UTL_HTTPS on HTTPS without certificates (like the curl - insecurity)
UTL_HTTPS can be used for connections to HTPPS without having a certificate stored in a portfolio? Otherwise I get ORA-29024: certificate validation to fail.
Something like curl has the option to ignore the validation of certificate by using paratemer - unsecure.
Thank you!
This should not be possible; you will need to use a portfolio:
http://docs.Oracle.com/CD/B19306_01/AppDev.102/b14258/u_http.htm#i998681
An Oracle wallet is required to perform an HTTPS request.
see you soon
Tags: Database
Similar Questions
-
HTTPS without certificates / portfolio?
Hello
is this possible in Oracle 9i, 11i or 11r2 to connect to SSL sites without requiring a certificate chain filled on Oracle wallet?
Thank you
Robert.You can test your solution using a test certificate, you can request to verisign to provide.
VeriSign will provide you with a certificate of the trial which will be valid for 15 days and you can use it in your test instance.
-
Firefox works fine on my home network or while I connect to the internet directly via data card. However, @ my office use us proxy and for almost all sites (even google search) Firefox stops saying "this connection is untrusted".
Attached are the screenshot for the same thing to help him to help me.
I search a lot and was closest to you that I came to this url https://support.mozilla.org/en-US/questions/978722
Is there a way to Firefox to add office proxy certificate in the certificate chain (don't know if that will help?)
How to solve this? Kindly advice.
I think most of the proxies work similarly: they generate a false certificate to the site and have your browser so that they can decrypt and inspect the traffic between you and the site. It is a hassle to have to make exceptions for individual certificates of false - it is more effective to recognize the certificate that the proxy uses to sign false certificates as valid a certificate authority.
The trick is to identify this certificate. It might be easier to go to IE or Chrome, since both use the Windows certificate store (Firefox uses its own). By inspecting the certificate for a secure site and the certificate used to sign, you may be able to identify and to export this certificate (DER format or .cer).
In Firefox, you who would incorporate in the section of the authorities in the Certificates dialog box:
"3-bar" menu button (or tools) > Options > advanced > mini-onglet Certificates > "View certificates" button > mini-onglet References > "Import..." button »
Of course, it is probably safer to check with your COMPUTER that you've found and exported the correct certificate before you import it into Firefox.
-
I can't access any site secure with her being blocked entirely or has the possibility to access in any case given an untrusted certificate. Secure any site I now have the same message. The name in all areas is 'DIGITALMARKETRESEARCHAPPS PTY LTD'. I'll have after this through IE I can't access Firefox site via firefox. I just upgrade to v26 v27 and did a reset and had no problem before this.
Hello rehmeyer, this seems to be a problem caused by malicious software on your PC.
go to Control Panel / programs and remove all the toolbars, programs, suspicious or things you have not installed intentionally there.
afterwards, run a full scan of your system with security tools like the free version of malwarebytes & adwcleaner. -
I started all of a sudden the problem "untrusted connection" on earlier work https: Web sites with the "not provided any transmitter channel" as a reason. I tried all the proposed solutions and nothing works. I ran several programs antivirus and no viruses or malware detected. I don't have any such installed ESET suggested in the previous solutions. Display of certificates for the default sites shows that the provider in all cases is 'Digitalmarketresearchapps Pty Ltd'. Certificates are always a start date and an expiration of 2039. I think I picked up something that causes the problem, but as I said, none of my antivirus/malware programs are detecting anything.
I had this problem as well, and he ended up caused by the installation of the E-Rewards application notify. I had to uninstall and then restore my computer to an earlier time to fix the signer of the certificate again to "Thawte Consulting (Pty) Ltd". I contacted E-Rewards to let them know and ask why this is happening.
-
Can quicken 2007 run on El Capitan (i.e., os 10.11)? I have one currently using Yosemite and you want to update without losing the use of Quicken 2007. I don't like the new version of Quicken.
Join the club of those of us who don't like Quicken 2015 or 2016 Quicken; even if I bought it for a 40% discount offered by Intuit! I was just disappointed by Q2016 compared to Quicken 2007!
If you have upgraded to the 16.2.3, version it will work well in El Capitan!
-
Hi guys,.
I don't have much experience with echo adobe sign api, I want to let my users send their agreements of my site and I do not redirect to Portal sign echo when sending documents.
Is there a way I can get access to the api token without redirection to the Portal sign echo?
Note: I noticed in the api v2 here REST API - documents electronic signature software - Adobe Document Cloud, allowed to get the token via login and password sent in the http request, does v5 api also supports something similar to that?
Thank you!
Hello Mary,.
According to the mentioned workflow, it is not possible to achieve this goal without going through the platform of E-Sign using calls to API or OAuth.
Kind regards
-Usman
-
Pre complains about SSL certificate on the exchange server
Hello. I just got a pre and tries to set up to communicate with an exchnage server. Pre complains and will not set up the connection with this error message: «"SSL certificate error.» Is the date and time correct? ». The date and time are correct, but the server is running a self signed certificate. This causes no problems with iPhones that use a lot of people here.
How can I fix it? It is not all parameters for this problem.
I spent the weekend trying to test and understand what was going on. I found that if I nominated the e-mail server (name after HTTPS: / / in Setup) the same as the name of certificate displayed in the Certificate Manager (Launcher > Device Info > more info > Menu > Certificate Manager), the error should disappear. The problem for me was that the name of cert in cert Manager was different from address of mail server (in my case server. [domain .local] instead of mail. ([Domain_name] .com). The transformation it seems to use is:
(1) find the certificate...
(2) CN is HTTPS: / / in the installer?
(3) If no, use error 'Verify the certificate, date and time not correct' (or whatever it is) - If Yes, go to HTTPS: / /.
(4) Exchange requires safety pin? If no, proceed to synchronize - if so, use error "unsupported of security policies.
So I looked more closely CERT and it held several common names (CN) for the cert. It seems that ANY OTHER DEVICE can filter through the list of common names, and use the one that works. The Pre uses only (whether first or last, I don't know).
So, there are two options for the certificate problem (I guess the 3rd is that you can return the phone):
FIRST SOLUTION
=====================
(1) check the name of cert in cert Manager.
(2) if it is a name that can be resolved DNS (i.e. [mail]. [mywebsite]. [com]) then change this setting in your exchange installation program in the mail server field beside the HTTPS: / /.
This will only fix it if your COMPUTER administrator has with permissions on the used field. It is possible that an alias is used on other areas
SECOND SOLUTION (as I have done)
=================================
(1) ensure that your Certification Authority is installed. You can do it by clicking START > ADMINISTRATIVE TOOLS > CERTIFICATION AUTHORITY - OR - on a computer on your network using IE/Safari/Firefox and typing http://server/certsrv. If the page is found, then you are installed, if not, then you will need to have installed.
NOTE: SBS 2003 WILL AWARD A CERT TO THE IIS WITHOUT THE ROOT CA. THIS SEEMS TO BE THE PROBLEM WITH THE AUTO CERTS GENERATED I HAD
(2) If you have not installed it, go to this topic, it is well written to get step by step instructions how to install, create demand for cert, create the cert and install the cert (it took me about 30 min). http://www.MSExchange.org/tutorials/SSL_Enabling_OWA_2003.html
NOTE: IF YOU ALREADY HAVE A CERT ON IIS, YOU NEED TO REMOVE IT AS IT IS "DEFECTIVE" CERT BEFORE YOU CAN REQUEST A NEW CERTIFICATE. YOU MAY BE ABLE TO REINSTALL OVER THE NEW CERT, BUT I DON'T KNOW
(3) open https://mail.domain.com/exchange on your computer - display details of the cert and save the file on your desktop - if you are using a laptop, you can also install it on your laptop to use for use outside the Office (this is also a good back-up that you can use to get more later if needed again).
(4) plug your pre in USB mode.
(5) slide the cert and unplug the USB cable
(6) go to cert Manager
7) tap on the icon of "Sun" at the bottom left
(8) press on the new file cert that you save in USB mode
(9) to confirm that the new cert appears with the name of the correct mail server
10) go to the e-mail program and configure the exchange account
The above will create a REAL root cert (not IIS domain root Cert) that the Pre can work with.
Really, I don't know that how/why Palm overlooked this possibility because they claimed so-called does not want to sell to companies who need strict security requirements. For me, it means a small / medium company that has limited IT supports (according to the needs, pay as you or green guy with limited knowledge). Then, why they test the GER in this environment, I'm not sure. I bet they were tested on their own network, which has all the correct methods, best practices for the management of cert. I guess it's like the developers that they have offended and almost lost their support until turned it over and said: 'sorry, we really want make you programs for our platform WebOS. ". We've just been paranoid for so long salivate us when the bell rings. "They just didn't beta test this well enough. The sad result of this is that Sprint will have to address all of the sheets because this certificate simple reading process was given only minimal recognition capabilities.
But having said that - I'm now completely in love with my pre!
I'm happy to try to help if you need it. I found a lot of the forum of solutions were not enough detailed, so do not hesitate to contact.
-
AnyConnect 3.1 - the certificate on the secure gateway is not valid
Hi guys,.
I have a problem with the Anyconnect 3.1.01065.
When I try to connect I get the "the certificate on the secure gateway is not valid. A VPN connection can be established.
The certificate is a signed cert self.
Woks AnyConnect 2.5 without problems.
Image of the ASA: 8.4 (2).
[27.11.2012 15:58:27] Ready to connect.
[27.11.2012 16:01:49] Contact IP_WAN.
[27.11.2012 16:01:52] Please enter your username and password.
[27.11.2012 16:02:01] User credentials entered.
[27.11.2012 16:02:02] Establish the VPN session...
[27.11.2012 16:02:03] Checking for updates to profile...
[27.11.2012 16:02:03] Checking for updates...
[27.11.2012 16:02:03] Checking for updates of customization...
[27.11.2012 16:02:03] Execution of required updates...
[27.11.2012 16:02:08] Establish the VPN session...
[27.11.2012 16:02:08] Setting up VPN - initiate the connection...
[27.11.2012 16:02:09] Disconnection in progress, please wait...
[27.11.2012 16:02:13] Connection attempt failed.
Anyone had this problem before?
Thank you very much.
Hello Cristian,
Please see this:
CSCua89091 Details of bug
the local certification authority must support the EKU and other necessary attributes
Symptom:
The local CA on the ASA server currently does not support attributes like the EKU. This enhancement request is to add support for this. Workaround:
Configure the cert on the customer's profilehttp://Tools.Cisco.com/support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId= CSCua89091
And the following:
DOC: Anyconnect supports Extended Key use specific attributes in CERT
Symptom:
When using certificates with the anyconnect client if the certificate is installed on the SAA does not have the EKU attribute set to "Server authentication", then the anyconnect client will reject the ASA certificate as invalid. The certificate of the client id must also be '-l' client authentication "otherwise the ASA he will reject... Conditionsof :
Use a certificate of id on the ASA with one other than «authentication server» EKU
Use a certificate of id on the client that has one another EKU that '-l' client authentication.Workaround solution:
Generate a new certificate of ID with correct extended key usagehttp://Tools.Cisco.com/support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId= CSCty61472
If at this point, you need to set up the corresponding certificate or use an earlier version of the AnyConnect client.
HTH.
Please note all useful posts
-
unlock the certificate with the blank password (no)
Hello
on the certificates (https://build.phonegap.com/people/edit#unlock-key ) page when I upload the .p12 file created with NO password export,
It seems that I can't unlock it, because the popup of release must have a certain value in the password field.Also, I tried to unlock using the API:
CURL u [email protected] : k d thepassword "data = {\"password\":\"\ ""} ' SET x https://Build.PhoneGap.com/API/v1/Keys/iOS/549200
but it does not work as can be learned also the docs:
-api-v1-cles-plate-forme-id http://docs.PhoneGap.com/PhoneGap-build/developer-API/write/#-put-HTTPS-build-PhoneGap-com-Is it possible to build with this certificate without password?
Thank you!
Are mix you the push notifications certificate and the certificate of construction?
The APNS certificate is not used for the signing of iOS apps, it's only for your credentials to push notification server.
-
I don't really like the look-and-feel of the new pdf.js Viewer. On my machine (6 yr old HP running Windows XP with sp 3) it displays more slowly than Acrobat Reader, and I was perfectly happy with the Acrobat Reader plugin. Frankly, I want to disable pdf.js, but have not been able to find a way to do it. It does not appear anywhere that I could find the Add-ons Manager. I don't want to be forced to use a feature that seems to be a detriment to performance, at least for me. Mozilla, please review this!
You can set the pref pdfjs.disabled true on the topic: config page to disable the build-in the PDF Viewer and use the Adobe Reader software instead.
See also:
-
Creation of my own CA, self-signed certificates and the use of these
I'm stupid. Three years ago, I created my own CA and my own wildcard certificate for my OS X Server (always 10.8.5 with Server 2.2.5). I install my public Root CA on clients who make use of my server. At these must not often updated and the work is complex, so I created a CA Vault take care of a few scripts and configuration of openssl. What I forgot is document how to get these used by Server.app. That's why I'm stupid, because I struggle to reproduce what I did and discovered three years ago.
I use two scripts. (MYNAME, mydomain and tld are generic strings, of course in reality I use my own name and mydomain.tld)
The first is for the creation of a root certification authority:
#!/bin/bash # Only edit these: mycaname="MYNAME Certificate Authority" myrootname=mydomaincaroot # Run in current dir: mydir=`pwd` mkdir RootCert >/dev/null 2>&1 if [ ! -e "$mydir"/RootCert/"$myrootname".key -o \ -e "$mydir"/RootCert/"$myrootname".crt ] then openssl req -config "$mydir"/openssl.cnf \ -new -x509 \ -keyout "$mydir"/RootCert/"$myrootname".key \ -out "$mydir"/RootCert/"$myrootname".crt \ -days 3650 openssl pkcs12 -export -clcerts \ -inkey "$mydir"/RootCert/"$myrootname".key \ -in "$mydir"/RootCert/"$myrootname".crt \ -out "$mydir"/RootCert/"$myrootname".p12 \ -name "$mycaname" echo "Now import ""$mydir""/RootCert/""$myrootname"".p12 in KeyChain" echo "For this, unlock the System KeyChain first, then import" echo "NOTE: this imports your private key in the System Keychain" echo "So it can be used for signing activities." echo "This is less safe then keeping your private key on media that" echo "cannot be accessed from the system, like a safely stored USB stick" else echo "Your root CA crt and key already exist! I will not overwrite this" echo "as this could overwrite a still used private key and lose you access" echo "to signed certificates, e.g. for revoking them" fi
I think I know what to do (but Advisor is always welcome). I have to add the certificate of generic identity for the Keychain system, after which I can use in.app.
Now I encounter another problem: when I enter the certificate in the system Keychain, it ends up in/etc/certificates without a. fichier.pem. See: OS X 10.8.5 Server 2.2.5/Keychain Access certificates issue for more details.
Help is always welcome.
-
I can install Windows 7 without initially providing the product key?
Peut I install Windows 7 without initially provide the product key during installation? I'd rather go once the installation is finished, I just have to copy and paste it in the email like that.Hello
Yes, you can try a free key of Windows 7 Installation. But be sure that you enter the product key to activate Windows wihtin 30 days grace period. Once the 30 days grace period end your system will go in any safe and you may need to reinstall the copy again.
Unlike Windows Vista, if you si vous achetez buy Windows 7 DVD you get specified edition disk and installation you will not get an option to select the edition. Almost to the last step of the Installation, you will get the opportunity to enter the product key that you can jump and try to enter the product at the time of the Activation key.
Thank you
Hamidou ndiaye -
Certificates on the same VIP ACE
Hi all, I have a problem with the configuration of the certificates on ACE, I a serverfarm with two realservers, these server runs three different areas on a same VIP (handle of Apache which one is delivered to the user), we want to put https to servers running the SSL termination, but I can understand if that can be achieved with a single VIP or if I need to three personalities , one for each of them and associate each of those only one certificate. (With one, I use hourly certificate chains?). Another thing that sounds reasonable to me is use of the class cards with L7 URLs matching air, in this case, I think that can be achieved with a VIP, but if anyone knows it please help.
Thank you!
Hello
You are welcome. Yes, if you have several domains, you should have different certificates for obvious reasons of security. If you have a domain and many subdomains, you can use a wildcard certificate. If you have domains that differ such as abc.com and ABC.net, abc.org, you can use WITHOUT certificates and Yes ACE can take L7 decisions/reading L7 given as a cookie etc after SSL handshake and make decisions accordingly, as shown in the example in config I pasted above. If you have any questions in the future related to this, please do not hesitate to ask :)
Kind regards
Kanwal
-
RADIUS with IAS without certificate?
Is it possible to configure a WLC to use Microsoft IAS without issuance of a certificate?
N ° IAS can only do PEAP and EAP - TLS, which require a certificate on the side server. You can use your own CA to issue this certificate. For a walk through invasive exotic species, go to http://www.dweezlenation.com
HTH,
Steve
Maybe you are looking for
-
My son got locked out of his iPod which is now disabled. We only have data, no land wifi, so I can't use iTunes because it wants to update with restore it and its too slow using hotspot so it will not be updated. Any suggestions what to do? I can't g
-
How to change the aperture in canon t6i
How to change opening in SLR digital canon t6i
-
No scanning utility for Mg5522...
I recently bought a MG5522 and I am using windows 7... There is no scanning utility loaded when setting up and older versions of MP Navigator won't work...Is there a way to get the scan utility to load from the installation disc? OR is there a 3rd
-
tryng to install google chrome and it comes up with does not initialize... error OXC0000135
Google Chrome installs... it comes up with ' no initialization not... .error OXC0000135. Your help would be appreciated. XX
-
Sales to RETAIL Windows 7 with key OEM activate after replacing the motherboard in a laptop?
Hello The motherboard of my HP laptop is dead and I replaced it. I want to reinstall Windows 7 Home Premium on it, and I deleted the recovery partition (I know, I shouldn't, but it's done and there's no going back) Can I borrow a friend (RETAIL) Wind