Certificates on the same VIP ACE

Hi all, I have a problem with the configuration of the certificates on ACE, I a serverfarm with two realservers, these server runs three different areas on a same VIP (handle of Apache which one is delivered to the user), we want to put https to servers running the SSL termination, but I can understand if that can be achieved with a single VIP or if I need to three personalities , one for each of them and associate each of those only one certificate. (With one, I use hourly certificate chains?). Another thing that sounds reasonable to me is use of the class cards with L7 URLs matching air, in this case, I think that can be achieved with a VIP, but if anyone knows it please help.

Thank you!

Hello

You are welcome. Yes, if you have several domains, you should have different certificates for obvious reasons of security. If you have a domain and many subdomains, you can use a wildcard certificate. If you have domains that differ such as abc.com and ABC.net, abc.org, you can use WITHOUT certificates and Yes ACE can take L7 decisions/reading L7 given as a cookie etc after SSL handshake and make decisions accordingly, as shown in the example in config I pasted above. If you have any questions in the future related to this, please do not hesitate to ask :)

Kind regards

Kanwal

Tags: Cisco DataCenter

Similar Questions

  • I get a 'Secure connection' error failed with google stating "certificate contains the same serial number.

    When I click on a link to a google search, I get the "Secure connection" error failed in Firefox. He says, "please contact the administrator of the server or email correspondent and give them the following information: your certificate contains the same serial number for another certificate issued by the certification authority."

    I followed the instructions here:
    https://support.Mozilla.org/en-us/KB/certificate%20contains%20The%20Same%20serial%20number%20As%20another%20certificate
    and looked at this article:
    https://support.Mozilla.org/en-us/questions/1028103?ESAB=a & As = AAQ

    I uninstalled and reinstalled Firefox, deleted the entire folder profiles and reset Firefox. I see that the older (orphans) article points to my router. However, I have a new router and have updated their software. There is no button to add an exception (as stated in the article), so I can't just work around it. This problem does not occur with IE, so I have a hard time to believe that it is my router.

    How to solve this problem? I really want to change browser.

    Finally, I tracked the issue. The answer was found here:
    https://support.Mozilla.org/en-us/questions/1028985

    It turns out that Avast has a web shield that passes through its own verification of certificate https. Of course, this feature is not quite right and loses track of the certificates. Disable "https scanning" in the settings of Avast resolved the problem.

  • Clients vpn AnyConnect and cisco using the same certificate

    Can use the same certificate on the ASA client Anyconnect and cisco vpn ikev1-2?

    John.

    The certificate is to identify a user/machine rather than the Protocol, then Yes, generally 'yes' you can use the same certificate for SSL/IKEv1/IKEv2 connections.

    What you need to take care of, it's that said certificate is fulliling Elements of the Protocol, for example implmentations IKEv2 is 'necessary' particular KU are defined and client-server-auth/auth EKU are defined on the certificates.

    M.

  • Installation certificate of 2nd by the same CA.

    Try to install a second certificate issued by the same CA. However, the new certificate replaces its predecessor.

    Registration certificate original Config:

    Crypto pki trustpoint ca.domain.null

    Enrollment url http://ca.domain.null:80

    use of ike

    IP address no

    fingerprints

    name of the object c = CA, st = State, l = city, o = Company, ou = old-1, or old-2 =, cn =router.domain.null

    crl revocation checking

    interface Loopback0 source

    rsakeypair router.domain.null 1024

    automatic registration of 90 regenerate

    Changes to the configuration of the registration certificate:

    Crypto pki trustpoint ca.domain.null

    name of the object c = CA, st = State, l = city, o = Company, or new-1 = or = new-2, cn =vpn - 1.router.domain.null,vpn - 1.router.domain.null = host name

    rsakeypair vpn - 1.router.domain.null 1024

    Note: Fields modified organizational unit (OU).

    Note: Specified another common name (prefixed "vpn-1").

    Note: Tried it with and without «hostname = vpn - 1.router.domain.null»

    Note: Specified another pair of RSA keys.

    Registration for the second (same CA) certificate:

    Router (config) #crypto pki register ca.domain.null

    %

    Certificate registration % at the beginning...

    % Create a challenge password. You will need to verbally provide this

    password for the CA administrator to revoke your certificate.

    For security reasons your password is not saved in the configuration.

    Please take note of it.

    Password:

    Re-enter the password:

    % Will include in the certificate subject name: c = CA, st is State, l = city, o = Company, OU = new-1, or is new-2, cn isvpn - 1.router.domain.null, name of host =vpn - 1.router.domain.null

    % Will include the name of the subject in the certificate: router.domain.null

    % Include the serial number of the router in the name of the topic? [Yes/No]: n

    Request a certification authority certificate? [Yes/No]: y

    % Certificate request to the certification authority

    % The command 'show the crypto certificate PKI detailed ca.domain.null' display the fingerprint.

    Note: The above statement shows "% will include the name of the subject in the certificate: router.domain.null.

    Note: The new certificate is created with the same name as the original certificate and replace.

    New certificate:

    Router (config) #do sh crypto PKI

    Certificate

    Status: available

    Certificate serial number (hex): 23

    Certificate use: general use

    Issuer:

    CN = ca.domain.null

    Object:

    Name: router.domain.null

    hostname = Router .domain .null

    c = CA

    St = State

    l = city

    o = Company

    UO = new-1

    UO = new-2

    CN =vpn - 1.router.domain.null

    host name =vpn - 1.router.domain.null

    CRL Distribution points:

    http://CA.domain.null/cgi-bin/pkiclient.exe?operation=GetCRL

    Validity date:

    start date: 14:10:41 this December 4, 2012

    end date: 04:24:14 EDT July 15, 2013

    renewal date: 22:16:52 EDT June 22, 2013

    Trustpoints Associates: ca.domain.null

    Note: The following remain the same when the new certificate is created, despite the entry of object name provided:

    Object:

    Name: router.domain.null

    hostname = Router .domain .null

    The original of the certificate is replaced with a new one and should not be found in the

    "sh crypto pki certificate" exit.

    Any ideas or solutions successfully install a second certificate issued by the same authority would be welcome.

    Best regards

    Mike

    Mike,

    (Hopefully) answer both of your questions.

    You can have different trustpoints with the same certificate of the issuer, no need to use two different cases.

    I actually wasn't 100% corrent in my previous intervention, trustpoints will also have associated reversal/shadow certs, so strictly speaking more than two.

    IRT. IKEv1 and identity, we have limited options.

    (1) auto (pick up method according to the type of connection)

    (2) address - provide the IP address associated with a card crypto instsance (i.e. the source of the cryptographic packages).

    (3) Hostname - hostname configured on the box. (FQDN)

    (4) DN - chosen DN of the certificate

    http://www.Cisco.com/en/us/docs/iOS-XML/iOS/security/A1/sec-CR-C4.html#GUID-D3C7A306-A689-4953-9146-D4F2F861C567

    In addition, you can configure user-name of full domain as identity.

    http://www.Cisco.com/en/us/docs/iOS-XML/iOS/security/S1/sec-CR-s1.html#GUID-E0956592-4754-4C48-9ACB-9AF58594E74D

    As far as IKE goes, you can have as many certificates as you want of cases as much as you want (in MM3 and MM4 both sides of the negotion will agree on the use of certificates to authenticate to each other).

    M.

  • Use certificate and form to the same application of ADF basic authentication

    Hello

    We have an application that needs to use time based authentication CLIENT-CERT and FORM.

    I have configured a domain with Client certificate requested and applied, generated a client certificate, created an Asserter custom identity with a Login Module and successfully recorded in our application using the CLIENT-CERT. , our customer wants to use the FORMS authentication at the same time with the CLIENT-CERT authentication type.

    The idea only I had was to use a servlet proxy deployed on another instance of WebLogic (10.3.6) that uses the CLIENT-CERT authentication that will forward requests to the main ADF application using classic FORM based authentication. The problem with this approach is that the proxy servlet is accessible using HTTPS and the communication between himself and the application of the ADF is made by using HTTP, so the client browser is redirected to HTTP on first access. For example, if I used Apache to proxy requests that would have been easily solved using RequestHeader set true WL-Proxy-SSL.

    You have any other suggestions on how to achieve this?


    Thank you in advance,


    Ionut Cristian Paraschiv

    Multichannel Solution Architect

    Advahoo Business Solutions

    I found a work around for this problem:

    -l'application uses FORMS authentication in function

    -l'application is deployed on a server managed with Client Cert has requested and applied (only clients with certificates will connect over HTTPS)

    -the login page has only one input for the password text

    -in the bean of login, in the doLogin() method page, we can get the certified client and get the username with a custom class of UserNameMapper

    Object certChain = request.getAttribute ("javax.servlet.request.X509Certificate");

    Certificate CERT [] = certChain (certificate []);

    X509Certificate cert = (X509Certificate) CERT [0];

    ... to get the user name

    Ionut Cristian Paraschiv

    Multichannel Solution Architect

    Advahoo Business Solutions

  • Plugin not visible in the same drive after certificate

    Plug-in reader ebabled.JPG

    I made a plugin and took the digital certificate from Adobe. I use SignPlugin to sign up and gets the message "name of plug-in player-activated successfully. Strangely still not find Plugin in the player but is visible in Acrobat Pro.

    A problem I faced during conversion from pro to Reder, when I added 'READER_PLUGIN' in the preprocessor according to the documentation. I start getting error for my previous uses the method ' PDDocSave (pdDoc, PDSaveCopy |)» PDSaveFull, newPath, ASGetDefaultFileSys(), NULL, NULL); ».

    I wonder, I got queries for the same methos alsio prior to " " http://forums.Adobe.com/thread/522488?TSTART=0 ', in any case I commented that according to the error message headers do not match.  Plug-in is respected without any error and only works in Pro.

    I'm still missing something. Pl help

    Right and that wont work in Reader.

    You can easily get the path to the document opened with a PD or AVDoc.  Here is an excerpt:

    PDDoc pdDoc = AVDocGetPDDoc (avDoc);

    Dittos ASFile = PDDocGetFile (pdDoc);

    ASPathName AFN = ASFileAcquirePathName (autogrow);

    AFS ASFileSys = ASFileGetFileSys (autogrow);

    ASPlatformPath pPath;

    I ASInt32 is ASFileSysAcquirePlatformPath (aFS, aPN, ASAtomFromString("Cstring"), & pPath);.

    now convert the path into something you can use...

    const char * path = ASPlatformPathGetCstringPtr (pPath);

    As you can see, once you have the path, you can of course, that convert into a string (or the other C, Unicode, area, etc.)

  • Root and CA certificate both are the same?

    Hi all
    Can someone help us in understanding root and ca that are the same?


    keytool - genkey-alias kumar-keyalg RSA - keystore keystore.jks (key file created)

    keytool - certreq-alias "kumar" - keystore keystore.jks - file domain.csr (CSR creation)

    keytool-import - trustcacerts - kumar - Thawte.crt - keystore keystore.jks file

    After that we are faced with an error "could not establish the response string.

    Next I m going to have to do this
    keytool-import-trustcacerts-alias kumar - mytrustedcert.crt - keystore keystore.jks file


    Please help me why I get the error
    Please check the alias clearly (do we need to use the only one even)

    Concerning
    Vermorel

    Hi vermorel,.

    You use the same alias while creating a private key in the keystore (keytool - genkey), create a certificate request (keytool - certreq) and import the signed certificate (sent by CA) (keytool-import) in key file.

    According to you, if we create an alias differerent while the import of a certification authority and signed cer (ex: alias for CA cert and alias b for cert signed) then what alias will be to provide the host TP... ?

    You must use alias b (cert signed alias or aliases private key)

    If they gave only a cert then wat we will share with amount of trading?

    You must share the corresponding public cert of your private key.

    We submitted the CSR to get out the cert team and they gave that a cert which includes CA, is that enough or do we have to ask ourselves another certificate also?

    Your cert team to provide you with a signed certificate and one (or two) of CA certificates. You must first import Cert CA (root and intermediate CA) and then import the signed CSR.

    Kind regards
    Anuj

  • Multiple Oracle homes on the same server (Oracle ACE and DB)

    Hi all

    OS: RHEL 4.7
    Oracle Application Server: 10.1.3.1
    Oracle database: 11.2.0.1.0

    I was asked to install oracle 11g on a server that is already running Oracle Application Server 10.1.3.1

    Due to the lack of space on the server sys admin gave me space under/usr, Installation went smooth and successful and complete location 11 g installed is "/ usr/11 GR 2/app/product/11 g.

    Database is also created using DBCA with the location of the file ' / usr/11 GR 2/app / 11 g/oradata.

    It is, I need to define the environment variable under the same 'oracle' user when it connects, should be able to log on by typing just sqlplus...

    . Current user 'oracle' Bash_profile looks like this...

    ***********************************************************************
    # Get the aliases and functions
    If [~/.bashrc - f]; then
    . ~/.bashrc
    FI

    # Specific programs startup and user environment

    Path=/U01/Oracle/product/10.1.3.1/OracleAS_1/JDK/bin:$path:$Home/bin

    Export RPD_HOME = / home/oracle/ORABI/OBI/Server/repository
    export ORACLE_HOME=/u01/oracle/product/10.1.3.1/OracleAS_1
    #export JAVA_HOME=/u01/oracle/product/10.1.3.1/OracleAS_1/jdk
    export JAVA_HOME=/home/oracle/product/10.1.3.1/OracleAS_1/jdk/
    $PATH = path: $ORACLE_HOME/bin
    $PATH = path: $ORACLE_HOME/opmn/bin
    export ANT_HOME = / usr/local/ant
    export PATH = ${PATH}: ${ANT_HOME} / bin
    #export JAVA_HOME = / usr/local/ant/jdk


    export PATH

    *****************************************************************************

    Please suggest to include this also oracle_home in the .bash_profile above or any other solution to meet the needs...

    Thank you

    Published by: user1687821 on December 22, 2011 01:10

    Hello;

    I did a similar thing using Oracle 10 and 11, but I keep manual and use default bash for one.

    From the houses of the Oracle, I run the command: (using which profile I need)

    
 source ./o10g.profile

    Note the "unset ORACLE_HOME" command in each profile.

    o10g. Profile

    
TMP=/tmp; export TMP
TMPDIR=$TMP; export TMPDIR

export ORACLE_BASE=/u01/app/oracle
unset ORACLE_HOME
export ORACLE_HOME=/u01/app/oracle/product/10.2.0
#export DISPLAY=localhost:0.0
export TZ=CST6CDT
export ORA_OCI_NO_OPTIMIZED_FETCH=1
ORA_OCI_NO_OPTIMIZED_FETCH=1; export ORA_OCI_NO_OPTIMIZED_FETCH
export ORACLE_SID=
export ORACLE_TERM=xterm
#export TNS_ADMIN= Set if sqlnet.ora, tnsnames.ora, etc. are not in $ORACLE_HOME/network/admin

export NLS_LANG=AMERICAN;

LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib
export LD_LIBRARY_PATH

# Set shell search paths

unset PATH

PATH=/usr/sbin:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin; export PATH
export PATH=$PATH:$ORACLE_HOME/bin

#CLASSPATH
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib
CLASSPATH=$CLASSPATH:$ORACLE_HOME/network/jlib
export EDITOR=vi
set -o vi
PS1='$PWD:$ORACLE_SID>'

    o11g. Profile

    TMP=/tmp; export TMP
TMPDIR=$TMP; export TMPDIR

export ORACLE_BASE=/u01/app/oracle
unset ORACLE_HOME
export ORACLE_HOME=/u01/app/oracle/product/11.2.0
#export DISPLAY=localhost:0.0
export TZ=CST6CDT
export ORA_OCI_NO_OPTIMIZED_FETCH=1
ORA_OCI_NO_OPTIMIZED_FETCH=1; export ORA_OCI_NO_OPTIMIZED_FETCH
export ORACLE_SID=
export ORACLE_TERM=xterm
#export TNS_ADMIN= Set if sqlnet.ora, tnsnames.ora, etc. are not in $ORACLE_HOME/network/admin

export NLS_LANG=AMERICAN;

LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib
export LD_LIBRARY_PATH

# Set shell search paths

unset PATH

PATH=/usr/sbin:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin; export PATH
export PATH=$PATH:$ORACLE_HOME/bin

#CLASSPATH
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib
CLASSPATH=$CLASSPATH:$ORACLE_HOME/network/jlib
export EDITOR=vi
set -o vi
PS1='$PWD:$ORACLE_SID>'

    Best regards

    mseberg

  • Local error-1200 creation push certificates on the server. Any idea?

    In the Application Server

    When you try to renew or create a certificate to push comes up with the error "Certificates to push creation local error - 1200" on the server. Any idea? »

    I'm having the same problem with 10.7.5 server. (two of them)

    At the time of renewal, I was looking at the Console and I think the Apple Server SSL certificate is therefore more reliable.

    (or server versions are low)

    August 15 at 10:23:08 login.* * servermgrd [23349]: received the connection error: error domain = NSURLErrorDomain Code =-1200 "error SSL and a connection to the server cannot be made. UserInfo = 0x7fb8f5aab9a0 {NSUnderlyingError = 0x7fb8f15af450 "error SSL and a connection to the server cannot be made.", NSErrorFailingURLStringKey =https://identity.apple.com/pushcert/caservice/renew, NSErrorFailingURLKey =https://identity.apple.com/pushcert/caservice/renew, NSLocalizedRecoverySuggestion = you want to connect to the server anyway?, NSLocalizedDescription = SSL an error has occurred and a connection to the server cannot be made.}

    August 15 at 10:23:08 login.* * servermgrd [23349]: certificate request to push failed: reason = Local, error code = - 1200, error = error Domain = NSURLErrorDomain Code =-1200 "error SSL and a connection to the server cannot be made. UserInfo = 0x7fb8f5aab9a0 {NSUnderlyingError = 0x7fb8f15af450 "error SSL and a connection to the server cannot be made.", NSErrorFailingURLStringKey =https://identity.apple.com/pushcert/caservice/renew, NSErrorFailingURLKey =https://identity.apple.com/pushcert/caservice/renew, NSLocalizedRecoverySuggestion = you want to connect to the server anyway?, NSLocalizedDescription = SSL an error has occurred and a connection to the server cannot be made.}

    So not yet an idea, but hopefully with these console outputs happen to something?

  • Office proxy firewall monitor secure connections (https) and send their own certificate instead of the certificate of the Web site

    Firefox works fine on my home network or while I connect to the internet directly via data card. However, @ my office use us proxy and for almost all sites (even google search) Firefox stops saying "this connection is untrusted".

    Attached are the screenshot for the same thing to help him to help me.

    I search a lot and was closest to you that I came to this url https://support.mozilla.org/en-US/questions/978722

    Is there a way to Firefox to add office proxy certificate in the certificate chain (don't know if that will help?)

    How to solve this? Kindly advice.

    I think most of the proxies work similarly: they generate a false certificate to the site and have your browser so that they can decrypt and inspect the traffic between you and the site. It is a hassle to have to make exceptions for individual certificates of false - it is more effective to recognize the certificate that the proxy uses to sign false certificates as valid a certificate authority.

    The trick is to identify this certificate. It might be easier to go to IE or Chrome, since both use the Windows certificate store (Firefox uses its own). By inspecting the certificate for a secure site and the certificate used to sign, you may be able to identify and to export this certificate (DER format or .cer).

    In Firefox, you who would incorporate in the section of the authorities in the Certificates dialog box:

    "3-bar" menu button (or tools) > Options > advanced > mini-onglet Certificates > "View certificates" button > mini-onglet References > "Import..." button »

    Of course, it is probably safer to check with your COMPUTER that you've found and exported the correct certificate before you import it into Firefox.

  • All https sites are routed to/from a site that has an 'invalid certificate' with the name DATAMARKETRESEARCHAPPS.

    I can't access any site secure with her being blocked entirely or has the possibility to access in any case given an untrusted certificate. Secure any site I now have the same message. The name in all areas is 'DIGITALMARKETRESEARCHAPPS PTY LTD'. I'll have after this through IE I can't access Firefox site via firefox. I just upgrade to v26 v27 and did a reset and had no problem before this.

    Hello rehmeyer, this seems to be a problem caused by malicious software on your PC.

    go to Control Panel / programs and remove all the toolbars, programs, suspicious or things you have not installed intentionally there.

    afterwards, run a full scan of your system with security tools like the free version of malwarebytes & adwcleaner.

    Fix Firefox problems caused by malicious software

  • Sony walkman b172 unable to get the certificate of the device to transfer any music! Help!

    I have recenetly had my new sony walkman b172, I just installed and registered the device in my name, when I go to transfer all synchronization musicor music in WMP, it says Error failed to get the certificate for devices, please make sure that its not busy and try again, I tried different USB ports and everything but without success, anyone has any help at all please!

    Exactly the same problem with NWZ-E475. Some albums synchronize very well but others say... .not possible to get the certificate of the device...

    Why since on my old 4 GB Walkman the exact same files have been transferred OK?

  • Pre complains about SSL certificate on the exchange server

    Hello.  I just got a pre and tries to set up to communicate with an exchnage server.  Pre complains and will not set up the connection with this error message: «"SSL certificate error.» Is the date and time correct? ».  The date and time are correct, but the server is running a self signed certificate.  This causes no problems with iPhones that use a lot of people here.

    How can I fix it?  It is not all parameters for this problem.

    I spent the weekend trying to test and understand what was going on.  I found that if I nominated the e-mail server (name after HTTPS: / / in Setup) the same as the name of certificate displayed in the Certificate Manager (Launcher > Device Info > more info > Menu > Certificate Manager), the error should disappear.  The problem for me was that the name of cert in cert Manager was different from address of mail server (in my case server. [domain .local] instead of mail. ([Domain_name] .com).  The transformation it seems to use is:

    (1) find the certificate...

    (2) CN is HTTPS: / / in the installer?

    (3) If no, use error 'Verify the certificate, date and time not correct' (or whatever it is) - If Yes, go to HTTPS: / /.

    (4) Exchange requires safety pin?  If no, proceed to synchronize - if so, use error "unsupported of security policies.

    So I looked more closely CERT and it held several common names (CN) for the cert.  It seems that ANY OTHER DEVICE can filter through the list of common names, and use the one that works.  The Pre uses only (whether first or last, I don't know).

    So, there are two options for the certificate problem (I guess the 3rd is that you can return the phone):

    FIRST SOLUTION

    =====================

    (1) check the name of cert in cert Manager.

    (2) if it is a name that can be resolved DNS (i.e.  [mail]. [mywebsite]. [com]) then change this setting in your exchange installation program in the mail server field beside the HTTPS: / /.

    This will only fix it if your COMPUTER administrator has with permissions on the used field.  It is possible that an alias is used on other areas

    SECOND SOLUTION (as I have done)

    =================================

    (1) ensure that your Certification Authority is installed.  You can do it by clicking START > ADMINISTRATIVE TOOLS > CERTIFICATION AUTHORITY - OR - on a computer on your network using IE/Safari/Firefox and typing http://server/certsrv.  If the page is found, then you are installed, if not, then you will need to have installed.

    NOTE: SBS 2003 WILL AWARD A CERT TO THE IIS WITHOUT THE ROOT CA.  THIS SEEMS TO BE THE PROBLEM WITH THE AUTO CERTS GENERATED I HAD

    (2) If you have not installed it, go to this topic, it is well written to get step by step instructions how to install, create demand for cert, create the cert and install the cert (it took me about 30 min).   http://www.MSExchange.org/tutorials/SSL_Enabling_OWA_2003.html

    NOTE: IF YOU ALREADY HAVE A CERT ON IIS, YOU NEED TO REMOVE IT AS IT IS "DEFECTIVE" CERT BEFORE YOU CAN REQUEST A NEW CERTIFICATE.  YOU MAY BE ABLE TO REINSTALL OVER THE NEW CERT, BUT I DON'T KNOW

    (3) open https://mail.domain.com/exchange on your computer - display details of the cert and save the file on your desktop - if you are using a laptop, you can also install it on your laptop to use for use outside the Office (this is also a good back-up that you can use to get more later if needed again).

    (4) plug your pre in USB mode.

    (5) slide the cert and unplug the USB cable

    (6) go to cert Manager

    7) tap on the icon of "Sun" at the bottom left

    (8) press on the new file cert that you save in USB mode

    (9) to confirm that the new cert appears with the name of the correct mail server

    10) go to the e-mail program and configure the exchange account

    The above will create a REAL root cert (not IIS domain root Cert) that the Pre can work with.

    Really, I don't know that how/why Palm overlooked this possibility because they claimed so-called does not want to sell to companies who need strict security requirements.  For me, it means a small / medium company that has limited IT supports (according to the needs, pay as you or green guy with limited knowledge).  Then, why they test the GER in this environment, I'm not sure.  I bet they were tested on their own network, which has all the correct methods, best practices for the management of cert.  I guess it's like the developers that they have offended and almost lost their support until turned it over and said: 'sorry, we really want make you programs for our platform WebOS. ".  We've just been paranoid for so long salivate us when the bell rings. "They just didn't beta test this well enough.  The sad result of this is that Sprint will have to address all of the sheets because this certificate simple reading process was given only minimal recognition capabilities.

    But having said that - I'm now completely in love with my pre!

    I'm happy to try to help if you need it.  I found a lot of the forum of solutions were not enough detailed, so do not hesitate to contact.

  • Two TouchSmart PCs in different locations die on the same day with the same error? (BIOHD-2)

    Hi all

    It's really weird... and very frustrating.

    I own an IQ506 (with TV tuner) which I was quite pleased. So much so, that I had my office purchase, too (IQ504). But lately, my computer acted (locking up, freezing). Funny enough, the IQ504, we bought for work has also been acing similarly.

    Today, the IQ504 at work died. We ran startup diagnostics tool and found a problem with the hard drive (not detected).

    I'm here houses a TouchSmart work, but before going to bed, I tried to wake up from its sleep to see the doughnut of Vista of death. So I made a forced shutdown and restart. Then, I got an error "missing media, please restart." So I did. Several times, to see the same error. I'm trying to run the diagnostics F9 (which is slow to run) and find the diagnostic tools cannot find the HARD drive. I reboot again and enter the Setup program. Of course, no hard drive detected.

    This seems to be a strange coincidence. The two PCs in different parts of the city, BOTH die the SAME day with the SAME error?

    Dead hard drive? or the SATA controller would be dead?

    Please don't tell me that all the new photos of the birthday of my daughter are now gone...

    Is that what HP would cover under warranty?

    What can I do?

    Thank you

    Doon

    IQ506 running Vista Home premium. A device attached: HP LaserJet.

    Message edited by doon on 17/12/2008 01:32

    see you soon,
    Doon

    I just wanted you to know that...

    (1) the newly displayed firmware fix may not work for you immediately

    2) there is a solution!

    I just unbricked my drive and recovered ALL MY DATA! I look back to the top as I type...

    Here is the solution I posted:

    http://h30434.www3.HP.com/PSG/board/message?message.UID=34409#U34409

    I hope this helps!

    See you soon,.

    Doon

  • Windows Vista update, constantly offering the same updates

    Well, the title of my post was just to make things seem worse than they really are. But I think it's a bug, not less.

    I just installed Windows Security Essentials. "Windows Update" keeps me showing that there are both updates optional available through the installation of "Windows Security Essentials". They are updated definition for this software. They are two 3.7 MB. KB, KB2310138, numbers are both the same, but the details see the numbers of different virus definition. The definition of a 1.97.1086.0 and the other is 1.97.840.0. If I install one updates it installs correctly and everything is fine, except that Microsoft Update tells me there is 1 additional optional upgrade for me to install which is annoying and misleading. If I install "both" the KB2310138 updated simultaneously or in succession he confused Windows Update all together and go back to square 1 saying that there is 'optional' 2 updates I can install it. I don't know what is happening, but there is definitely a bug in the middle of all this chaos.

    Maybe someone could tell me if these "Windows Security Essentials" definition updates are cumulative, so that if you later you don't need all the updates of prior definition or are non-cumulative? Thank you.

    * original ugly bug title - Windows Vista Home Basic Update - Microsoft has not yet discovered *.

    System configuration: Ultimate, card mother Gigabyte GA-EP45-UD3L Winndows 7, Intel Pentium Dual - Core E6300 Wolfdale 2.8 GHz, 4 GB of memory PC - 1066 DDR2 Patriot Viper, 500 GB Western Digital hard drive, GeForce 8800GT Videocard

    See...

    Microsoft Eessentials (MSE) definitions/Signatures FAQ security update
    http://social.answers.Microsoft.com/forums/en-us/mseupdate/thread/74e507b8-f6da-4ECA-8CE7-d1aca7d3f1ba

    Why the definition for MSE updates considered OPTIONAL updates?
    http://social.answers.Microsoft.com/forums/en-us/msestart/thread/b5594cea-93b4-4320-8cbb-edc59a0948cc

    Long story, short version: ignore updates of definitions offered by Windows Update. Properly installed, MSE will be auto-updated itself about once every 24 hours.

    Additional references:

    Checklist for installation of Microsoft Security Essentials
    http://social.answers.Microsoft.com/forums/en-us/msestart/thread/bf757e6a-E320-4a67-92bc-767e6acb26c4

    Should I have any other antivirus software and Microsoft Security Essentials?
    http://blogs.msdn.com/b/securitytipstalk/archive/2010/09/08/do-i-need-both-Microsoft-security-essentials-and-another-antivirus-software-program.aspx

    List of [anti-virus and anti-malware] tools cleaning/uninstall program
    http://social.answers.Microsoft.com/forums/en-us/msestart/thread/407bf6da-C05D-4546-8788-0aa4c25a1f91

    You will find the MSE in favor in these forums: http://social.answers.microsoft.com/Forums/en-US/category/mse

    ~ Robear Dyer (PA Bear) ~ MS MVP (that is to say, mail, security, Windows & Update Services) since 2002 ~ WARNING: MS MVPs represent or work for Microsoft

Maybe you are looking for

  • Satellite L505-13W - FN keys were not and touchpad problem

    Hello everyone, I have two questions and I'd highly appreciate your help. First, when I got the laptop he used to have a Fn bar that comes down from the top of the screen when I press the Fn, it shows all the keys Fn, now it disappeared. I need to ge

  • Reading data from text file

    I would like to read data (sepereated of numbers with spaces) and write them in a table. That's what I have so far. Thank you.

  • Options for blackBerry Smartphones

    As a new user of BB I'll have a little difficulty. For one when I plugged the BB into computer he finds not the SD card. Then I saw here where he says something on the homepage options, but I cannot find the options. Any help would be appreciated.

  • BlackBerry smartphones HELP! Difficulties to download App World to my 8220 Flip

    I have trouble downloading App World to my 8220 Flip.  I have the latest OS 4.6 180. Tried USB and WiFi. I get an error message that says that my phone does not to the requirements that are necessary to support the BB App World. The 8220 does App Wor

  • How to analyse the core dump generated by the user application

    My user application developed for ESXi 5.5 occasionally generates signal SIGSEGV, causing in turn core dump generated.I used this command to enable the generation of core dump in the directory/var/core./ sbin/vsish EI configuration/userworld/global/c