After installed APK Downloader, you’ll need to follow these steps in able to use it. Enter email and device ID on Options page. There are two ways to get Email and Device IDa. Easy way: install this Device ID app, it will show you your emails and Device IDb. Difficult way: Open dial pad, call *#*#8.
I have a client upgrading an old SBS DC to 2016 Essentials. All the roles (FSMO, dfsrmig, dhcp, dns, IIS, LOB apps.) are transferred, all the testing is done. The kicker is, the LOB apps make heavy use of the CA, which was also transferred. Now I am getting the dreaded 'out of compliance' SBS warning!
Can I just back up the CA, finish installing the essentials role, and restore the CA? Or, does Essentials store its own magic sauce in the CA like the LOB apps? If so, is there any way to reliably merge the two (EnterpriseCA) CAs? I have experience just with the Essentials server, but I have done something similar while migrating my setup. What I did was migrating the old 2012R2 to 2016 server while also moving the CA and finally renaming the server to the original one.
In my case I had to replace the newly installed CA with the backed one. But thinking about your situation as is, it is probably a little bit different. Even if the Essentials role installer is behaving the same way as the Essentials server. You have migrated the SBS 'version' of CA, which is bigger jump, I suppose there is at least a difference in the CA templates. IMHO to achieve the latest CA setup, inclusive all the new CA templates, which are stored in AD, you will need to remove the CA from that new server, let the essentials role setup finish its work and then restore the CA again.
Bellow are some of the steps I have taken on my 2012R2 and 2016 essentials server to replace the target server CA (2016) with the source server CA (2012r2). I have also taken the backup of the TargetCA for the case something goes wrong. Generally there shouldn't be an issue with having two CAs in one domain, all clients should get the CA certificate automatically installed and auto enrollment should be able to pickup the right CA when the old CA is taken out. However I can understand that in some cases backup and restore (moving) the CA to new server is a better solution.
But don't forget you will need to solve the server name issue. The SBS server name is burned in the CRL and AIA property on every certificate the CA have been issuing. Thanks for the quick response, but not sure we are on the same page. To be clear, the transfer of the CA is not the problem.
The problem is that I transferred the CA before the last step of installing the Essesntials role on the new server. Having two CAs is not possible without buying a third server, since the SBS is threatening to turn itself off in the next 24 hours (besides being way past retirement age!). Let me ask a different way.
IF I ALREADY have the ONLY CA in the domain on the future Essentials server (so I could test that the LOB apps run w/ the new CA), do I have to transfer EnterpriseCA BACK to the SBS 2003 server before completing the Essentials role (and then transfer it back again)? Or does the Essentials promotion intelligently migrate the CA, retaining my LOB customizations? I have experience just with the Essentials server, but I have done something similar while migrating my setup. What I did was migrating the old 2012R2 to 2016 server while also moving the CA and finally renaming the server to the original one. In my case I had to replace the newly installed CA with the backed one. But thinking about your situation as is, it is probably a little bit different.
Even if the Essentials role installer is behaving the same way as the Essentials server. You have migrated the SBS 'version' of CA, which is bigger jump, I suppose there is at least a difference in the CA templates. IMHO to achieve the latest CA setup, inclusive all the new CA templates, which are stored in AD, you will need to remove the CA from that new server, let the essentials role setup finish its work and then restore the CA again. Bellow are some of the steps I have taken on my 2012R2 and 2016 essentials server to replace the target server CA (2016) with the source server CA (2012r2). I have also taken the backup of the TargetCA for the case something goes wrong. The end customer put enabling Essentials off until things calm down. That hasn't happened.
But since the LOB apps are running well, the customer is not willing to interrupt service. The current issue is that the installation is flooding the logs with perflib failures, 1008's for WmiApRpl, Lsa, Usbhub, Active Directory, and everything ASP and.NET, even on a fresh install. Sfc clean, Lodctr for everything in sight doesn't seem to help. I will have to open up another thread for the perflib stuff, and then a new one for this problem when I get back to it, if the above suggestion (marked as answer) does not work.
I have a certificate from DigiCert. It worked fine with iOS7 on my iPhone 5s.
On iPhone 6, with iOS8, the certificate gave an error message, so I exported from my mac and re-installed like this: However, when I assign that as my signing certificate via the Mail settings (Advanced), and then try to send an email, I get this message: Unable to Sign You can't send signed messages because a signing identity for the address redacted could not be found. Go to the Advanced settings for this account to choose a signing identity.
I have deleted and re-installed the profile a couple times, and rebooted, but no luck. Signing works fine in my case. I use a CAcert certificate.
Only encrypting doesnt work anymore. The error message was the same at the beginning. '.no identity. Found' After a few attempts now I only got a message 'Encrypting not possible' or similar (translated from German).
I can also answer encrypted mails and the mail from my iPhone 6 is also encrypted, but I'm not able to create a new, encrypted mail. Not even to the same person I already answered encrypted mails, so I guess that iOS must have the neccessary certificate from this recipient.
Unfortuneately I cant find any discripton of the new iOS8 S/MIME features and how to set up. Hello, here are my reports: I noticed this problem after enabling the iCloud keychain. I had two accounts using S/MIME installed.
Only one account was affected by this issue. Both certificates are from the same CA.
I first tried reinstalling the certificate without success. But since users were reporting in this thread, that playing around with the configuration suddenly resolved the issue i completely removed the mail account from the device and reconfigured it from scratch. This fixes the issue. Its a little bit annoying to type in the account info again, but at least for me this is a solution. I have the same problem here. Iphone 6 / ios 8. Working Certificates on iphone 5 / ios 7.12 don't work in the new phone / ios 8.
Getting the same error message: Unable to Sign You can't send signed messages because a signing identity for the address redacted could not be found. Go to the Advanced settings for this account to choose a signing identity.
Tried a couple of things already, but no success. (reconfigured the email account, send the certificate via different ways, installed the root certificate, etc) Still the same error message. Signing works fine in my case. I use a CAcert certificate. Only encrypting doesnt work anymore. The error message was the same at the beginning. '.no identity.
Found' After a few attempts now I only got a message 'Encrypting not possible' or similar (translated from German). I can also answer encrypted mails and the mail from my iPhone 6 is also encrypted, but I'm not able to create a new, encrypted mail. Not even to the same person I already answered encrypted mails, so I guess that iOS must have the neccessary certificate from this recipient. Unfortuneately I cant find any discripton of the new iOS8 S/MIME features and how to set up. I just wanted to chime in and say that I'm also experiencing issues encrypting messages, though the signing appears to be working correctly. I used the iPhone Configuration Utility to install the certificates (issued by COMODO).
The certificates install as expected, however Mail.app returns an 'Unable to Encrypt' error on my iPhone 6 Plus running 8.0.2. I've used the same process to install these exact certificates in the past, including very recently on a replacement iPhone 5 handset. I am wondering whether the issue affects the newer iPhone 6 hardware only. In any case, I have now reported the issue and raised a RADAR (18480971). Unfortunately, this issue remains unfixed in iOS 8.1. Has anyone managed to get this working yet?
EDIT: it appears in iOS 8 you are required to manually install a user's Public Key — even your own! To test this: 1.
Email yourself ensuring the message is signed 2. Touch the Verified badge beside your name 3. Touch 'View Certificate' 4. Touch 'Install' Composing an email to yourself now should offer Encryption. This appears particularly cumbersome given how automatic this process was in iOS 7 and earlier. Further discussion here.
Hello, here are my reports: I noticed this problem after enabling the iCloud keychain. I had two accounts using S/MIME installed. Only one account was affected by this issue. Both certificates are from the same CA.
I first tried reinstalling the certificate without success. But since users were reporting in this thread, that playing around with the configuration suddenly resolved the issue i completely removed the mail account from the device and reconfigured it from scratch.
This fixes the issue. Its a little bit annoying to type in the account info again, but at least for me this is a solution. So, I had this exact issue and now the mystery (for me anyway) is somewhat solved, but a work-around for Office365 or Exchange mailboxes still remains.
Everything worked perfectly (albeit cumbersome to setup) and then broke as soon as I upgraded iOS. I have two mail accounts on my iOS mail app (iCloud & Exchange/O365).
Installing the certificates worked great. Enabling S/MIME signing, and encryption was buried but pretty easy. Although for this post all I want to discuss in 'signing' not encrypting, because the problem emerged with signing, so forget encryption if signing is not working yet.
Getting my iCloud account to sign (and encrypt) email was accomplished after sending myself a signed email, and installing my own public key associated with my own contact in my contact list. The problem started when I added my second mail account which happens to be O365/Exchange. Network packet captures showed that although I was attempting to sign emails to/from iCloud only accounts, the mail client was sending OCS packets/sessions across SSL/443 to O365 servers for validation/verification. Let me repeat; even though the ONLY emails involved were Apple iCloud accounts, the OCS certificate validation (the step that occurs when attempting to sign) was attempting to validate using the WRONG servers (Microsoft). It was doing this because I had an O365 profile loaded (my work account) but this was overwriting the process for my iCloud profile as default. To make the issue even more problematic (other than the wrong servers attempting to be leveraged for OCS validation), Microsoft actually has an issue supporting S/MIME on certain O365 mail accounts. Their 'auto-discovery' protocol for detecting what kind of endpoints (mail client apps) are connecting to O365, detect if you're an 'Outlook App' client or leveraging something else (like iOS Mail App).
If you're sending/receiving email from O365 mailboxes, while using a mobile device with Outlook app, Microsoft will email you letting you know they 'DO NOT SUPPORT S/MIME OR ENCRYPTION ON THIS MAILBOX.' Here's the article, and looming patch hopefully in the future. So sorry for muddying the waters a bit more, but this is a combination of issues ranging from iOS Mail detecting and leveraging the wrong OCS servers because of multiple mail accounts loaded, as well as O365 not fully supporting S/MIME on all devices as of yet. If anyone has further details please post:-) -Justin. Apple Footer. This site contains user submitted content, comments and opinions and is for informational purposes only.
Apple may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Apple can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site.
All postings and use of the content on this site are subject to the.
Comments are closed.
|
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |