Mouza Ali

Ranch Hand
+ Follow
since Oct 28, 2008
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Mouza Ali

I do have the same problem. I would really appreciate if someone could help?
13 years ago
Hello Paul,

Thanks for your response. It is really strange. Each time I face a problem and post it here, directly after few minutes I know its answer. Even though I spent months trying to solve it.

For example, for this problem, I was trying to solve it for a month and a half, and since there is not much documentation for the "Network Server", I couldn't figure out the solution. However, I've just figured the solution for the problem

For my problem, I shouldn't associate a user name and password for the database that has been created from the command line in the java code. I simply deleted the Properties from the java code and it worked.

I hope this time I get some answers for this very ambiguise point about "Network Derby Server". I have created the Database through the command line, and created a table named 'CLIENTINFOR' in that database. However, when my java code tries to connect to this table is throws and SQLException saying that: table/view 'CLIENTINFOR' doesn't exist!

How it says that it doesn't exist? I searched for a veeeery long time on the Internet about this, and most of the topics posted that it is a case sensetivity level, but in my case it is not.

I have a user name and a passowrd associated with my database.

So, please can anyone help me with this?!?!
Hello folks,

I've generated a rootCA.pem and a bank.crt which is signed by the rootCA.pem and everything goes well. I used a combination of openssl and keytool to do that.

When I open FireFox and run the web-application on https, it displayes for me the usual warning msg that a certificate is there, and I press OK. Then I go to check the Certificates under preferences under Edit in FireFox, and I find that the bank.crt is under the server tab and my rootCA.pem isn't in the CA. It is not there. I imported it earlier into cacerts that is under the jre while I'm creating the rootCA.pem and the bank.

My question is: Should the rootCA.pem be under the Authoroties tab or it is enough to have the bank.crt under the server tab?
If yes it should be there, Importing the rootCA.pem won't work. My rootCA.pem is actually a .pem instead of a .crt and
importing it into the FireFox don't help! I can't find it b/w the CAs!

Please any help with that?

I really need some clarification!
13 years ago
Hello Moha,

I figured out the solution for the problem in the tutorial I posted earlier. when you reach step 9 in the server setup, go to step 11 before you go to step 10. I think the author missed up something here
13 years ago
Hi all,

I'm trying to create a self signed certificate and make it as a root CA. Then, I create another certificate and sign it with that root CA. However, there was a problem while importing the certificate to the server keystore.

Below are the steps -[Which I found online], and I'll show where the error incured:

Setting up the root CA

setting up the server now

The error was in the last line of the commands. It should print something like: Certificate reply was installed in keystore
But instead it prints: Keytool Exception: Failed to establish the chain !!

Please can anyone help? All the solutions I found online are related to real CAs like verisign and thawt, but here I'm trying to create my own CA.
I'm wasting too much time on this problem and couldn't find anything
13 years ago
Hello Moha,

I'm working too on the same topic and I found some great tutorials about that. However, there was one step didn't work with me. I'll post the link for you and go for it. If it worked with you all the way long, then let me know to ask you a question regarding the chaning.
13 years ago

Ulf Dittmer wrote:If this is an actual banking application, then security is of high importance. That means you need certificates signed by actual root authorities -like Verisign-, not something you cooked up on your own. That certificate should be used for signing everything.

But for developing purposes, I don't need to acquire a real CA for the moment.
13 years ago

Ulf Dittmer wrote:I'm not sure what the point of having separate root certificates would be; maybe you can tell us what prompted this approach. (Actually, I've never had the need to even create one root certificate, so maybe that's why I don't understand why one might want to use several of them.)

Thanks Ulf for your reply.

Actually I got this idea after I googled for a very long time and I found that there is agroup of people saying that: " an SSL certificate shouldn't or better to say can't be used for java signing".

I might interpurted this wrognly. Anyway I'll explain the issue more clearly:

1. I have a bank server that should have a certificate signed by root CA and under this bank there is an Applet running ofcourse on the client side. On the other hand, I signed the applet with the same root CA that signed the bank SSL certificate. I didn't sign the Applet with the back certificate.

That is the point of my discussion. Should I sign the applet with the Bank SSL certificate or with the root CA!
13 years ago
Hello all,

I hope that I get some replyies this time. I'm really confused regarding the difference between java code signing and web service signing. I will describe the case below clearly:

1. I have a self signed root certificate.
2. I have a certificate that is signed with the root certificate, and used for authorizing a server.

On the other hand:

1. I have an applet signed separately. And what I mean by separately is that I don't sign it using that already created self signed certificate. It is a self signed certificate.

So, my question is:

1. Should I have one CA for both the server and the applet, or I should keep them separate like what 've just I explained.

Please, I need urgent clarification as there are not much documentation about this thing on the Internet.
13 years ago
You know you can be your own CA for testing purposes.
13 years ago
Why don't you sign both the digest and the message, so when it is recieved on the other side, a verification step should take place using the public key!
13 years ago

I'm new to SSL and have several questions and I appreciate any help.

I configured the apache tomcat server.xml file to enable the connecter in order to support SSL in its communication. Of course this is after creating the .keystore file. These steps I followed from apache HOWTO documentation. However, since this is a self signed certificate, I can't access the tomcat splash page unless I added an exception. Is this ok for testing purposes? and if yes, how can I remove this exception after testing?

For the moment I can't afford buying a certificate.

Also, I have another question which is that I used a self signed certificate for my applet to run in local machine but without SSL. Now as I have those keys and certificates already exist, how I can use them instead of creating new from scratch and sign the applet again?

Thanks in advance,
13 years ago

Ulf Dittmer wrote:The /opt/apache-tomcat-5.5.26/bin directory should have scripts you can use, particularly and Be sure to read the comments inside of them to see if you need to change anything.

Thankyou ULF.. I'll check and get back to you if I have any further queries
13 years ago