I am not able to connect to Azure via a webapp deployed in tomcat.
I am getting the below error though i am sending the correct input for the keystore pwd.
"Keystore was tampered with, or password was incorrect"
Plz comment.
When you try connecting to Windows Azure Management Portal, using Service Management API, the connectivity is created over SSL tunnel and a certificate is used to create the SSL tunnel.
I would suggest first that, it is not a Windows Azure specific problem, it is more of a Java/Tomcat related issue mainly happening because while selecting the certificate to create the SSL tunnel the code met with some problem.
To solve this problem, I can suggest the following:
In your VM/Physical machine, where Tomcat web application is running try to locate the physical keystore file first and delete it.
After that try creating keystore with correct password and setup that password properly in your Tomcat configuration
Trustcacerts password was supplied wrongly ! Now it works
Related
I'm new to Azure; I wanted to take advantage of being able to run PrestaShop (e-commerce software) and Azure marketplace has single VM plan. I followed this video and got it up and running. Trouble is to login to the site's Admin interface you need to know the secret folder that is randomly created by the installer. I have tried the Azure Storage Explorer , but nothing useful is displayed. I also tried to login using putty and SSH, but keep getting access denied. I suspect I need to configure an endpoint for port 22, as described here in order to get ftp working, but apparently this is not possible with a free subscription (?).
Any help as to how I can find that folder name would be appreciated.
With Azure Free Trial Subscription, I can successfully login into the PrestaShop Azure Linux VM without any issue.
Note: No need to configure an endpoint for port 22.
To connect to your Linux virtual machine using SSH, use the following command: ssh username#IPAddress and password.
If you are facing an issue with your login, you can reset the password.
I am trying to host the neo4j server on an Azure Ubuntu VM and opened up the endpoint to enable access from my machine so that I can access the webadmin portal and also debug Asp.net portal code from my machine.
I am however unable to understand how to password protect the access to neo4j endpoint on that VM so that its not open for everyone on the net. looking for at least a simple protection like:
http://<user>:<pass>#myneo4j.cloudapp.net:7474/db/data
Is there any guide on how to setup the neo4j on the Azure cloud that I can refer to.
I found authentication-extension but unable to understand if this is all i need when setting up connection via Neo4jClient
Regards
Kiran
If you use ubuntu you can set up nginx as reverse proxy: http://joewhite86.wordpress.com/2013/05/29/secure-neo4j-webadmin-using-http-auth-and-ssl/
Once I downloaded the right version of 'authentication-extension' and put it in the plugin folder, it was exactly what i wanted,
added few users and pointed the URI to database as below :
http(s)://<user>:<pass>#myneo4j.cloudapp.net:7474/db/data.
and that's all I needed to protect my back end like old fashion SQL server ways.
We are developing an ASP.NET WebAPI that is hosted in IIS and authenticates using client certificates with iisClientCertificateMappingAuthentication.
In our on-premises development environment we have tested IIS 7-8 and Windows 7-8/Server 2012, all of which work fine.
We have set up a demo environment in Azure with a VM running Windows Server 2012 R2 and IIS 8. Using this configuration we have yet to successfully pass through IIS client certificate validation, where we consistently receive an HTTP 403.16 error.
The service is consumed by a custom iOS app that we have verified is sending the client certificate, which was expected since my understanding of the error implies IIS is unable to validate the certificate that it received.
The Client Certificate Authority is installed in the Trusted Root Certification Authorities and the Client Authentication Issuers stores for the Local Computer.
Pretty much all of the resources we can find on this issue propose the solution here: http://social.technet.microsoft.com/Forums/en-US/fae724e8-628e-45a5-bf39-6e812d8a1a70/40316-problem-in-iss8-on-mp-in-dmz?forum=configmanagerdeployment
where it's suggested we add a registry setting for ClientAuthTrustMode. This has not resolved the issue for us; we also did not need to do it for any of our local testing which involved the exact same OS and IIS versions.
We've spent days on this with no progress and were hoping someone may have some insight into this issue. Is there any default configuration that we have yet to come across to enable this form of authentication for VMs in Azure? It seems as though IIS on a VM in Azure is unable to actually validate against the CA in Trusted Root. One idea I had was that perhaps the certificate is being stripped from the request before it's routed to IIS, but again, that seems unlikely given my understanding of the error code.
Has anyone gotten a setup like this to work?
I happened upon this knowledge base article, maybe it can help you
http://support.microsoft.com/kb/2802568
On a project I’m working on at my current job, we need to enable the RDP on azure web role. I've enabled the RDP but client is not being able to connect. We confirmed RDP port is opened as well.
Doesn't client needs to install certificate on his/her machine as well?
No the client doesn't need to install a certificate on their machine. When you deploy a cloud service from Azure you can opt to have an RDP account created at the point of deployment, this will automatically configure the endpoints for 3389 on the instance. Are you sure the client is using the correct case on the password and has their firewall open on 3389?
No it does not. If you're having problems try to download the assistant file that will set up everything BUT your firewall, leaving you to just hit "Connect"
I am building a site that needs to call a 3rd party web service over https. The service requires an X509 certificate for authentication.
I can successfully call the service and get a response back using a console application, or a web application running in visual studio web server, this suggests to me that the code, and certificate provided by the 3rd party are all ok.
As soon as I deploy the site in IIS, it cannot connect to the service, I am getting "The request was aborted: Could not create SSL/TLS secure channel" error. I spent a couple of hours trying to figure this out, assuming it was permissions related as IIS app pool running under network service etc.
The certificate is installed in the local machine store, not current user, and I have granted network service (also added everyone is desperation!) using the winhttpcertcfg tool and manually in MMC > Manage Private Keys, so I am confident that the network service account has access to the certificate.
I also used the FindPrivateKey tool and checked the physical windows file and permissions look ok! I tried using identity impersonate in the config, using my windows account and that doesn't make a difference.
I am pulling my hair out with this one, can anyone give me any suggestions on what to try next?
Cheers