FileMaker Server Pem

I have a computer is always running Filemaker 11 on a remote network share. After reloading of the application of the FMP 11 on this computer, I can longer open remote files. I remember having to add a Pem of server to the app to get the remote to work, but cant't remember where this needs to be added. Help.

I thought it was library < application="" support=""> Filemaker, but could not find the Filemaker folder in Application Support

I do not use this software, but there are several library folders.

The other is in your user folder / your name short.

Tags: Mac OS & System Software

Similar Questions

El Cap server running hot

I run a server on 10.11.6. 5.1.5 the server for our team of employees serving OD, sharing files, profile and Filemaker server on a Mini Server 2010 Manager.

Two days ago, the machine starts to heat up, looking at activity monitor I've seen a lot of launchd, kernel_task, mds_stores process. After some tests, I decided to stop Spotlight with "sudo launchctl unload w /System/Library/LaunchDaemons/com.apple.metadata.mds.plist"lies which I don't use anyway on the server and bingo madness of the process and the machine runs on 90% Idle again... it should, see our low usage. "

However, I really want to know what happened to this machine.

Also... loading mds.plist back back the process launchd always taking 40% or more of CPU.

I also see this message?

28/07/16 7:51:12.003 AM com.apple.CDScheduler [80]: * LOG MESSAGE QUOTA EXCEEDED - SOME MESSAGES OF THIS PROCESS HAVE BEEN LAID *.

and a lot of

27/07/16 11:07:34.000 PM kernel [0]: sandbox: mdworker (678) deny (1) - reading-data /Applications/Chess.app/Contents/MacOS/Chess file

No clue what's going on with this machine?

Well well, to begin with I think you should run with OS X 10.11.6 5.1.7 server

When I met errors for access affecting the standard applications included with OS X my first shot is a simple reinstallation of OS X:

How to reinstall OS X - Apple support

It wouldn't hurt to restart in safe mode, use disk utility to check the disk, the usual rituals.

C.

OS x mail server

Hello

Hello, I am planning to buy a new Mac Mini, but I want to install a mail server.

Until Apple has a Mac Mini Server version but no more.

Is this fair?

If there is no OSX Server over which Mail Server do you recommend to install on a new Mac Mini?

The purpose of this Mac is to install FileMaker Server and a mail server (Mail Server with just a few accounts using only the FileMaker Server).

Concerning

Ben

Hi Ben,

Where before OS X 10.5 Server was a stand-alone that cost a lot of money, you can now buy server for about $20 and install it on any Mac. Also since the advent of the new generation of storage media, have a separate Mini configured as a server was blown out the window. The rationale being with the scalability and speed of lightning, it is easier this. Previously being storage bottlenecks and the storage interface being slow, requiring exquisite amounts of RAM and so the two that requires a lot more than processing power was turned on its head with a new and an old technology. As a first step, it is SSD/Flash storage, and the second is the compression of memory. Thus, the old principle of memory allocated nothing do disappeared. With compression having being resurrected, it allows less power-hungry CPUs and less memory, in conjunction with a Flash for the results equal or superior storage.

In short, get a Mini SSD with as much RAM as possible and decent processing power and which cling the external storage.

Now Server 5.015 rules the roost.

Leo

SBS Server 2003 and Exchange Server - need access, but don't have HARD drive

Hello

A couple of years our sever dies completely, but we kept the drive HARD, but unfortunately not the CD with the software or the software key. So, I now have 2HDD, the original boot partition and the other with the data. now as well clean and fully functional and connected to an old desk. I can see everything beautiful, but I can't boot from the original boot drive (I tried simply disconnecting desktop boot disk and windows for 1 second logo shows a d, then chucks back me to the initial charge (BACK?).) The point is that I need to boot into SBS2003 with exchange server installed in order to access a handful of old emails that have become extremely important, as well as to run an old version of Filemaker server, which can run on any newer operating system

I tried, by the way, a converter for swap files and I can see the directories but I think that, unless I paid $xxx.00 for something, which I can't afford now, so I will not get the emails and all attachments back.

So my question is this - is anyway that I can use the original startup disk in a new hardware environment to restore sbs 200 and Exchange if you work? I paid huge sums for both, so I think I should be able to use it again!

Thank you very much

Gor

This issue is beyond the scope of this site and must be placed on Technet or MSDN

http://social.technet.Microsoft.com/forums/en-us/home

http://social.msdn.Microsoft.com/forums/en-us/home

Crypto pki Server missing option "info".

After upgraging to IOS c2800nm-advsecurityk9 - mz.151 - 2.T1.bin, option requests information Server CA cryptographic pki no longer exist, the serv crypto pki CA-SERVER command is available, but only with the following options.

CA #crypto CA-SERVER pki Server?
grant of Grant applications
password One Time Password registration CEP
reject to reject registration applications
Remove delete database registration applications
pick up a registration request
revoke the certificate to revoke
start the boot server
Stop stop server
trim Trim the CRL based on the expired certificates file.
cancel the Unrevoke Certificate revocation

.

.

.

is there a new way to look at "pending" spoke or customer requests or I do something (or many things) incorrectly?

.

.

.

.

.

.

.

I have configured the CA server as:

.

host name of the CA SERVER
IP - test.lab domain name
Server 192.168.0.1
clock timezone IS - 5
summer time clock
NTP master 3
source NTP loopback0

.

IP http server

.

the encryption key generate label CA-SERVER rsa keys general module exportable 1024
key export cryptographic rsa CA-SERVER pem usbflash0 url: 3des
crypto CA-Server PKI
(ca-server) # database url usbflash0:
database (ca-server) # full level
(ca-) # transmitter servername CN = blah blah blah
# lifetime ca-certificate 730 (ca-server)
life certificate (ca-server) # 750
CRL lifetime (ca-server) # 336
(ca-server) # no shutdown
end

.

.

.

.

R1 #sh crypto pki Server
CA SERVER certificate:
Status: enabled
Status: enabled
Configuration of the server is locked (enter 'closed' to unlock)
Name of the issuer: CN = blah blah blah
Imprint of cert CA: # # # #.
Licensing mode: manual
Last serial number of the certificate issued (hex): 1
CA certificate expiration timer: 11:57:05 EST October 3, 2012
CRL NextUpdate timer: 11:57:00 GMT October 18, 2010
Current main repository: usbflash0:
Database level: Complete - CERT issued all written as .cer

.

.

TKS for any assistance.

Frank

Hi, Frank:

Yes, this command has been deprecated in the new IOS code. You should be able to use the command a show crypto pki Server AC-query SERVER to get the same good news.

Thank you

Wen

NETGEAR ProSafe VPN Firewall SRXN3205 and port forwarding?

Hi, this is a long shot, but I'm pulling my hair out at this point and can be a bit over my head, as I am new on network

Small short story, I have two servers, one is the NAS box (IE if I connect via the internet to the site via public IP network from home, I get it that site says 'my actions' I insert login and pass and get access to them.)
That is, everything is peachy.
The problem is when I try to connect to my FileMaker Server I'm not and instead, he takes me to the login NAS box. So I think ok, I need to port forward (5003 for filemaker) to go to different PC local LAN(192. etc)

Security > firewall > Add Service entering:
Service: fmserver
Action: Always leave
Send to LAN Server: unique address 192. etc is filemaker installed on (and different on a NAS)
Definition of Port number: 5003<-- is="" this="" right?="" how="" else="" would="" you="" indicate="" you="" want="" all="" connections="" on="" this="" port="" to="" go="" to="" this="" specific="" lan="" machine="" from="" internet="" instead="" of="" default="" which="" seems="" to="" be="">
rest is default, I click on apply.

Here's what I don't understand. In the table of incoming Services, (security > firewall) I have two local IP in the list, a SIN, the other for Filemaker. But only the top works and can be connected to. I can move every top position and it will work, but they will not work at the same time, just the one that sits on the top of the sad Smiley page

and yes I read the manual again and again and don't know how I'm screwing up the port forwarding on this point, even if I am brand new to probably something stupid Smiley Happy (our work IT guy is gone so tried to get involved through this somehow)

Any help would be appreciated.

Hello sinieq,

There is a hierarchy on incoming service table, which is normal. I see 4 services added using "ANY" (ALL use any port number) you will need to remove/disable these because of the rule of the hierarchy on the table, all other services will be ignored when EVERYTHING is used. What is the port number used by the NAS Server? I don't see a port defined to access NAS. Try disabling services by using "ANY" and try again by adding the translation to the port number of the NAS.

Let us know what happens.

Thank you

Private key does not match cert.

Hello
I just bought certificates to an authority important cert for my area of work poc, but when you try to install them on the Configurator in the SSL part I get a "private key does not match cert".
I got three files of digicert (DigiCertCA.crt - TrustedRoot.crt and mysite.com.crt)
I have them open with notepad and copy all the content in a text file in the order of trusteroot mysite - digicert. This stuck in the part of the SSL certificate and copied the REA does for demand in the private key part, but it fails with this error.
also tried downloading the cert as a pem file but the same error.
If anyone knows what I'm doing wrong?
See you soon
SEB

Solved.

In fact, I feel really stupid but who knows that someone else could sit and scratch your head like I did so as usual better sharing where it can benefit and spare some time.

Reading here and there (I really feel like a fool...) I figured out I was entering my CSR to enter my private key. But then, where is my private key?

I generated the cert with the tool of digicert. Filled in all the fields so I end up with my cert and my csr... No private key

In order to get the key of a bit of research on Google as usual and think about it.

Add to export the certificate with the private key using openssl and managed to recover the key

Export the private from the pfx file key file

OpenSSL pkcs12 - in filename.pfx - nocerts - out .pem

Export the certificate file in the pfx file
OpenSSL pkcs12 - in filename.pfx - clcerts - nokeys-out cert.pem

Remove the password for the private key
OpenSSL rsa - in .pem-out server.pem

Chained all three CERT downloaded previously into one. It stuck in the SSL section. Copied content of server.pem in the private key part and TaDaaa here goes green

See you soon

SEB

Decide if Acrobat is the best solution

I think to put a standard form of dentists who inquire about his web site. So basically
You can fill out the information contained in its web site, and then when you go to the office, they can print
It and have you sign.
I just bought Adobe Master Collection for flash and Photoshop, but I want to make the most as
possible, but what I've read, acrobat 9 pro may not be the way to go for this.
(1) for the most part, I'll need to be able to send information of my php script to the pdf document
(If I can get the dentist, print the pdf for this user)
(2) create a user fill out and submit the form to the php script, so I can collect data.
(Keeping in mind I'm going to need the user_id so I can differentiate the customers for the dentist then)
He can shoot the doc on the right when you're ready)
Height of the task, so acrobat? I need anyone must be able to be read/fill
the doc people with acrobat 9 pro.
Please let me know if you have any links that could help me get started if you think that acrobat
is the ideal solution for this.
Thank you very much.

I make a web form and exit Acrobat out of the picture. Filling in a PDF form fields from a database takes expensive technologies of the product suite of LiveCycle to programs. It is a minimum of 5 digits to start. If you have programming skills, a web form is the way to go. Of course if use you the site locally from your desktop or at the dentists office, then FileMaker Pro or FileMaker Server would be the best way to go. However, FileMaker Pro limits the number of simultaneous users on the site for a very small number of users. But for a small dental practice work FileMaker Pro. FileMaker Server is not the number of restrictions of the user.

App Server 5.2 & RADIUS

We have a Mac Mini server (macOS 10.12) with configured App (5.2) Server (active Directory and DNS Server Services Open, the network is on a static IP). We used to have an Airport Extreme set from the application server, with providing RADIUS authentication server.

Now, we would like to add other extreme BaseStation from the airport to the network expand its range. We were already able to add another customer through Admin Tool Radius RADIUS. But, of course, access to the network via the second access point does not work.

Application server is a really strange, because he gives, in many areas, rudimentary and owners is responsible for a large number of technologies, but if you want something you sort of a fall application server services. For example the App Server WebServices collide with advanced options for Apache, passenger, etc., once you try to configure something advanced Web services stop working. I hope that we will get configuration of the advanced features of future iterations. That's what concerns me here: Server App, basestations integration integration server App and RADIUS with several Airport Extreme BaseStation.

1. as a result, I would like to know what kind of RADIUS support App Server provides it?

2. Since the addition of a second Airport base station does not work, I guess I'll have to configure a RADIUS server outside the server application, probably as a result of this video: https://vimeo.com/53774350?

3. but what happens to Airport base Station of the application server configuration, I was active for the first base station? Can I still configure Services and the server mapping App?

4. should I maybe keep the base activated in App Server station, but disable the requirement of authentication via WiFi and configure a separate RADIUS server?

5. What is the certificates: App Server already has a global certificate, I can use this instead of building a new one?

6. the access group will be visible in App Server?

I hope someone can help.

When I "sudo radiusconfig - methods", I get:

{

clientcount = 2;

set = 1;

'eap.conf' = {}

'CA_file' = ' / etc/certificates/server.seju.eu.xxxxxxxxxx.chain.pem ';

Wilson = "/ Library/Server/RADIUS/raddb/certs".

certdir = ' / Library/Server/RADIUS/raddb/certs ".

'raddbdir' = ' / etc/certificates/server.seju.eu.xxxxxxxxxx.cert.pem ';

"check_cert_cn" = "% {user name} ';

"check_crl" = no;

'raddbdir' = ' / Library/Server/RADIUS/raddb/certs/dh;

'fragment_size' = 1024;

"include_length" = yes;

'private_key_file' = ' / etc/certificates/server.seju.eu.xxxxxxxxxx.key.pem ';

"private_key_password" = "Apple: UseCertAdmin";

'raddbdir' = ' / Library/Server/RADIUS/raddb/certs/random ";

};

'radiusd.conf' = {}

AUTH = no;

"auth_badpass" = no;

"auth_goodpass" = no;

'cleanup_delay' = 5;

confdir = "/ Library/Server/RADIUS/raddb;

'exec_prefix' = ' / Applications/Server.app/Contents/ServerRoot/usr ';

"hostname_lookups" = no;

localstatedir = "/ private/var;

LogDir = "/ private/var/log/radius";

"max_request_time" = 30;

'max_requests' = 1024;

prefix = ' / Applications/Server.app/Contents/ServerRoot/usr ';

radacctdir = "/ private/var/log/RADIUS/radacct."

certificate_file = "/ Library/Server/RADIUS/raddb;

sbindir script configures = "/ Applications/Server.app/Contents/ServerRoot/usr/sbin";

sysconfdir = "/ Library/Server/radius";

};

}

When I "sudo radiusconfig - naslist", I get

sudo radiusconfig - naslist

customer IP.xxx.xxx.xxx {}

secret = YYYYYYYYYY

ShortName = "Base Station 1.

Community =

type = 'AirPort base station.

Description =

};

customer IP.xxx.xxx.xxx {}

secret = ANACHID

ShortName = "Base Station 2.

Community =

type = 'Airport base station.

Description =

};

Post edited by: Konstrukteur

After some research, I got it to work. I went through all the steps in the video less access group. I guess my problem was obtaining the new base station, after be spent during the installation of the second base station and reset, everything works now! I also corrected some certification of related problems. I used the excellent Admin Tool Radius that is set correctly. Bad adjustment could have been the cause of my troubles!

(1) I would like to know what kind of RADIUS support App Server provides it?

It seems to provide a full support.

(2) given that the addition of a second Airport base station does not work, I guess I have to configure a RADIUS server outside the server application, probably as a result of this video: https://vimeo.com/53774350?

Always excellent tutorial, a bit outdated in macOS Sierra. My RADIUS server was already running a full server.

(3) what happens to Airport base Station of the server application configuration I was active for the first base station? Can I still configure Services and the server mapping App?

It works in our case

(4) should I keep the base activated in App Server station, but disable the requirement of authentication via WiFi and configure a separate RADIUS server?

It works in our case. No need to put in place the Radiusserver again. My incomplete Radius Server was probably a related problem of certification.

(5) what about certificates: App Server already has a global certificate, I can use this instead of building a new one?

Ray will use the certificate used in the server application. I used the excellent Admin Tool Radius to implement.

(6) the access group (which is mentioned in the video) will be visible on the App?

If you choose "view system accounts" under Server > discover then it should appear. But there is no need to access group, as RAY will use Opendirectory.

If everything is working now. As I said I went over the steps alone once again, the problem I had, was probably related to the certificate or an error in the configuration of the Client.

Now, I just have to find a way to get the RADIUS in Console logs, since they do not appear here in macOS Sierra!

HPDM: HPDM replace self signed SSL certificates for server HDPM and master repository

I am trying to replace the automatically generated self-signed certificates (issued to DM) issued by DM server HDPM and master repository. I'm NOT arbitration FTPS, HTTPS embedded HPDM or CERT Thin Client Agent server.

I already have CERT for the installation of our own internal domain CA for FTPS in IIS and the built-in Apache HTTPS server. These work properly and pass tests of repository for both protocols. I also have questions for Thin Clients of our internal CA very well.

I am interested in the HPDM real server cert and cert master repository. These are generated automatically when the two services start. They use a very weak MD5 hash and key RSA 1024. I can't find any documentation around that, with the exception of troubleshooting, in which you can remove these certificates restart services and they will be regenerated.

Here are the paths certs\key
HPDM % install Path%\MasterRepositoryController\Controller.crt (Cert repository)

HPDM % install Path%\MasterRepositoryController\Controller.key (repository key)

HPDM % install Path%\MasterRepositoryController\Client.crt (HPDM Server Cert)

HPDM % install Path%\Server\Bin\hpdmskey.keystore (Both HPDM server and repository Certs and keys) (not sure what format it is in. It is not PEM and P12 ok I can say)

There are also some HPDM % install Path%\Server\bin\hpdmcert.key. Don't know what it is. It's the key to the server HPDM but deleting it does nothing and it is never re auto generated in one of my tests.

I am able to replace the Controller.crt and keys with my own files CA internal those emitted very well. The service started and no errors occur. However if I replace the Client.cert (HPDM Server Cert) with my own service will start but there are Socket SSL errors in repository logs and the HPDM server could not connect to the master repository. I have no idea where the key file is supposed to be for HPDM Server Cert.

Can anyone help with this? I can't find the configuration files for the service to generate their own certificates. If I did I would try at least to change the config to do not use MD5.

Hello

These certiricates between HPDM server and MRC are not designed for customizable. Please submite one scenario if you have concerns of security on it.

Just for info:

hpdmcert. Key is for communication between the server HPDM and gateway HPDM

hpdmskey.keystore is for communication between the server HPDM and MRC

server_keystore is for the commhucation between HPDM server and the Console HPDM

OSX Server Postfix does not start - help!

Hi all

I inherited a 10.7.5 os x server.

He currently acts as a mail (IMAP) server.

When I click on start mail - it stops just again.

Clients use the imap Protocol to send or receive mail, they had on another account. The used imap server as a storage of archives.

Everything was working fine but suddenly stopped, messaging service. I tried to make it work again, but currently I'm quickly anywhere.

I think it's a permissions problem, the outputs are below.

The server is Let's say also that the certificate has expired, it would also prevent workstation (as a service)?

This server is about to be killed, all I want to do is connect to the imap folders and export data!

Thanks for any help

Server: ~ serveradmin$ sudo postfix check

Postfix/postfix-script: WARNING: group or other write: / Library/Server/Mail/Data/mta

Server: ~ serveradmin$ sudo postfix set-permissions

Server: ~ serveradmin$ sudo usr/libexec/postfix/post-installer updated-permissions/usr/libexec/postfix/post-install: error: / postfix-files is not a file.

Server: ~ serveradmin$ sudo usr/libexec/postfix/post-installe data_directory = / Library / / Mail/data/mta server upgrade-permissions

/ usr/libexec/postfix/post-install: error: / postfix-files is not a file.

Server: ~ serveradmin$ sudo serveradmin fullstatus mail

mail: setStateVersion = 1

mail: readWriteSettingsVersion = 1

mail: cluster = _empty_dictionary

mail: servicePortsRestrictionInfo = _empty_array

mail: protocolsArray:_array_index:0:status = 'ON '.

mail: protocolsArray:_array_index:0:kind = "INCOMING".

mail: protocolsArray:_array_index:0:protocol = "IMAP".

email: protocolsArray:_array_index:0: state = 'STOPPED '.

mail: protocolsArray:_array_index:0:error = «»

mail: protocolsArray:_array_index:1:status = "OFF".

mail: protocolsArray:_array_index:1:kind = "INCOMING".

mail: protocolsArray:_array_index:1:protocol = 'POP3 '.

email: protocolsArray:_array_index:1: state = 'STOPPED '.

mail: protocolsArray:_array_index:1:error = «»

mail: protocolsArray:_array_index:2:status = 'ON '.

mail: protocolsArray:_array_index:2:kind = "INCOMING".

mail: protocolsArray:_array_index:2:protocol = "SMTP".

email: protocolsArray:_array_index:2: state = 'STOPPED '.

mail: protocolsArray:_array_index:2:error = «»

mail: protocolsArray:_array_index:3:status = 'ON '.

mail: protocolsArray:_array_index:3:kind = "OUTGOING".

mail: protocolsArray:_array_index:3:protocol = "SMTP".

email: protocolsArray:_array_index:3: state = 'STOPPED '.

mail: protocolsArray:_array_index:3:error = «»

mail: protocolsArray:_array_index:4:status = "OFF".

mail: protocolsArray:_array_index:4:kind = "OUTGOING".

mail: protocolsArray:_array_index:4:protocol = 'SERVER '.

email: protocolsArray:_array_index:4: state = 'STOPPED '.

mail: protocolsArray:_array_index:4:error = «»

mail: protocolsArray:_array_index:5:status = "OFF".

mail: protocolsArray:_array_index:5:kind = "INCOMING".

mail: protocolsArray:_array_index:5:protocol = "Junk_mail_filter".

email: protocolsArray:_array_index:5: state = 'STOPPED '.

mail: protocolsArray:_array_index:5:error = «»

mail: protocolsArray:_array_index:6:status = "OFF".

mail: protocolsArray:_array_index:6:kind = "INCOMING".

mail: protocolsArray:_array_index:6:protocol = "Virus_scanner".

email: protocolsArray:_array_index:6: state = 'STOPPED '.

mail: protocolsArray:_array_index:6:error = «»

mail: startedTime = «»

mail: logPaths:IMAP Log = "/ var/log/mailaccess.log".

mail: logPaths:POP Log = "/ var/log/mailaccess.log".

mail: smtp = logPaths:Lists ' / var/log/mailman/smtp.

mail: logPaths:Lists subscribe = "/ var/log/mailman/subscription.

mail: logPaths:Migration Log = "/ Library/Logs/MailMigration.log".

mail: logPaths:SMTP Log = "/ /var/log/mail.log.

mail: logPaths:Server Log = "/ var/log/mailaccess.log".

mail: logPaths:Lists error = "/ var/log/mailman/error".

mail: logPaths:Lists message = "/ var/log/mailman/message.

mail: logPaths:Virus DB Log = "/ var/log/freshclam.log".

mail: logPaths:Lists smtp-failure = "/ var/log/mailman/smtp-failure.

mail: logPaths:Lists qrunner = "/ var/log/mailman/qrunner.

mail: logPaths:Amavisd Log = "/ var/log/amavis.log".

mail: logPaths:Virus Log = "/ var/log/clamav.log".

mail: imapStartedTime = «»

mail: servicePortsAreRestricted = 'NO '.

mail: state = 'STOPPED '.

mail: postfixStartedTime = «»

Server: ~ $ sudo serveradmin postconf - n

Biff = no

command_directory = / usr/sbin

config_directory = / etc/postfix

content_filter =

daemon_directory = / usr/libexec/postfix

data_directory = / Library/Server/Mail/Data/mta

debug_peer_level = 2

enable_server_options = yes

header_checks =

html_directory = / usr/share/doc/postfix/html

imap_submit_cred_file = /private/etc/postfix/submit.cred

inet_interfaces = loopback only

inet_protocols = all

mail_owner = _postfix

mailbox_size_limit = 0

mailbox_transport = dovecot

mailq_path = / usr/bin/mailq

manpage_directory = essential

maps_rbl_domains =

message_size_limit = 0

mydestination = $myhostname, localhost. $mydomain, localhost

mydomain = AAA.co.uk

mydomain_fallback = localhost

myhostname = AAA.co.uk

MyNetworks = 127.0.0.0/8, [: 1] / 128

newaliases_path = / usr/bin/newaliases

postscreen_dnsbl_sites =

queue_directory = / Library/Server/Mail/Data/spool

readme_directory = / usr/share/doc/postfix

recipient_canonical_maps = hash: / etc/postfix/system_user_maps

recipient_delimiter = +.

relayhost =

sample_directory = / usr/share/doc/postfix/examples

sendmail_path = sendmail

setgid_group = _postdrop

smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated allowed

smtpd_enforce_tls = no

smtpd_helo_required = no

smtpd_helo_restrictions =

smtpd_pw_server_security_options =

smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination permit_sasl_authenticated allowed

smtpd_sasl_auth_enable = yes

smtpd_tls_CAfile = / etc/certificates/server. AAA.co.uk.4C925A07FB31A9F93148448EE1140838C6ECE9D2.cha in.pem

smtpd_tls_cert_file = / etc/certificates/server. AAA.co.uk.4C925A07FB31A9F93148448EE1140838C6ECE9D2.cer t.pem

smtpd_tls_ciphers = medium

smtpd_tls_exclude_ciphers = aNULL, SSLv2, ADH, eNULL

smtpd_tls_key_file = / etc/certificates/server. AAA.co.uk.4C925A07FB31A9F93148448EE1140838C6ECE9D2.key .pem

smtpd_use_pw_server = yes

smtpd_use_tls = yes

tls_random_source = dev: / dev/urandom

unknown_local_recipient_reject_code = 550

use_sacl_cache = yes

virtual_alias_maps = $virtual_maps

SMTP LOG

dec 16 15:17:20 Server postfix/qmgr [11517]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:17:21 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11517 exit status 1

dec 16 15:17:21 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:18:21 Server postfix/qmgr [11586]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:18:22 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11586 exit status 1

dec 16 15:18:22 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:19:12 server postfix/Pick-up [11649]: fatal: scan_dir_push: open the maildrop directory: no such file or directory

dec 16 15:19:13 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/pickup pid 11649 exit status 1

dec 16 15:19:13 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/pickup: bad command startup - limitation

dec 16 15:19:22 Server postfix/qmgr [11655]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:19:23 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11655 exit status 1

dec 16 15:19:23 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:20:23 Server postfix/qmgr [11729]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:20:24 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11729 exit status 1

dec 16 15:20:24 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:21:12 server postfix/Pick-up [11761]: fatal: scan_dir_push: open the maildrop directory: no such file or directory

dec 16 15:21:13 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/pickup pid 11761 exit status 1

dec 16 15:21:13 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/pickup: bad command startup - limitation

dec 16 15:21:15 Server postfix/showq [11763]: fatal: open the lock pid/unix.showq file: could not create the file exclusively: no such file or directory

dec 16 15:21:16 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/showq pid 11763 exit status 1

dec 16 15:21:16 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/showq: bad command startup - limitation

dec 16 15:21:24 Server postfix/qmgr [11769]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:21:25 server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11769 exit status 1

dec 16 15:21:25 server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:22:16 Server postfix/showq [11805]: fatal: open the lock pid/unix.showq file: could not create the file exclusively: no such file or directory

dec 16 15:22:17 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/showq pid 11805 exit status 1

dec 16 15:22:17 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/showq: bad command startup - limitation

dec 16 15:22:25 server postfix/qmgr [11811]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:22:26 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11811 exit status 1

dec 16 15:22:26 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:23:12 server postfix/Pick-up [11836]: fatal: scan_dir_push: open the maildrop directory: no such file or directory

dec 16 15:23:13 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/pickup pid 11836 exit status 1

dec 16 15:23:13 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/pickup: bad command startup - limitation

dec 16 15:23:17 Server postfix/showq [11838]: fatal: open the lock pid/unix.showq file: could not create the file exclusively: no such file or directory

dec 16 15:23:18 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/showq pid 11838 exit status 1

dec 16 15:23:18 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/showq: bad command startup - limitation

dec 16 15:23:26 Server postfix/qmgr [11844]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:23:27 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11844 exit status 1

dec 16 15:23:27 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:24:18 Server postfix/showq [11870]: fatal: open the lock pid/unix.showq file: could not create the file exclusively: no such file or directory

dec 16 15:24:19 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/showq pid 11870 exit status 1

dec 16 15:24:19 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/showq: bad command startup - limitation

dec 16 15:24:27 Server postfix/qmgr [11878]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:24:28 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11878 exit status 1

dec 16 15:24:28 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:25:12 server postfix/Pick-up [11903]: fatal: scan_dir_push: open the maildrop directory: no such file or directory

dec 16 15:25:13 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/pickup pid 11903 exit status 1

dec 16 15:25:13 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/pickup: bad command startup - limitation

dec 16 15:25:19 Server postfix/showq [11986]: fatal: open the lock pid/unix.showq file: could not create the file exclusively: no such file or directory

dec 16 15:25:20 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/showq pid 11986 exit status 1

dec 16 15:25:20 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/showq: bad command startup - limitation

dec 16 15:25:28 Server postfix/qmgr [11992]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:25:29 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 11992 exit status 1

dec 16 15:25:29 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:26:20 Server postfix/showq [12019]: fatal: open the lock pid/unix.showq file: could not create the file exclusively: no such file or directory

dec 16 15:26:21 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/showq pid 12019 exit status 1

dec 16 15:26:21 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/showq: bad command startup - limitation

dec 16 15:26:29 Server postfix/qmgr [12024]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:26:30 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 12024 exit status 1

dec 16 15:26:30 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:27:12 server postfix/Pick-up [12048]: fatal: scan_dir_push: open the maildrop directory: no such file or directory

dec 16 15:27:13 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/pickup pid 12048 exit status 1

dec 16 15:27:13 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/pickup: bad command startup - limitation

dec 16 15:27:21 Server postfix/showq [12085]: fatal: open the lock pid/unix.showq file: could not create the file exclusively: no such file or directory

dec 16 15:27:22 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/showq pid 12085 exit status 1

dec 16 15:27:22 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/showq: bad command startup - limitation

dec 16 15:27:30 Server postfix/qmgr [12101]: fatal: scan_dir_push: open active directory: no such file or directory

dec 16 15:27:31 Server postfix/master [10118]: warning: treat/usr/libexec/postfix/qmgr pid 12101 exit status 1

dec 16 15:27:31 Server postfix/master [10118]: WARNING: / usr/libexec/postfix/qmgr: bad command startup - limitation

dec 16 15:28:04 server postfix/postfix-script [12220]: warning: group or other write: / Library/Server/Mail/Data/mta

dec 16 15:28:04 server postfix/master [12233]: fatal: bind 127.0.0.1 port 25: address already in use

dec 16 15:29:15 postfix server [12296]: error: to send mail, use the Postfix sendmail command

dec 16 15:29:15 postfix server [12296]: fatal: the postfix command is reserved for the superuser

dec 16 15:36:21 Server postfix/postfix-script [13267]: warning: group or other write: / Library/Server/Mail/Data/mta

dec 16 15:36:21 Server postfix/master [13280]: fatal: bind 127.0.0.1 port 25: address already in use

dec 16 15:37:08 Server postfix/postfix-script [13371]: warning: group or other write: / Library/Server/Mail/Data/mta

dec 16 15:39:42 Server postfix/postfix-script [13585]: warning: group or other write: / Library/Server/Mail/Data/mta

A copy of the disk backup, so that if one of the following conditions fails, or the disk itself is a failure - you have a copy of the data.

It's probably more permissions, but try a repair permissions and a volume.

Some of what is shown implies that Postfix is partially started and partially failed.

What I would try here: create one or two copies - back ups - this disk out for external devices and disconnect and reverse these copies, install a clean copy of 10.7.5 on an external drive to work, install Server.app on it, start the and migrate in this drive OS X Server configuration settings.

Otherwise, there are discussions on access to the Bank of messages directly. On top, I don't remember where this mail store. On most recent releases.app, I look around slot/library/server/mail for this, however. Probably in/library/server/mail/data/email/users

Connect to SQL using SSL server

I am currently using a connection that is encrypted to a SQL Server database. I am able to do this by adding 'encrypt = true' for my channel connection and using a .pem file that I am able to apply using the Microsoft Management console.

http://www.sqlservermart.com/HOWTO/Windows_Import_Certificate.aspx

Is there another way to import a security certificate or dynamically set using the LabView Db connectivity Toolbox?

Almost everything you can do in the MMC plugins is also possible from the command line in Windows. You just need to find the right set of commands and use the Exec VI system to implement your solution.

http://TechNet.Microsoft.com/en-us/library/cc732061 (v = ws.10) .aspx

PHP BB BIS push server works on push_all but not on PIN

Well this time I already develop my client applications,.

and I found this problem when I try to make PHP applications according to http://supportforums.blackberry.com/t5/BlackBerry-Push-Development/Push-API-sample-code-needed/td-p/...

When I send the message to the address push_all:

It works great on my device, but when I send the message with the specified PIN address:

once more, the message is blocked by Firewall (THE firewall IS OFF) as MESSAGE NO FIGURE.

This is my code:

';
        }

        // create a new cURL resource
        $err = false;
        $ch = curl_init();
        $messageid = microtime(true);

        $data = '--asdwewe. "\r\n" .
        'Content-Type: application/xml; charset=UTF-8' . "\r\n\r\n" .
        '
        http://www.openmobilealliance.org/tech/DTD/pap_2.1.dtd">
        
        '
        . $addresses .
        '
        
        ' . "\r\n" .
        '--asdwewe' . "\r\n" .
        'Content-Type: text/plain' . "\r\n" .
                //'Content-Encoding: binary'. "\r\n" .
        'Push-Message-ID: ' . $messageid . "\r\n\r\n" .
        stripslashes($message) . "\r\n" .
        '--asdwewe--' . "\r\n";

        // set URL and other appropriate options
        curl_setopt($ch, CURLOPT_URL, "https://pushapi.eval.blackberry.com/mss/PD_pushRequest");
            curl_setopt($ch, CURLOPT_PORT , 443);
            curl_setopt($ch, CURLOPT_SSLVERSION, 3);
            curl_setopt($ch, CURLOPT_CAINFO, getcwd()."\cacert.pem");
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

        curl_setopt($ch, CURLOPT_HEADER, false);
        curl_setopt($ch, CURLOPT_USERAGENT, "My BB Push Server\1.0");
        curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
        curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
        curl_setopt($ch, CURLOPT_USERPWD, $appid . ':' . $password);
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

        $__extra_Headers = array(
            "Content-Type: multipart/related; boundary=asdwewe; type=application/xml",
            "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2",
            "Connection: keep-alive",
            "X-Rim-Push-Dest-Port: ".$appport,
            "X-RIM-PUSH-ID: ".$messageid,
            "X-RIM-Push-Reliability-Mode: APPLICATION"
        );
        curl_setopt($ch, CURLOPT_HTTPHEADER, $__extra_Headers);

        // grab URL and pass it to the browser
        $xmldata = curl_exec($ch);
        if($xmldata === false){
            echo 'Error pada CURL : ' . curl_error($ch)."\n";
        }else{
            echo 'Operasi push berhasil'."\n";
        }

        // close cURL resource, and free up system resources
        curl_close($ch);

        //Start parsing response into XML data that we can read and output
        $p = xml_parser_create();
        xml_parse_into_struct($p, $xmldata, $vals);
        $errorcode = xml_get_error_code($p);
        if ($errorcode > 0) {
            echo xml_error_string($errorcode)."\n";
            $err = true;
        }
        xml_parser_free($p);

        echo 'Our PUSH-ID: ' . $messageid . "
\n";
        if (!$err && $vals[1]['tag'] == 'PUSH-RESPONSE') {
            echo 'PUSH-ID: ' . $vals[1]['attributes']['PUSH-ID'] . "
\n";
            echo 'REPLY-TIME: ' . $vals[1]['attributes']['REPLY-TIME'] . "
\n";
            echo 'Response CODE: ' . $vals[2]['attributes']['CODE'] . "
\n";
            echo 'Response DESC: ' . $vals[2]['attributes']['DESC'] . "
 \n";
        } else {
            echo 'An error has occured' . "\n";
            echo 'Error CODE: ' . $vals[1]['attributes']['CODE'] . "
\n";
            echo 'Error DESC: ' . $vals[1]['attributes']['DESC'] . "
\n";
        }

    } catch (Exception $e) {
        var_dump($e->getMessage());
    }

    exit();
    // ---------------------------------------------------------------------------------------------------------------

?>

I appreciate any useful message... Thank you for your attention and help

well, I'm a bit confused now...

the problem is already solved without a single change in my code (device and server)...

I think it is a problem of service blackberry... or something else, I don't know... * huff *.

Unable to send message push on server

Greetings,

I managed get record (PIN) for my device id, but I stuck on the development server side, I hope someone could help me

I've followed these 3 references:

1. http://supportforums.blackberry.com/t5/BlackBerry-Push-Development/Problem-with-SEND-Push-Notificati...

2. http://supportforums.blackberry.com/t5/Android-Runtime-Development/Not-receiving-push-notification-o...

3. http://stackoverflow.com/questions/8472331/server-side-problemt-php-push-message-to-blackberry

But I do not get the result as expected, instead, I always have ERROR CODE 2000 like this:

Our PUSH-ID: 1401179949.8267

An error has occured
Error CODE: 2000
Error DESC: 2000

string(217) " "

The string (217) "" contains:

The code I am using:

        $appid = '4746-6135ee38Dm11ro8094c98i7900xxxxxxxxx';
        $password = 'xxxxxxxx';
        $boundary = "mPsbVQo0a68eIL3OAxnm";

        $deliverbefore = gmdate('Y-m-d\TH:i:s\Z', strtotime('+2 minutes'));
        //An array of address must be in PIN format or "push_all"
        $addresses = '';
        foreach ($registatoin_ids as $value) {
            $addresses .= '';
        }

        // Open connection
        $ch = curl_init();
        $err = false;
        $messageid = microtime(true);

        $data =
            '--' . $boundary . "\r\n" .
            'Content-Type: application/xml; charset=UTF-8' . "\r\n\r\n" .
            '
            http://www.openmobilealliance.org/tech/DTD/pap_2.1.dtd">
            
            '
            . $addresses .
            '
            
            ' . "\r\n" .
            '--' . $boundary . "\r\n" .
            // 'Content-Encoding: binary' . "\r\n" .
            'Content-Type: text/plain' . "\r\n" .
            'Push-Message-ID: ' . $messageid . "\r\n\r\n" .
            '{
                "key":"value",
                "key2":"value2"
            }'. "\r\n" .
            '--' . $boundary . '--' . "\n\r";

        $url = 'https://cp4746.pushapi.eval.blackberry.com/mss/PD_pushRequest';
        // Set the url, number of POST vars, POST data
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HEADER, false);
        curl_setopt($ch, CURLOPT_USERAGENT, "SAA push application");
        curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
        curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
        curl_setopt($ch, CURLOPT_USERPWD, $appid . ':' . $password);
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: multipart/related; boundary=" . $boundary . "; type=application/xml", "Accept: text/html", "Connection: keep-alive"));

        // grab URL and pass it to the browser
        $xmldata = curl_exec($ch);

        // close cURL resource, and free up system resources
        curl_close($ch);

        //Start parsing response into XML data that we can read and output
        $p = xml_parser_create();
        xml_parse_into_struct($p, $xmldata, $vals);
        $errorcode = xml_get_error_code($p);
        if ($errorcode > 0) {
            $err = true;
        }
        xml_parser_free($p);

        echo 'Our PUSH-ID: '.$messageid .  "
\n";
        if (!$err && $vals[1]['tag'] == 'PUSH-RESPONSE') {
            echo 'PUSH-ID: ' . $vals[1]['attributes']['PUSH-ID'] . "
\n";
            echo 'REPLY-TIME: ' . $vals[1]['attributes']['REPLY-TIME'] . "
\n";
            echo 'Response CODE: ' . $vals[2]['attributes']['CODE'] . "
\n";
            echo 'Response DESC: ' . $vals[2]['attributes']['DESC'] . "
 \n";
        } elseif ($err) {
            echo 'An XML parser error has occured' . "\n";
            echo '' . xml_error_string($errorcode) ."\n » ;
            echo 'Response' . "\n";
            echo '' . $xmldata . '' . "\n";
        } else {echo '}An error has occurred' . "\n";
            echo ' fault CODE: '. $vals [1] ['attributes'] ['CODE']. "
\n » ;
            echo ' error DESC: '. $vals [1] ['attributes'] ['DESC']. "
\n » ;
            echo '' . $xmldata . '' . "\n";
            var_dump ($XMLDATA);
        } var_dump ($vals);
        Return $xmldata;where record id, I get is already a correct form without the prefix, which only hurts?
			 I finally found the right answer for me, from here:
http://supportforums.BlackBerry.com/T5/BlackBerry-push-development/BB-bis-push-PHP-Server-works-on-p...
Marcboo thanks for the reply.
And then I change the code below
stripslashes($message)

TO:
json_encode($message)

Complete code below, with the necessary adaptations:
';
            }

            // create a new cURL resource
            $err = false;
            $ch = curl_init();
            $messageid = microtime(true);

            $data = '--asdwewe'. "\r\n" .
            'Content-Type: application/xml; charset=UTF-8' . "\r\n\r\n" .
            '
            http://www.openmobilealliance.org/tech/DTD/pap_2.1.dtd">
            
            '
            . $addresses .
            '
            
            ' . "\r\n" .
            '--asdwewe' . "\r\n" .
            'Content-Type: application/json' . "\r\n" .
                    //'Content-Encoding: binary'. "\r\n" .
            'Push-Message-ID: ' . $messageid . "\r\n\r\n" .
            json_encode($message) . "\r\n" .
            '--asdwewe--' . "\r\n";

            // set URL and other appropriate options
            curl_setopt($ch, CURLOPT_URL, "https://pushapi.eval.blackberry.com/mss/PD_pushRequest");
                curl_setopt($ch, CURLOPT_PORT , 443);
                curl_setopt($ch, CURLOPT_SSLVERSION, 3);
                curl_setopt($ch, CURLOPT_CAINFO, getcwd()."\cacert.pem");
                curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

            curl_setopt($ch, CURLOPT_HEADER, false);
            curl_setopt($ch, CURLOPT_USERAGENT, "My BB Push Server\1.0");
            curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
            curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
            curl_setopt($ch, CURLOPT_USERPWD, $appid . ':' . $password);
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

            $__extra_Headers = array(
                "Content-Type: multipart/related; boundary=asdwewe; type=application/xml",
                "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2",
                "Connection: keep-alive",
                "X-Rim-Push-Dest-Port: ".$appport,
                "X-RIM-PUSH-ID: ".$messageid,
                "X-RIM-Push-Reliability-Mode: APPLICATION"
            );
            curl_setopt($ch, CURLOPT_HTTPHEADER, $__extra_Headers);

            // grab URL and pass it to the browser
            $xmldata = curl_exec($ch);
            if($xmldata === false){
                echo 'Error pada CURL : ' . curl_error($ch)."\n";
            }else{
                echo 'Operasi push berhasil'."\n";
            }

            // close cURL resource, and free up system resources
            curl_close($ch);

            //Start parsing response into XML data that we can read and output
            $p = xml_parser_create();
            xml_parse_into_struct($p, $xmldata, $vals);
            $errorcode = xml_get_error_code($p);
            if ($errorcode > 0) {
                echo xml_error_string($errorcode)."\n";
                $err = true;
            }
            xml_parser_free($p);

            echo 'Our PUSH-ID: ' . $messageid . "
\n";
            if (!$err && $vals[1]['tag'] == 'PUSH-RESPONSE') {
                echo 'PUSH-ID: ' . $vals[1]['attributes']['PUSH-ID'] . "
\n";
                echo 'REPLY-TIME: ' . $vals[1]['attributes']['REPLY-TIME'] . "
\n";
                echo 'Response CODE: ' . $vals[2]['attributes']['CODE'] . "
\n";
                echo 'Response DESC: ' . $vals[2]['attributes']['DESC'] . "
 \n";
            } else {
                echo 'An error has occured' . "\n";
                echo 'Error CODE: ' . $vals[1]['attributes']['CODE'] . "
\n";
                echo 'Error DESC: ' . $vals[1]['attributes']['DESC'] . "
\n";
            }

        } catch (Exception $e) {
            var_dump($e->getMessage());
        }

        exit();
    }
}
?>

See you soon

String Format DER or PEM certificates

I have installed a 1.2.0.899 EHT. It is only used for Services, the customer require all employees to access the Developer Portal and validated their credentials using LDAPS. No LDAP, no feature of AD EHT. The problem is that to enable LDAPS I must download the root certification authority for ISE, the client does not provide root CA for security reasons (?); They said that the certificate chain should be sufficient. Even the ISE user guide shows the chain of CA or root certificate. Thus, the client downloaded the (Microsoft 2008) PKI certificate chain and give it to me, but it is in .p7b (PKCS #7) format (they said there is no option to select another format). This format is not supported by ISE, so I need to use third-party tools to convert the file (www.sslshopper.com and openssl). It seems that the conversion is successful, but when I try to download on the ISE certificate store always I get the same error: "unable to read certificate file - please be sure that the file is in PEM or DER format.

The questions are:

1. is the file provided by the infrastructure public key to the p7b format always?

2. what should be the way to convert the file into something the ISE can understand?

3. must be the CA certificate root a better option vey?

Even the problems of conversion indicated above, I tried to open and convert the file by using the MMC. I know that the certificate chain has three files, I got the and downloaded to the ISE. Error of Pentecost two of these three files selected on LDAPS security configuration I can run the "Test bind to the server" with success, but whenever the user tries with his own credentials always access is refused with "invalid username or password".

Locking in the ISE log, I found that these messages:

ERROR, 0x2b263618c940, LdapSslConnectionContext::checkCryptoResult (id = 634): error message = SSL alert: code = 0 x 230 = 560; source = local; fatal = type; message = ' unknown CA - error unable to get issuer certificate locally", LdapSslConnectionContext.cpp:226".

ERROR, 0x2b263618c940, LdapConnectionBindingState::onInput (id = 634): bind ended with an error: 117, LdapConnectionStates.cpp:396

631, WARN, 0x2b263618c940, NILE-CONTEXT, Crypto: result = 1, Crypto.SSLConnection.pvClientInfoCB - alert triggered: code = 0 x 230 = 560, where = 0 x 4008 = 16392, source = local, SSLConnection.cpp:2765

WARN, 0x2b263618c940, NILE-CONTEXT, Crypto: result = 102, Crypto.SSLConnection.writeData - failed to write data, SSLConnection.cpp:970

ERROR, 0x2b263618c940, LdapSslConnectionContext::checkCryptoResult (id = 634): result crypto = 102, LdapSslConnectionContext.cpp:202

ERROR, 0x2b263618c940, cntx = 0000005789 user = tmxedscalcan, LdapServer::onAcquireConnectionResponse: impossible to acquire connection, LdapServer.cpp:461

ERROR, 0x2b263436e940, NILE-CONTEXT, [ActiveDirectoryClient::openCdcConnection] failed to open session of CDC due to error 32: ADClient is not running, ActiveDirectoryClient.cpp:1328

ERROR, 0x2b263436e940, NILE-CONTEXT, [ActiveDirectoryClient::connectClient] AD CDC client connection failed!, ActiveDirectoryClient.cpp:117

ERROR, 0x2b263436e940, NILE-CONTEXT ActiveDirectoryIDStore::performConnection - connection client failed, ActiveDirectoryIDStore.cpp:608

I have no idea how much - what they mean.

Someone told me the convertion with mmc on my pc was a mistake and I need to repeat the same process using the administrative tools on a server

I'm really confused and I don't know how to continue a process of troubleshooting.

How will I know that the original file is correct?

How will I know that the conversion is correct?

As the original string includes three certificates, I should upload them to ISE, separately or in a file?

The sponsor political screenshoot is attached. I have two rules with the same conditions an AD (just to test), one for LDAPS por.

I would appreciate your help

Kind regards.

Daniel Escalante

Hello

If you open the .p7b on a Windows machine. (Do not install)

Go to the Certification path and click the root certificate, click view certificate.

Now you have the root certificate.

Click details, and then click on copy to a file. This give you the possibility of exprot the root cert.

Then click, here you can choose to save in Base 64 encoded (DER) that you can import in ISE.

Click next and save it. Then try to import under Server certifiactes to the ISE

You can do this for sub-CA cert in the chain as well.

HTH

FileMaker Server Pem

Similar Questions

Maybe you are looking for