Monthly Archives: February 2014

IIS: SSL Certificate Disappearing after import

After import the certificate into IIS, when I navigated away from the Server Certificates window, the certificate would disappear.
I could see the certificate in the server’s Personal Certificate Store using MMC (Microsoft Management Console) but it wouldn’t show up in IIS.

After investigate, I found below solution for this issue:

Save the three portions of the certificate into three separate files (Note: The Intermediate Certificate is optional, if you were not supplied with one, just skip the steps involving it):

privatekey.txt – Copy and paste the contents of the private key including the begin and end lines.
certificate.txt – Copy and paste the contents of the Regular Certificate including the begin and end lines.
intermediate.txt – Copy and paste the contents of the Intermediate Certificate including the begin and end lines.

Upload all these files to a linux server, and run

openssl pkcs12 -export -out certificate.pfx -inkey privatekey.txt -in certificate.txt -certfile intermediate.txt

then import the certificate.pfx into IIS

Netscaler VPX license

When I tried to install certificate to netscaler vpx, I got below error message:

Certificate with key size greater than RSA512 or DSA512 bits not supported

After investigate, I found that this problem is caused by Netscaler License. You need to install at least 3 licenses to Netscaler to support it’s functions

1) Netscaler Platform licence: this enables netscaler features, but more importantly, unlocks the higher grades of encryption. License issued against Host-ID (= mac addr)
2) Netscaler Gateway platform licences / ICA licenses: this licence gives you up "unlimited" basic mode (ie ICA-only) connections. License issued against Hostname
3) Universal licenses: paid for licenses (you get free ones with XD platinum / NS platinum) which allow use of smart-access mode (=vpn, clientless, or ICA with epa). License issued against Hostname.

Enable Clipboard Copy and Paste in VMware console

Log in to a vCenter Server system using the vSphere Client and power off the virtual machine.
Select the virtual machine and click the Summary tab.
Click Edit Settings.
Navigate to Options > Advanced > General and click Configuration Parameters.
Click Add Row.
Type these values in the Name and Value columns:

    Name	Value	FALSE	FALSE

Note: These options override any settings made in the VMware Tools control panel of the guest operating system.

Click OK to close the Configuration Parameters dialog, and click OK again to close the Virtual Machine Properties dialog.
Power on the virtual machine.

Note: If you vMotion a virtual machine to a host where the*=”FALSE” is already set, the copy and paste options are automatically activated for that virtual machine.

To enable this option for all the virtual machines in the ESX/ESXi host:

Log in to the ESX/ESXi host as a root user.
Take a backup of the /etc/vmware/config file.
Open the /etc/vmware/config file using a text editor.
Add these entries to the file:

    vmx.fullpath = "/bin/vmx""FALSE""FALSE"

Save and close the file.

The Copy and Paste options are only enabled when the virtual machines restart or resume the next time or shutdown and power-on the virtual machine for changes to take effect. This must be done on the virtual machine side, not the guest OS side.