution and it worked but this is not the kind of solution that we want to give to our users.
I have also tried solution from the URL below, but it did not work:
https://social.msdn.microsoft.com/Forums/vstudio/en-US/b1289353-91ab-4f3f-be20-6d65615441bd/security-trust-issue-only-on-some-client-machines-outlook-addin?forum=vsto
Could someone please let me know an explanation about why this error occur? And is there any other way to fix it?
Thanks,
Ben
I am trying to encrypt the push sender password in application-descriptor following Storing properties in encrypted format section of the tutorial.
However, when building the wlapp for iOS, I see following error message in Worklight Studio.
FWLST1040E: iphone build failed: com.worklight.common.util.WorklightCertificateException: Certificate error: Unable to process certificate: apns-certificate-production.p12
It appears that Worklight Studio trying to decrypt the p12 certificate using '${xxxx}' as the password during build process. If I put the password as clear text, build passes. Replacing push sender values for GCM with ${xxx} passes also since there is no iOS-like certificate to decrypt. Only iOS build has problem here.
As far as I understand, the encrypted/configurable fields should be decrypted/replaced at server side during run time, not during the build. Right now, I am not able to build a new wlapp for ios because of this issue.
I am not sure what have I done wrong here. Is there a setting to skip the p12 decryption during build process?
Worklight 6.2:
Created a test=1234 in worklight.properties
Using <pushSender password="${test}" /> in application-descriptor.xml
This passes w/out any errors.
MobileFirst 6,3 7.0:
The same steps as above fail with:
[2015-05-20 10:30:01] FWLST1040E: iphone build failed:
com.worklight.common.util.WorklightCertificateException: Certificate
error: Unable to process certificate: apns-certificate-sandbox.p12
I have opened a bug for it.
Are you sure about the version you're using?
We have an application that auto-generates a certificate and binds it, using httpapi, to a selected port. Under Windows 7, and 2003/2008 Servers this works like a charm. The certificate can also be rebound to other ports by un-binding, then binding to the new port.
Under Windows 8, however, only unbinding from the old port succeeds. An attempt to bind the certificate to the new port value fails with error code 1312 revealing the message "A specified logon session does not exist. It may already have been terminated."
What's odd here is that when trying to add a bound certificate through netsh it also fails, in elevated console, with the same error and message ("SSL Certificate add failed, Error: 1312|A specified logon session does not exist. It may already have been terminated."), regardless to the port number.
To add suspense, the application has an installer that initially binds the certificate on install, and unbinds it on uninstall. And this thing never fails! The installer works in "Windows 7" operating system context, while the application is under "Windows Vista", if this can be a clue. The console is under "Windows 8" context.
Has anyone had a similar problem under this OS? Any ideas why this might be happening?
Any help is highly appreciated, thank you in advance!
In our certificate generating code, we used X509Store class' methods to add the certificate to the store. Under Windows 8 this rendered the certificate "untrusted" even if the application was run as administrator. The cause might be either different implementation of the class in .NET 4.5 or imposed limitations due to the OS context the application was running in.
Solved the problem by invoking "certutil.exe" through a Process class to add the certificate to the store.
Every time I ran an AIR application, even the simplest "Hello World" sample, with adl, it says:
Connection failure: Connection refused
I didn't try to establish a connection to any website or server. adl complains all the time and it's annoying. Any ideas? Thanks.
It might be trying to contact a remote time server. From this blog post:
By default, when an application is packaged, the ADT process attempts to contact a time server to generate a timestamp. If you use a proxy server to connect to the internet (see my previous rant post), you’ll get a ‘connection refused’ error. Yiou can get around this by adding ‘-tsa none’ before the file component of the command like so:
adt -package -storetype pkcs12 -keystore sampleCert.pfx -tsa none HelloWorld.air HelloWorld-app.xml HelloWorld.html AIRAliases.js