I have a W2012 server that I upgraded to W2012 R2. I have DPM installed but it stops working when updating to R2.
In the MMC the "folders" DPMBackupStore and DPMRestoreStore are missing and I think that's the problem, I can't "link" the certificates with the DPM.
DPM Error:
24071 This DPM server is not authorized to read or write to this encrypted tape because there is no valid certificate in the DPMBackupStore and DPMRestoreStore that can decrypt data.
Any idea how to fix it?
Thanks.
(This "folders" are missing https://lh6.ggpht.com/-QhONzkidj_M/T0OxnwB7fUI/AAAAAAAAEEY/BccuTOhRZ04/8_thumb.png?imgmax=800)
Related
Like many I have received the MSB3325 strong naming error, I am targeting a pfx file and have tried to install the certificate directly to the CSP at the given container. The certificate is installed on the machine I am working on.
I generated the CSR through OpenSSL and received a p7b from a Certificate Authority, which I then converted to pfx with the key used in generating the CSR (I have also tried using online converters from different CAs to ensure I was not messing up the conversion through OpenSSL). I can confirm the pfx certificate contains the same key.
The sn -i cert.pfx VS_KEY_XXXXXXXXXXXXXXXX succeeds in pairing to the container but I get the exact same error and a failed build. I have tried many times to recreate the pfx and delete the container to pair to the new one. Initially I did not sign a password to the certificate (just pressed enter) but I have also tried giving it one, it made no difference.
I am trying to sign a WPF project and so far have been frustratingly unsuccessful.
Am I missing something? Many hours of research and all results come up to use the sn -i command to fix the problem.
I am trying to connect via SSL to a PostgreSQL using FireDac in Delphi. I have followed the instructions at the following site:
https://www.howtoforge.com/postgresql-ssl-certificates
I have created all the certificates. Configured the postgreql.conf as specified so it points to the required files. Copied the specified files to the client machine and installed the root.crt certificate.
Via FireDAC's connection params I have specified the following:
Params.values[SSL_ca']:=sslCertsPath+'root.crt';
Params.values['SSL_cert']:=sslCertsPath+'postgresql.crt.';
Params.values['SSL_key']:=sslCertsPath+'postgresql.key';
I am getting a connection error re invalid client certificate. I am not sure which certificate it is referring to and why it is invalid. Am I specifying the correct client certificates by way of the connection's params? If so, any suggestions as to why I may be getting the error please?
OpenSSL verify against the root.crt and postgresql.crt confirms the certificate is ok.
After over 3 weeks of frustration trying to set up PostgreSQL with SSL using FireDAC, I have finally figured out what the problem is and what the solution is.
For anyone wishing to connect using FireDAC, the howtoforge guide (see link in original post) works fine.
However, do not use the FireDAC parameters in my original post. PostgreSQL does not use them. You need to use the PGAdvanced parameter.
But even after figuring this out, I still could not get it to work for weeks until after testing I got an error message which finally made it clear what I was doing wrong. On Windows PostgreSQL strips out path delimiters unless you escape them (this is not mentioned in the PostgreSQL or FireDAC help files as far as I can see).
Below is an example of the correct way to connect using FireDac paramaters for ssl
Params.values['PGAdvanced']:='sslmode=verify-ca sslrootcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\root.crt sslcert=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.crt sslkey=C:\\ProgramData\\MWC\\Viewer\\Certs\\postgresql.key';
If you don't wish to use a root certificate set sslmode to require.
I'm trying to deploy an application via web deploy to a windows 2012 r2 server.
First tried installing iis, web deploy using the msi. After getting an unreachable error I saw somewhere that I needed wmsvc to be installed and installed it via powershell command Install-WindowsFeature Web-Mgmt-Service.
I stopped getting the unreachable error and started getting this error ->
Error: Could not complete the request to remote agent URL 'http://xx.x.xx.xx:8172/MSDEPLOYAGENTSERVICE'.
Error: The operation has timed out
On the server's event viewer under system I get the following error ->
A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.
Any idea of what could be going on? Did I miss something on the installation?
After this I also tried installing everything but without iis and I get the same error.
So, this is really not a PoSH issue.
Maybe you should consider movin gthis question to another forum.
Anyway, you have either real server config issues (this can sometimes mean wipe and rebuild - very ugly option - but if it's a virtual machine and you have a snapshot, just roll back), or an app causing this.
Typically for Schannel type of error, it has to do with application or service in machine not able to complete any SSL connection sort of connection.
The error state parameter of 1203 means client error connecting to server, ie invalid ClientHello from the client
See if you can collect more data by...
https://support.microsoft.com/en-us/help/260729/how-to-enable-schannel-event-logging-in-iis
I realized this is an old question, but in case somebody ran into the same issue, here are my solution.
I had to follow this guidelines : https://learn.microsoft.com/en-us/aspnet/web-forms/overview/deployment/configuring-server-environments-for-web-deployment/configuring-a-web-server-for-web-deploy-publishing-web-deploy-handler
Copy the resulting publishsetting file. In the Publish/Profile page import it.
In the Publish/Connection page, change the server to the server address with the 8172 port. Add the password. Change the Destination URL to the site to go to after the publish is completed.
Then after Validate connection was completed, go ahead and publish it!
I have installed POWA on 2012 R2 trough powershell.
Install-WindowsFeature -Name WindowsPowerShellWebAccess -IncludeManagementTools
Install-PswaWebApplication
Add-PswaAothorizationRule * * *
Navigating to https://server/powa or https://server.fqdn/powa leads to a 404 "File or directory not found". I've checked the IIS and forlder structure and everything is there. I've tried IE and chrome but both returning this error.
SSL is activated on the powa application
Pool is running with elevated user and correct right allocation
I am using a domain certificate for SSL
What am i missing here?
Thanks a lot and Best Regards
Certificate was not valid for this procedure, used another domain certificate that met the FQDM requirements.
Recently migrated an ASP.NET application from an old server to a new server
Both servers have the Same OS Windows Server 2008 R2 Standard
IIS 7.5 on both servers
SQL Server 2008 R2
The only difference is the amount of RAM and CPU speed
I have gone the server point to point and cannot find any differences.
I had a developer look at the code and he says its not the code
On the old server the website loads fine on the new server I get an error when browsing the website via domain name
Microsoft SQL Server Native Client 10.0 error '80040e4d'
Login failed for user 'NT AUTHORITY\IUSR'.
/lib/SQLHelper.asp, line 134
I cannot find anywhere that NT AUTHORITY\IUSR is being told to attempt to log in. Im thinking it is some kind of default. I have googled every line of the error trying to find a resolve and have been basically flipping switches to try to find an answer, nothing i have tried provides any good results.
Is there a setting in the deep dark belly of windows that im not checking?
'NT AUTHORITY\IUSR' is used by IIS as the account for anonymous users. This means that IIS is using passing through the authentication information to the SQL server rather than using a specified user account.
In most situations you would either have specified an account to be used in the connection string or disabled anonymous access to ensure that the account passed through is a authenticated user account.
It is possible to give the IUSR account permissions on the SQL Server.
Try looking at this article as it may give you some assistance The error "Login failed for user 'NT AUTHORITY\IUSR'" in ASP.NET and SQL Server 2008