openstack trusted port works in stein/train release? - openstack

I tried below
https://specs.openstack.org/openstack/nova-specs/specs/rocky/implemented/sriov-trusted-vfs.html
but it throws error
Unknown Property trusted
any idea what is corresponding param in heat template ? I had set trused: "true"

Related

Firebase Trigger E-Mail Hostname/IP does not match certificate's altnames

I am using the extension "Trigger E-Mail" in Firebase. When I try to send an e-mail and I get the following error:
Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames
Does this mean the loaded certificate must contain my hostname to work? Sorry, I just have started studying certificates. If I am right then one solution would be to add my hostname into the certificate. As I am using a thirdparty mailprovider. UPDATE: The smtp server uses a shared certificate which doesnt include any other domain and it will never happen.
Similar posts using nodejs tell to set the following configuration:
{ rejectUnauthorized : false }
First I cannot set his configuration into the Extension, secondly I do not want to remove the security feature.
What do you recommend?

WSO2 Identity Server and WSO2 API Manager integration - ERROR: transport error 202: bind failed: Address already in use

I have integrated API M and Id Server using the prepackaged version
I have started Id Server. But while starting API Manager , i am getting the below error
I have correctly set the offset value as 1 in the carbon.xml...Still i am getting the error..i have passed offset value via command line argument as well..
can someone please help? I am really stuck on this.
This was because my system JAVA_OPTS was being set to debug mode and WSO2 was starting in debug mode. That caused being listening to port 9999 and the conflict. I removed the unnecessary JAVA_OPTS and it solved the issue

BizTalk File.Username not set

I have created a BizTalk Application that uses a ReceivePort of Type: File, and in the orchestration I'm trying to get the message property 'FILE.Username' as below, but it's value is not set.
if (FILE.Username exists msgFile)
varUsername = msgFile(FILE.Username);
The ReceiveLocation is mapped to a shared folder and I have set the Authentication Credentials to a different user.
Anyone knows why the FILE.Username is not set with the username that I configured in the ReceiveLocation (actually the FILE.Username not even exists in the message properties) ?
Other Properties are set (like FILE.ReceivedFileName and FILE.FileCreationTime) and I can obtain their values normally.
Thanks in advanced.
The username supplied on receive location Authentication tab are stored in SSO database for security reasons. FILE.Username context property is only useful if you are using dynamic send port to send the file and wants to set the property in pipeline or orchestration, otherwise it won't be available in context.

Reverse Proxy (ARR) and ScriptResource.axd Issue

I'm having issue when I run my website on the Reverse Proxy layer. It will display the following javascript error.
=> Message: 'Sys.WebForms.PageRequestManager' is null or not an object
=> Message: Sys.ArgumentTypeException: Object of type 'Sys._Application' cannot be converted to type 'Sys._Application'.
Parameter name: instance
=> Message: 'Telerik' is undefined
They are all pointing to the "ScriptResource.axd" file and default file (frontend and backend).
When I run the website on the application layer (direct access without using the proxy), there is no error as shown above.
Is there any configuration need to enable reverse proxy server(ARR) to work?
Using Sitefinity 3.6 and IIS7
Thanks
Under caching in the server farm, select "Include query string" in the query string support drop down list.

Certificate Trust Lists and IIS7

I need to generate a CTL for use with IIS7.
I generated a CTL file using MakeCTL (on Win2k3 SDK) and put only my own RootCA certificate in the CTL.
However, when I then use adsutil.vbs to set my website to use this CTL, I get:
ErrNumber: -2147023584 (0x80070520)
Error Trying To SET the Property: SslCtlIdentifier
I'm using adsutil.vbs like this:
cscript adsutil.vbs set w3svc/2/SslCtlIdentifier
where is the friendly name of the CTL
The problem is, I am not able to set a friendly name. At the end of the wizard it says "Friendly Name: ".
In IIS6 I can create a CTL with a friendly name (showing in Certificates MMC) but if I export it from there, when I import it, it no longer has a friendly name.
Can anyone show me how to do it please?
This should work on IIS 7.0 but probably not on IIS 7.5.
Let us know if this page is helpful please - http://www.rethinker.net/Blog/Post/14/How-to-Create-and-Use-a-CTL-for-IIS-7-0
I'm experiencing exactly the same problem and am having the same trouble finding an answer.
There appears to be no documented way to create a friendly name for Certificate Trust Lists using MakeCTL. And the only documented way to add a CTL to IIS7 uses the adsutil script Neil references above, yet it requires a friendly name. I assume we could dig into a programatic way to do this but I'm not looking to get that deep.
The core of this problem is that IIS7 seems to have lost favor for CTL's, else it would have some UI support for them. Are people using some alternative to CTL's in combination with Client Side Certificates?
I find it odd this isn't a bigger problem for IIS7.
Update:
I finally came back to this and have figured out the Friendly Name issue. To get a friendly name assigned you must store the CTL in the Certificate Store rather than to a file (I had always used the file approach previously). So, using MakeCTL in the wizard mode (no arguments) and choosing to 'Certificate Store' on the 'Certificate Trust List Storage' page results in a new page that let's you specify a Friendly Name.
So I now have a CTL in the 'Intermediate Certification Authorities' certificate store of LocalMachine. Now I am trying to use 'netsh http add sslcert' to assign the CTL to my site.
Before I could use this command I had to remove the existing SSL cert that was assigned to my site for server authentication. Then in my netsh command I specify the thumbprint of that very same SSL cert I removed, plus a made up appid, plus 'sslctlidentifier=MyCTL sslctlstorename=CA'. The resulting command is:
netsh http add sslcert ipport=10.10.10.10:443 certhash=adfdffa988bb50736b8e58a54c1eac26ed005050 appid={ffc3e181-e14b-4a21-b022-59fc669b09ff} sslctlidentifier=MyCTL sslctlstorename=CA
(the IP addr is munged), but I am getting this error:
SSL Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated.
I am sure the error is related to the CTL options because if I remove them it works (though no CTL is assigned of course).
Can anyone help me take this last step and make this work?
UPDATE 01-07-2010: I never resolved this with IIS 7.0 and have since migrated our app to IIS 7.5 and am giving this another try. I installed IIS6 Compatibility on my test server and tried the steps documented here using adsutil.vbs. I immediately ran into this same error that Niel did above:
ErrNumber: -2147023584 Error trying to SET the Property: SslCtlIdentifier
when running this command:
adsutil.vbs set w3svc/1/SslCtlIdentifier MyFriendlyName
I then went on to try the next adsutil.vbs command documented and it failed with the same error.
I have verified that the CTL I created has a Friendly Name of MyFriendlyName and that it exists in the 'Intermediate Certification Authorities\Certificate Trust List' store of LocalComputer.
So once again I am at a dead standstill. I don't know what else to try. Has anyone ever gotten CTL's to work with IIS7 or 7.5? Ever? Am I beating a DEAD horse. Google turns up nothing but my own posts and other similar stories.
Update 6/08/10 - I can now confirm that KB981506 resolves this issue. There is a patch associated with this KB that must be applied to Server 2008 R2 machines to enable this functionality. Once that is installed all works flawlessly for me.
The question is about IIS7, but for anyone looking for this information - from IIS8 you no longer need to use CTLs, but rather use "Client Authentication Issuers" in the certificate store.
This is documented in more detail: http://technet.microsoft.com/en-us/library/hh831771.aspx

Resources