We're running Artifactory Pro 4.11.0 (planning to upgrade to 6.1.0) and our license has just expired.
All users are seeing a notice stating:
Your Artifactory license has expired. To renew your license please contact sales#jfrog.com
How can this notice be disabled?
EDIT: We do NOT plan to renew the license - our current license grants us usage of Artifactory up to v6.1.0
Related
Specifically, how do I tell Sonatype that I have a new key pair?
I publish my PGP public key to a pool, and sign my artifacts with my private key. If I upload those artifacts to Sonatype Nexus, how does it authenticate the packages? On what basis does it distinguish packages signed by me from packages signed by someone else?
I imagine there's a step where I tell Sonatype what my public key is, but I can't remember ever doing that and I can't see it in the docs.
I assume you are asking about uploading your artifacts to the Central Repository via OSSRH. The current user documentation for OSSRH details that you need to sign your packages with GPG as you are aware. Uploading is done via OSSRH and the username you have there. The authentication of the packages is done via your user credential and then the package signature are verified against public key pools. AFAIK it does NOT check if the packages are signed by you but rather just that they are signed with a publicly available, valid key and you can only upload with your username/password.
Update: The benefit of requiring signed artifacts is that upon download the artifacts can be checked upon for the signature and checksum and you can therefore ensure that you only download packages as originally submitted by the uploader and have not been tempered with on Central or in transport to your server. Related to that it is a good idea to connect to Central via https as offered as a cheap service by Sonatype and used by default in Nexus Pro.
In a Dev environment, I'm try to install BizTalk on windows 7 with local accounts. The PC is not part of a domain. The install goes fine, and I've followed the msdn documentation for BizTalk on windows 7. SSO is the first thing that fails when I try and run the BizTalk configuration utility.
It created the SSODB database, built the tables, etc. but the SSO configuration failed. I see errors in the event log like:
SSO AUDIT
Function: GetApplications2
Tracking ID: a9b83ad5-1f05-407f-9d0b-63b4e4acd7d5
Client Computer: VM-BizTalk (mmc.exe:3572)
Client User: VM-BizTalk\Jeremy
Application Name: -
Error Code: 0xC0002A02, The SSO system is currently disabled.
The SSO service is running under a local account. This is not recommended and will limit the functionality of SSO. See your documentation for details.
SSO Service Account: VM-BizTalk
Access denied. The client user must be a member of one of the following accounts to perform this function.
SSO Administrators: SSO Administrators
SSO Affiliate Administrators: -
Application Administrators: -
Application Users: -
Additional Data: VM-BizTalk\Jeremy
Secret server access denied.
Client User: VM-BizTalk\Jeremy
Both the sso service account and my account are part of the SSO administrators group (local accounts and groups).
Well, I did a little more digging, and found an additional error in the BizTalk Configuration log file:
Failed to generate and backup the master secret to file: C:\Program Files\Common Files\Enterprise Single Sign-On\SSO0FAB.bak (SSO) Additional Information (0x80070005) Access is Denied.
Searching this error I discovered a blog entry:
http://blogical.se/blogs/mikael_sand/archive/2009/10/01/failed-to-create-the-master-secret-file-why-do-these-things-always-happen-to-me.aspx?CommentPosted=true#commentmessage
Which advises this solution:
Unconfigure BizTalk and delete the SSODB and BusinessRulesDB. The wizard does not delete them.
Now create the SSO Administrators group manually and add the install account and the BizTalk Service Account to it.
Log out and log back in. Restart the installation.
I did the above steps. Additionaly, after step 2 I re-ran the BizTalk install, chose repair, then went through the install process which took me though the configuration steps and finally a successful configuration!
I just want to know that how Certificate revocation works in PingFederate.
From where it read about the expiration time of any certificate which are used by any connection? Is there a file which consists of all the information about the connection and respective certificates?
Is your main question about detecting when your certificates will expire? If so, details about Certificate Revocation List (CRL) functionality probably isn't what you want. CRL's indicate the serial #'s of the certificates that have been revoked before they have expired - and often expired ones are automatically removed from a CRL.
If you want to determine which certificates are close to expiring - you may have to check each connection. Here's an example of where to check if you are talking about your signing certificate on SP connections (if you are an IdP): https://support.pingidentity.com/s/document-item?bundleId=pingfederate-92&topicId=adminGuide%2FconfiguringDigitalSignatureSettings.html
There is no one central place to check the status of all certificates. If you believe certificates have expired and you are experiencing errors - consult the server.log file. See: https://support.pingidentity.com/s/document-item?bundleId=pingfederate-92&topicId=adminGuide%2FmanagingLogFiles.html
If you'd like to be notified when certificates are about to expire, you can enable Runtime Notifications to have PingFederate email you X # of days before a certificate expires: https://support.pingidentity.com/s/document-item?bundleId=pingfederate-92&topicId=adminGuide%2FconfiguringRuntimeNotifications.html
If all else fails - please contact our Customer Support: https://support.pingidentity.com. They will be happy to assist.
(Note: I work for Ping!)
The Expired certificates report Knowledgebase page shows that you can run
cd $PingFederate_Install_Directory>/pingfederate/server/default/data
keytool -list -v -keystore ping-dsig.jks < /dev/null
to get a dump of all the certificates, out of which you can parse expiry dates.
I am on a Tridion 2011 SP1 CM server and I’m trying to start the SDL Tridion Content Manager configuration MMC snap-in.
I get the following error:
Could not read configuration item. Modification of this item is not
available on this machine. Account has no permission to access the
protected configuration section 'tridion.security'. Contact your
system administrator.
My user is of course part of the local admins.
What is going on? how to fix it?
The Content Manager uses a .NET encryption key to ensure the encryption of sensitive configuration data such as passwords. By default nothing is encrypted. The following user accounts automatically have access to this encryption key:
Any Content Manager system account (including the Content Manager user account and impersonation user accounts created during installation)
The user account of the user who originally ran the installer
The use of the configuration encryption functionality is completely transparent, so long as the following is true:
The user account that runs the SDL Tridion MMC Snap-in configuration tool is the same user account that originally ran the installer.
The user executing the various SDL Tridion Windows services is not changed from its default value.
If you want to run the Snap-in and/or Windows services as another user than specified, you must grant that new user access to the encryption key. To grant this access, log on as the user account of the user who originally ran the installer, or as another, similarly authorized user with access to the encryption key, and do the following:
Open a Windows command prompt.
Go to a directory on your machine on which a version of the .NET Framework is installed (a subdirectory of C:\Windows\Microsoft.NET\Framework\ or C:\Windows\Microsoft.NET\Framework64\).
Enter the following command:
aspnet_regiis -pa "TridionRsaKeyContainer" "<domain>\<account>" where <domain> is the domain of this user and <account> is the username of the user.
Hi I studied Push notification, and i find out I have to Creating the SSL Certificate and Keys and I do not know if it cost extra money because on website here it is not written if this service is for free(included in license) or is for extra money.I have bought business license for 99$.
Thanks for help
you have to buy an SSL certificate from a 3rd party website like http://www.verisign.com/
Apple require that you have an SSL certificate to ensure that data sent through their service is being sent in a secure manner
You must create certificates and key with the Apple developper portal :
Turorial here.