For the SSL certificate expiration date

Hello

We use Adobe LiveCycle Installation of JBoss, and the SSL certificate that we use to enable rights management has expired.

We have created a new which now works fine, but we would like to know if there is a way to control or extend the expiration date of the certificate, such as 3 months is a very short time.

Kind regards

Marwa

The server SSL certificate is used for active between Acrobat and LiveCycle Rights Management Server to encrypt HTTP traffic.  It 'does NOT' management of rights in itself.  In other words, even if at the end of the ceriticate SSL, Adobe LiveCycle Rights Management will continue to work.

You do not control the expiration date of the certificate.  The -validity argument allows you to control, in terms of days.  3650 will set the expiry of 10 years from the date of creation.

More details here:

http://blogs.Adobe.com/LiveCycle/2007/10/configuring_jboss_403_sp1_for_1.html

Tags: Adobe LiveCycle

Similar Questions

  • What everyone uses for an SSL certificate on the wireless controller?

    If I use the SSL certificate generated locally on my WLC Internet Explorer always shows the "untrusted cert alert" when users try to authenticate through the web interface. What can I do to fix this do I need to buy a cert? If so where is the best and the best place to do this? GoDaddy? Also, I bought one for my mail server and had set a domain during the process name. What should I use for my WLC? The URL during the authentication process web show https://1.1.1.1

    RapidSSL is your best bet. It is less than $90 for 1 year with renewal and insurance. 5 years is like $ 380. GoDaddy will not work because they use chained certificates.

    On the VIP, you enter the DNS domain name as what you used on the certificate CN when generating a csr. Of course, you have to solve the CN name to 1.1.1.1 or change the 1.1.1.1 to another ip address that is not on your network. Restart the wlc and your done.

  • Setting the SSL certificate for the web user interface

    How can I configure the SSL certificate for the management of a SG300 interface? I don't seem to find the configuration option in the web gui?

    Hello Dirk,.

    For import / create / modify h99350 ssl please go to ' ' security > SSL server > SSL server authentication settings.

    HTTPS is enabled by default.

    Thank you and best regards,

    Siva

  • Help generate the SSL certificate for the Security Server

    Hi people,

    We have server (ss - 01.mydomain.local) security and connection server (cs - 01.mydomain.local). Now intend to install a certificate on the Security server. What should be the common name.

    our Web site is something like access.mydomain.local.

    Also, we plan to install SSL only on security for internet access server, this will affect the internal users, access to the connection to the server.

    Thanks and greetings

    J P Raj

    Take a look at the link below

    https://pubs.VMware.com/horizon-view-60/topic/com.VMware.ICbase/PDF/horizon-view-60-scenarios-SSL-certificates.PDF

    Internal users will not be affected when you install the Security server certificates

    Simply create a CSr file > get certificates and import them to the Security server in the MMC guide explains practically everything. If you already have certificates wildcard certificates, then you can follow the sub process

    (a) export the server certificates

    (1) to connect to the server that has certificates

    (2) for this server to export it to a PFX format certificate.

    (3) open the Microsoft MMC Certificates snap-in for the computer account.

    4) navigate to certificates (Local computer) > personal > certificates.

    (5) right-click on the signed certificate that is to be exported.

    6) click all tasks > export.

    (7) on the Welcome screen, click Next.

    8) click Yes, export the private key.

    (9) if it is an option, click on include all certificates in the certification path.

    (10) enter a password for the private key. This is required for the import certificates.

    (11) to enter a file name and location. For example, C:\certificates\certificate.pfx.

    12) click Next.

    13) click Finish.

    b) import it to the use of broker or planned connection securityr.

    Certificates of thye 1) import (preferable Pfx format) for the server broker or planned connection security.

    (2) open the Microsoft MMC Certificates snap-in for the computer account.

    3) navigate to certificates (Local computer) > personal > certificates.

    (4) right-click the certificates.

    5) click on Import.

    (6) through the pfx and click Next.

    (7) enter the certificate password.

    (8) select Mark keys as being exportable.

    9) click Next.

    10) click Finish.

    (c) restart Consulting Services

    To restart the services:

    Log in as an administrator on the server that is running the Server VMware View connection server VMware View connection or VMware View Server Security.

    Click Start > run, type services.msc and press ENTER.

    In the list of services, right-click on the VMware View connection Server or VMware View Server Security service.

    Click on restart and wait for service to stop and start.

  • ASA view user certificates expiration date

    Hello!

    There's ASA with remote VPN access and the users are authenticated using third party signed certificates (it's not local ASA).

    When the user certificate expires I can see it in syslog messages. For example:

    % ASA-3-717009: failed validation of certificate. The certificate date is out-of-range, serial number: (...)

    I would like to know if there is an opportunity to see certificate expiry date in advance, for example, the user, 3 days before?

    Thank you!

    Hi Oleg,

    the user should get a warning when its certificate expires, but on the SAA you cannot detect that, sorry.

    HTH

    Herbert

  • SSL certificate expired Indesign CS6

    I open Indesign this morning and I find that the SSL certificate has expired. So my question is, since Adobe has released with CC, is it going to be the trend at Adobe? Is that going to be way Adobe to tell me to go CC? Because I certainly am not impressed that I have to come in and change the settings so I don't get the message posted below whenever I open Indesign, which is a legitimate paid for copy. I plan to go to CC, but when I'm ready. As you can tell, I'm not happy to be with this announcement.

    Screen Shot 2013-08-04 at 7.11.32 AM.png

    hl2rcv.Adobe.com is one of the headlights of Adobe receivers. They collect information about the anonymous use of the program Imporovement of product (for example, what are the features you use and how often, everything falls into failure or error dialog boxes), then the expired certificate will not stop the operation of the software itself and does not mean that there is nothing wrong with your license (CC subscriptions activations go through an entirely different network servers).

    I'm sure that someone will update the SSL certificate as soon as possible, but if you want the warnings to go away just disable participation to improve the product (via the Help menu).

  • How can I set up email when the field on the SSL certificate does not match?

    I am a customer of Dreamhost and don't know if our situation is unique or not, but both smtp and imap are "mail.example.com" even if the SSL certificate belongs to ' *. DreamHost.com'.

    I was not able to set up the email on my flame app because I get the following error:

    > Could not establish a connection with "mail.example.com". There may be a problem with your network or server.

    I think the problem is the lag of domain name, but I can't find a way to accept the certificate.

    Hello!

    According to the official DreamHost wiki site , you can try this (cut-and-pasted from the page). If it doesn't work, there are still other options available on the page.

    To connect to the mail server using the name of the server dreamhost.com instead of messagerie.votre_domaine.fr.

    Use the following steps to determine the name of the server to use:

       In the DreamHost Control Panel
   Click "Account Status" in the upper right hand corner
   Look for the "Your Email Culster:" at the bottom of the list.
   Find your cluster in the table below.
   Use the server name for the incoming server in your mail program.

    Name of Server Cluster e-mail
    homiemail-sub3 sub3.mail.dreamhost.com
    homiemail-sub4 sub4.mail.dreamhost.com
    homiemail-sub5 sub5.mail.dreamhost.com
    homiemail-master homie.mail.dreamhost.com

  • How to install the ssl certificate in windows server 2008?

    Hello

    Can someone give me the steps to install the SSL certificate on my application hosted on windows server 2008 R2?

    Hello

    Although technet.microsoft.com should be the best forum for the problems of server below is a guide on how to install an SSL certificate.

    It will be useful.

    To install your newly acquired in IIS 7 SSL certificate, first copy the file somewhere on the server and then follow these instructions:

    1. Click on the start menu, go to administrativetools and click on Manager of Services Internet (IIS).
    2. Click the server name in the links on the left column. Double-click server certificates.

    3. In the Actions column to the right, click Complète Certificate Request...

    4. Click on the button with the three points, and then select the server certificate that you received from the certificate authority. If the certificate does not have a .cer file extension, select this option to display all types. Enter a friendly name that you can keep track of certificate on this server. Click OK.

    5. If successful, you will see your newly installed in the list certificate. If you receive an error indicating that the request or the private key is not found, make sure that you use the correct certificate and you install it on the same server that you generated the CSR on. If you are sure these two things, you just create a new certificate and reissue or replace the certificate. If you have problems with this, contact your certification authority.

    Bind the certificate to a Web site

    1. In the column of links on the left, expand the sites folder, and click the Web site that you want to bind the certificate to click links... in the right column.

    2. Click the Add... button.

    3. Change the Type to https , and then select the SSL certificate that you just installed. Click OK.

    4. You will now see the listed link for port 443. Click close.

    Install all the intermediate certificates

    Most of the SSL providers issue certificates of server out of an intermediate certificate so you will need to install the intermediate certificate on the server as well or your visitors will receive a certificate error not approved. You can install each intermediate certificate (sometimes there are more than one) by following these instructions:

    1. Download the intermediate certificate in a folder on the server.
    2. Double-click the certificate to open the certificate information.
    3. At the bottom of the general tab, click the install Certificate button to start the Certificate Import Wizard. Click Next.

    4. Select place all certificates in the following store , and then click Browse.

    5. Select the Show physical stores checkbox, then expand the Intermediate certificate authorities folder, select the below folder on the Local computer . Click OK. Click Next, and then click Finish to complete the installation of the intermediate certificate.

    You may need to restart IIS so that it starts the new certificate to give. You can verify that the certificate is installed correctly by visiting the site in your web browser using https rather than http.

    Links

    Kind regards

    Joel

  • MSE 8510: default SSL certificate expired

    Hello community,

    the SSL certificate self-signed of our MSE8510 that has been Setup automatically during installation has expired. Is there a way to create a new directly on the box or do I need to do external and transfer?

    Someone has a short guide on how to do it?

    Thank you

    Renz

    Check:

    http://www.Cisco.com/en/us/docs/Telepresence/infrastructure/articles/mcu_certify_https_connections_157.shtml

    Its always a good idea to browse the first cisco documentation site! :-)

    You will find also some information when you use google, such as:

    http://blog.codesalot.com/2010/11/25/creating-certificates-fo-Codian-MCU/

    Please remember useful frequency responses (using the stars below) and mark answers useful or correct .

  • The SSO authentication: the SSL certificate is unknown

    Hello

    I'm trying to configure orchestrator solution to use SSO for authentication. Although the vCenter certificate is installed and displayed in the trust to SSL Manager, I get the following error:

    The SSL certificate is unknown. You can fix this in the SSL Certificate tab.

    Tried to reinstall the certificate, restart the device - without success. Username and password are correct.

    I use Version of the device: 5.5.0.0 build 1282845, vCenter 5.5.0, 1476327.

    How can I solve this problem?

    By "vCenter certificate is installed," do you mean Certificate SSL VC (imported from https://[vc-ip]:443)?

    For SSO authentication, you must also import the UNIQUE https://[sso-ip]:7444 authentication certificate

  • Cannot save vSphere Web Client after the replacement of the SSL certificate

    Hi all

    I have followed the Articles of Derek Seaman on the replacement of all the certificates in vSphere 5.1 and have since turned to the VMware KB Articles. I replaced the certificates for the SSO, the inventory Service and vCenter Server with no problems (other than having to use OpenSSL-Win64 for vCenter certificate that I could not get the x 86 version certificate of work, makes no sense, but I'll take the small victory).

    If you follow the guide of vmware to replace the web service certificate, http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC & docType = kc & docTypeID = DT_KB_1_1 & externalId = 2035010, I get to step 12, enter the VMware vSphere Client Web back to vCenter Single Sign On and the following error:

    ##########################

    D:\Program Files\VMware\Infrastructure\vSphereWebClient\SsoRegTool > regTool.cmd registerService - cert "C:\ProgramData\VMware\vSphere Web Client\ssl" - ls - url ( https://(Server URL): 7444/lookupservice/sdk - username admin@system-domain - password (password) - dir 'D:\Program Files\VMware\Infrastructure\vSphereWebClient\SsoRegTool\sso_conf' - ip "*." ' * ' - serviceId-file 'D:\Program Files\VMware\Infrastructure\vSphereWebClient\serviceId'

    No file properties not found
    Initialization of provider of record...
    SSL certificates for https://vsphere.au.ray.com:7444/lookupservice/sdk
    SSL certificates for https://vsphere.au.ray.com:7444 / sso-adminserver/sdk
    Unhandled exception trying to escape: null
    Return code is: OperationFailed
    100

    ##########################

    VMware technical support suggested I uninstall all components, delete all databases and try again. I have done this and have exactly the same result.

    Has anyone seen elsewhere or managed to solve?

    Chris

    So, I managed to solve this problem. Not sure that this applies to everyone, but my problem was caused by registering using among other names of the subject in the SSL certificate for the SSO rather than the common name of the certificate.

    For example, the server name is server1.company.com. It is the common name of the certificate. But one of SAN of the certificate has been "vSphere.company.com".  If I used this other name in one of the component records that they would fail. I found that I have to use the common name. Even if the alternative names of job access to via your browser web, there is no certificate warning, if the registration of components using these names, it would fail.

    It seems crazy that you can use any of the San... then why allow us to make?

    Initially, I tried to replace the authentication certificate ONLY when the town was called vsphere.company.com, rather than the hostname of the server, and which is installed. However, try to install the Web Client would fail. When you come to the step where you have to accept the certificate of SSO, the installation fails because the common name of the certificate does not have the host name of the SSO server. It seems insane to me... why the host name of the server running the SSO should still come in when all calls are over HTTPS is simply absurd!

    I confirmed this with VMware Technical Support and they checked my conclusions.

  • Unable to connect to the VMware Research Service - the SSL certificate verification failed

    Hello world

    to implement the new vCSA 5.1 but I get an error when you try to connect via browser Web Client.

    "Impossible to connect to the VMware Research Service . https://xxx.xxx.xxx.xxx:7444/lookupservice/sdk - The SSL certificate check failed. »

    I've found this KB

    http://KB.VMware.com/selfservice/search.do?cmd=displayKC & docType = kc & externalId = 2033338 & sliceId = 1 & docTypeID = DT_KB_1_1 & dialogID = 423540040 & StateID = 1% 200% 20423538503

    The manual/work around seems to be a lot of work for me and perhaps this will cause other problems in the service due to problems of certification :/

    I also think that this cannot be the solution for a whole new vCSAppliance...-_-

    I am also able to go to https://xxx.xxx.xxx.xxx:9443 / admin-app

    is it correct for the device?

    You need to regenerate the certificate for Server Appliance after change of IP/hostname.

    Visit this link: http://www.virtual-blog.com/2012/09/failed-to-connect-to-vmware-lookup-service/

    Also, the admin/management interface is https://: 5480

    Lack of credentials [root/vmware]

    HTH

  • Update the SSL certificate on a security server?

    Good afternoon everyone,

    I'm trying to update the SSL certificate on the server of our security, but I'm running into some problems.

    DigiCert (we get our certs of), not like the VMWare KB article order to request a 2048-bit crt, so we used their tool to generate our a commandsfor us:

    keytool - genkey-server alias - keyalg RSA - keysize 2048, FULL domain name -.jks keystore - dname 'CN = CNNAME, OR = OUNAME, O = ONAME, L = NAME, ST = STNAME, C = CNAME'

    keytool-certreq alias server-file FQDN.csr - FULL.jks domain name

    (I did not show the exact details of the CN name, etc.)

    It makes the keystore a .jks instead of a .p12

    Should this cause problems?


    Because after I imported the cert in the keystore, change the config locked file to reference the key file and restart the Server Security Service, it does not restart properly. (Defining the locked towards the old works fine keystore file, then restarting the service works find though.)

    This documented error in Event Viewer:

    Not able to create the com.vmware.vdi.ice.server.JMXServer.main(SourceFile:211) MBean server
    javax.management.MBeanException: Exception thrown in the startServer operation
    at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:435)
    at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
    at com.vmware.vdi.ice.server.JMXServer.main(SourceFile:209)
    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at net.propero.workspace.windowsinfrastructure.tunnelservice.TunnelService.run(SourceFile:34)
    at java.lang.Thread.run(Thread.java:595)
    Caused by: java.lang.Exception: ice beginning: null
    at com.vmware.vdi.ice.server.Ice.startServer(SourceFile:695)
    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)

    Should I request/pay for a new cert so my base keystore is .p12 instead of .jks?

    Hello

    I think that the command you mentioned creating a CSR only. You get a digicert certificate after sending this rea and create a keystore with whom?

    Please follow the steps in this KB to complete the whole process.

    http://KB.VMware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalID=1008705

    -noble

  • How can I use internal clock case OR USB - 6259 BNC for the acquisition of digital data in my own big software?

    I want to integrate the ANSI C sample program ReadDigPort - ExtClk.c in my own big package.

    I want to use the internal clock of the BNC NI USB-6259 (.. 80 kHz 120 kHz).

    In the document:
    High speed M: Series Multifunction DAQ for USB - 16-bit, up to 1.25 MECH built-in BNC connectivity. / s,.
    is written:
    Or sample DI source clock: Any PFI, RTSI, HAVE sample or convert clock, AO, Ctr n out internal and many other signals sample clock
    The digital subsystem doesn't have its own dedicated internal synchronization engine. Therefore, a sample clock must be provided another subsystem on the device or from an external source.

    How can I use internal clock case OR USB - 6259 BNC for the acquisition of digital data in my own big software?
    With what other subsystem on the device can generate a source of the clock? How?

    It is possible to set a clock on an internal counter (for example ' Dev1/ctr0"):
    Creates channels to generate digital impulses that define the freq and dutyCycle and adds the channel of the task that you specify with taskHandle.
    DAQmxCreateCOPulseChanFreq (taskHandle, "Dev1/ctr0" units, clockName, idleState,
    initialDelay, freq, the duty cycle); works

    But it is not possible to drive this internal clock to a terminal (for example "/ PFI0/Dev1"):
    DAQmxErrChk (DAQmxCreateCOPulseChanFreq (taskHandle, "/ PFI0/Dev1", clockName, units, idleState, '))
    initialDelay, freq, the duty cycle); does not work: error DAQmx: measurements: type I/O of the physical channel does not match the type of I/O required for the virtual channel you create. Name of the physical channel: PFI0. Name of the virtual channel: clock

    The sample clock source can be derived from an external terminal (for example "/ PFI0/Dev1"):
    Sets the source of the sample clock, the sample clock rate and the number of samples to acquire or generate.
    DAQmxCfgSampClkTiming (taskHandle, "/ PFI0/Dev1", maximumExpectedSamplingRate, DAQmx_Val_Rising, ")
    DAQmx_Val_ContSamps, bufferSize); works. Acquire or generate samples until you stop the task

    But it is not possible to derive the internal counter of the clock (for example ' Dev1/ctr0"):
    DAQmxCfgSampClkTiming (taskHandle, "Dev1/ctr0", maximumExpectedSamplingRate, DAQmx_Val_Rising,
    DAQmx_Val_ContSamps, bufferSize); does not work. Error: Acquire or generate samples until you stop the task: make sure that the name of the terminal is valid for the specified device. See Measurement & Automation explore valid names of terminals. Property: Property of DAQmx_SampClk_Src: DAQmx_SampClk_ActiveEdgeSource device: Terminal Source Dev1: Dev1/ctr0

    Hi datafriend,

    using what it says is correct:

    Or sample DI source clock: Any PFI, RTSI, HAVE sample or convert clock, AO, Ctr n out internal and many other signals sample clock
    The digital subsystem doesn't have its own dedicated internal synchronization engine. Therefore, a sample clock must be provided another subsystem on the device or from an external source.

    This means that if you do not use an external signal as clock you can use the sample clock to HAVE it on board or at the output of the internal counter.

    There are also 2 ANSI C examples in this regard:

    http://zone.NI.com/DevZone/CDA/EPD/p/ID/4485

    http://zone.NI.com/DevZone/CDA/EPD/p/ID/4488

    So in both cases you have to use a fictitious task you need only for the generation of the internal clock (HAVE or CTR)

  • FAT32, exFAT, NTFS, which is the best for the recovery of deleted data?

    I have a usb 3.0 port (Kingston 100 3 16 GB) to store my important data. I read the article on this site: http://www.ntfs.com/ntfs_vs_fat.htm

    and they say recoverablitity of exFAT is "Yes if FAT active." I don't know what FAT and how to activate it, and what type of file system should I use (FAT, exFAT, NTFS) for the highest ability of data recovery if they are deleted?

    Hello

    Thanks for posting your query on the Microsoft Community.

    According to the description of problem, you're ready to recover the deleted data and would like to know some information about the FAT.

    A transaction-safe FAT (FAT) file system is a file system designed specifically to ensure the security of transactions for data stored on a disk. FAT requires a driver of specific hardware designed for the type of media on which the volume of FAT will exist. Assuming that there is a driver of material-specific secure transaction block, and that the driver provides interfaces to standard FAT file system, the FAT may work on removable media such as Compact Flash cards and digital cards secured, as well as media not removable, such as hard drives and NAND Flash memories.

    By design, the FAT file system is not a secured file transaction system. FATF may be corrupted if a write operation is interrupted in the middle of a transaction. Interruptions to occur due to loss of power or the suppression of the media. Fat is corrupted when the content of the FAT table does not have directory sections or data on the volume.

    I suggest you to return the article mentioned below and see if it helps you to recover lost or deleted data on your computer.

    Recover lost or deleted files

    As you disposed him to know FAT and his work, then here are some articles that might help you to learn more about FAT and its function.

    With the help of FAT (Windows CE 5.0)

    How to set up a system of FAT (Windows Embedded CE 6.0) file

    Transaction-Safe FAT File System (Windows IT 5.0)

    Implementation of FAT (Windows IT 5.0)

    Additional information:

    You can see the article mentioned below to learn more about NTFS and FAT32.

    Comparing the NTFS and FAT32 file systems

    Hope that the information provided is useful. Let us know if you have any concerns related to Windows. We will be more than happy to help you.

    Kind regards

Maybe you are looking for