I cannot add any certificates on AS2 messages in BizTalk.
So here's what I have for the moment (I have installed 2 certificates on the BizTalk machine using the same account as the on under which the Host Instance is running.
The 2 certificates are the following and placed in the locations:
\Personal\Certificates - My own certificate 'pfx'.
\Other People\Certificates - Party certificate 'cer'.
So far the importing of the certificates.
Now, when in BizTalk Administration, I go to Parties and I go on the agreement between the parties. In that window I go down to 'Signature certificate' and I check "Override group signing certificate". Then when I click "browse" I see:
"No certificate available."
"No certificates meet the application criteria".
Any idea on what's wrong here?
I've found it. The certificates should be installed under the same instance that the BizTalk Administration Console is openend. Otherwise the certificates could not be found.
Related
I came with error after creating the certificate ,
This app package’s publisher certificate could not be verified. Contact your system administrator or the app developer to obtain a new app package with verified certificates. The root certificate and all immediate certificates of the signature in the app package must be verified (0x800B010A)
Is it possible to have Wazuh Manager served through custom SSL certificates? The wazuh-certs-tool gives you a self cert, and every other way to get it served through SSL has failed.
The closest I've gotten to getting this to work is I've had the dashboard being served by a custom SSL, I had agents connecting to it successfully and providing a heartbeat, but had zero log flows or events happening. When I had it in this state, I saw the API calls were coming from what appeared to be a Java instance, erroring out complaining about receiving certificate. I saw a keystore file located at /etc/wazuh-indexer. Do I also need to add the root-ca cert here as well?
It seems that your indexer's excepted certificates do not match the certificates in your manager or the dashboard.
If you follow the normal installation guide, it shows how and where to place your certificates, that are created using the wazuh-cert-tool. But, certificates can be created from any other source, as long as they have the expected information, you can check that informationenter link description here here.
I would recommend you follow the installation steps in the installation guide, from scratch to make sure you copy each excepted certificate in it's place and that the configuration files for your indexer, dashboard, and manager take into account the correct files. All you would need to change, the creation of the certificates, to have your own custom certs.
In case of further doubt, do not hesitate to ask.
in the past, we used VSTS build agents, running with domain accounts on on-prem build machines. In such scenario, certificates could be stored into the domain accounts personal store (manually, by logging in once with this account). So a later build could get the certificates by thumbprint for signing e.g. a manifest.
Now, the agents run with "Network Service", because we no longer have a local domain (all moved to Azure AD). All works, except the retrieval of certificates from the store. I already used the mmc snap-in to connect to the service (VSTSAgent), and installed certificates to this personal store, but still the build fails with "Error MSB3323: Unable to find manifest signing certificate in the certificate store.".
If I log-on to the machine and run from within VS, all works well, but of course here I am using a different account (with a different personal store), but this at least tells me that solution & projects are fine. And the pipelines are OK as well, because they still work OK on the "old" build-machines that use a domain account.
So, if anyone has an idea or can point me to some information on how to use the VSTSAgent running as "Network Service" together with signing (from the certificate store), that highly appreciated.
Many thanks, Sebastian
When I am Installing My Customized Word Add-in on Client Machine it is Giving this Warning "Unknow Publisher Install or Dont Install".
How do get I get rid of this warning?
The certificate you create (a temporary one) is only valid for your computer.
To get rid of "unknown publisher" you need to sign you addin with a code signing certificate purchased from a trusted authority. To buy one you'll need to contact that authority, and prove your identity.
Some list of code signing authorities can be found in this topic for example:
https://stackoverflow.com/questions/1077800/which-code-signing-authority-should-i-go-with
I was able to develop a mdm solution.
I started facing problem when I moved my agent from Developer account's provisioning profile to Enterprise account's in-house distribution profile.
Now I am totally confused which certificate is used where?
Please guide me his is the certificate used in the below places:
Certificate in credentials section of enrollment profile (is it having BI as com.apple.mgmt._ ? or can be any like com.abc.mdm ? or it's the one received by customer)
Certificate .pem file used to wake up device?
Thanks
You need to use your iOS Enterprise developer account use the Agent account's credentials.
Follow this page http://www.softhinker.com/in-the-news/iosmdmvendorcsrsigning and then verify few things as remove the passphrase from customerPrivateKey.pem using this command
openssl rsa -in customerPrivateKey.pem -out PlainKey.pem
Verify the .pem certificate downloaded from https://identity.apple.com/pushcert/
You can install this .pem in you Mac's Keychain and then see the Get Info and the certificate should have com.apple.mgmt.External.b503419d-1e2a-a60f-7451-5b8832b5a9cb, which you can use as push topic while generating enroll mobileconfig .
Then merge your APNS certificate (for example CustomerCompanyName.pem) downloaded from the portal https://identity.apple.com/pushcert/ using this command
cat CustomerCompanyName.pem PlainKey.pem > PlainCert.pem
Now the PlainCert.pem you can use as APNS/MDM certificate.
Please see this for Identity.p12 and respective password, which you have to use in Credential section.
1) it HAS to be com.apple.mgmt._ however this does not come from the provisioning portal - all you can set up here is your vendor certificate. See here
2) the certificate is used to make the connection to the APNS service, but you should get this from the the Apple Push Certificates Portal