Page 27 of 47 FirstFirst ... 17222324252627282930313237 ... LastLast
Results 521 to 540 of 923
Like Tree236Likes
  1. #521  
    Quote Originally Posted by abcama View Post
    Hello Grabber,
    I tried your self-removing IPK, clicking on the link from my TP directly. It went well, opened Preware, asked if I wanted to install, installed the element, removed something, and... no change, still the yellow triangle.
    Did I miss a step? I understood your script was doing all the job, maybe it's not the case? I'm located in France, would that be another script to use?
    Can you please let me know?
    Thanks!
    After installing and letting the ipk remove itself, did you go to Device Info and Open Certification Manager? You need to hit the add cert button on lower left and find the two certs with the most recent date (the date you installed the ipk) and trust them.
  2. awriter's Avatar
    Posts
    70 Posts
    Global Posts
    71 Global Posts
       #522  
    Quote Originally Posted by TJs11thPre View Post
    I defer to the wisdom of the developer, as i am also a shell that does nothing!
    Not true! Thanks to your detailed instructions I ran WTerm again and with Grabber's script was able to get the new certs last night. Reboot - and the Invalid Cert icon (and yellow triangle) were gone. Thank you!

    Didn't even have to delete the old certs. Should I?

    Will put Grabber's new script on the TP and use it the next time this happens. In two days probably.
    TJs11thPre likes this.
  3. #523  
    Hello Grabber,
    I tried your self-removing IPK, clicking on the link from my TP directly. It went well, opened Preware, asked if I wanted to install, installed the element, removed something, and... no change, still the yellow triangle.
    Did I miss a step? I understood your script was doing all the job, maybe it's not the case? I'm located in France, would that be another script to use?
    Can you please let me know?
    Thanks!
    I think you still need to add the certificates in the Certificate Manager manually for now!


    -- Sent from my TouchPad Go using Communities
    HP Veer (daily driver), HP Pre 3, HP Touchpad Proper 4G/LTE (Sierra MC7710), HP Touchpad 32GB WiFi, Palm Pre 2
  4. #524  
    Quote Originally Posted by TJs11thPre View Post
    If we will need to use it each time the triangles return, why self removing? Its going to draw new certs on each activation, right?
    Just bookmark the ipk link. Thanks, Matt.
    Sent via HP TouchPad using Forums
    TJs11thPre likes this.
  5. #525  
    Quote Originally Posted by Grabber5.0 View Post
    You don't need to ever open the app. It downloads the new certs when you install it and then removes itself so it can be reinstalled every time the certs need updated. You can copy the ipk to your phone and install with Preware or Internalz Pro instead of running the script. It is to make things easier for people that are not comfortable with the command line.
    Heck I prefer the command line ala WTerm. My TP is android dual boot so every time I need to Grab Certs, I can also reinitialize A6 firmware to keep battery nice and healthy which needs to be done every so often. I Kill 2 birds with one stone.
  6. #526  
    Quote Originally Posted by palmpre06062009 View Post
    Just bookmark the ipk link. Thanks, Matt.
    Just to clarify for those taking notes (I'm just summarising what I've read above), it's easier to run the script as part of the installation process than to build an app that runs it, so this 'one-time' shell app is then uninstalled.

    If you leave the installation package (IPK) in your USB area, you can simply install with Preware as needed - no need to bookmark and re-download everytime. The app does not get updated with a new copy of the certificate; it downloads the latest one (to the 'sslcerts' folder) as part of the install process - it's the same as running the script from the command line, but you don't have to run wterm and enter the run command.

    So, you can:
    • Type a command into the command line to download the certificates. Or...
    • Use a script of the commands - so you just have to run the script. Or...
    • Install the app as needed - so you don't need to type anything.


    Each of the above methods does require that you approve the certificates in the certificate manager (found in the app menu of the device info app). I'll edit this if I've got any of that wrong! EDIT: Oh, yeah: You should delete the old certificates from the 'sslcerts' folder each time you update (see post 528 below).

    This solution should be good enough for a couple of months until (hopefully) Google calms down and the certificate updates become far less frequent. By then it may be that an app with a simple 'push-button' download is developed and will only be needed every few months or even years.

    It is unlikely the underlying cause will be fixed as it will be a big patch to a partly proprietary system (not all the original code can be read and studied). Other parts of the underlying system are also dated and the majority of those with the skills and inclination to make repairs have made the logical choice to work on LuneOS, which is fully open source and can have updates baked into new releases rather than being grafted on. Thanks again to Grabber5.0 for keeping the legacy version going.

    The hardware is also ageing. At this time, new hardware needs to be pre-existing, with open source driver code. For the most part, in mobile terms, that means Android hardware.

    I've no idea when LuneOS will be 'ready for action', but hopefully it will be before an issue occurs with webOS that will be too difficult to fix or work around. For those who wish to continue using webOS in the future, LuneOs is currently the only option and in many ways is already better with more features.
    Last edited by Preemptive; 09/03/2015 at 08:31 PM.
    Grabber5.0 and tiaf1one like this.
  7. #527  
    Hmmm...I have googles 1 through 4 .pem installed, as well as Grabber's ipk certs, but can't seem to sign in. Have to mention that I deleted my gmail on my Touchpad. Do I need 5 and 6 for this to work?
  8. #528  
    You only ever need ONE imap.gmail.com cert and sometimes the smtp.gmail.com cert. I haven't needed that on any phone except a 2.1 meta-dr Sprint Pre. The IPK just downloads new certs, it does not install them for you. The error today is slightly different than it has been, so that has me a bit worried they did something else..

    You guys that have been keeping all of the old, invalid certs installed are not doing yourselves any favors. They are no good, there is absolutely no reason to keep them around!
  9. #529  
    Quote Originally Posted by Grabber5.0 View Post
    You only ever need ONE imap.gmail.com cert and sometimes the smtp.gmail.com cert. I haven't needed that on any phone except a 2.1 meta-dr Sprint Pre. The IPK just downloads new certs, it does not install them for you. The error today is slightly different than it has been, so that has me a bit worried they did something else..

    You guys that have been keeping all of the old, invalid certs installed are not doing yourselves any favors. They are no good, there is absolutely no reason to keep them around!
    Oh, okay, gotcha. I did trust the new certs, so I guess I'll delete the old certs and see what that does.
  10. #530  
    Quote Originally Posted by Chairman Honeycrisp View Post
    Oh, okay, gotcha. I did trust the new certs, so I guess I'll delete the old certs and see what that does.
    You may have to remove them all and re-add the last one.. when I've had multiples and removed the old ones, it would not work until I removed the last one and re-added it.
  11. #531  
    I seriously doubt Google is going to change its policy with regard to frequent cert updates any time soon. It is my understanding that Internet security is becoming a major consideration...especially for an enterprise that is posting a secure website or secure email program. Times are changing, and now everyone is facing the issue of hackers and eves droppers. And so it seems, this is a cat and mouse game with no end in sight, and Google is running full speed ahead with the updates. Fortunately, the smarter and more experienced guys on this forum do have the ability to keep Webos alive and well.
  12. #532  
    Quote Originally Posted by jclin4 View Post
    After installing and letting the ipk remove itself, did you go to Device Info and Open Certification Manager? You need to hit the add cert button on lower left and find the two certs with the most recent date (the date you installed the ipk) and trust them.
    Hi jclin4, how do you "go to Device Info and Open Certification Manager? "? I looked for that on my TP, and didn't find it.
    I found the "Gmail SSL Certificate Updater" icon, but it opens a blank screen in a Pre-like format, nothing in it I could accept a certificate from....
    Can you drive me step by step ? Thanks, and sorry to be such a dummy !
  13. #533  
    Quote Originally Posted by abcama View Post
    Hi jclin4, how do you "go to Device Info and Open Certification Manager? "? I looked for that on my TP, and didn't find it.
    I found the "Gmail SSL Certificate Updater" icon, but it opens a blank screen in a Pre-like format, nothing in it I could accept a certificate from....
    Can you drive me step by step ? Thanks, and sorry to be such a dummy !
    See above: This post

    Each of the above methods does require that you approve the certificates in the certificate manager (found in the app menu of the device info app).
    The device info app is in the settings tab of your app launcher - or just type, 'device' in the universal search bar. On any app you should see a tab in the top left of the screen containing the app's name and a down-pointing arrow. Swipe your finger down over this to see a menu. Tap on 'certificate manager'. In the card that opens, tap the 'rosette'-like button at the bottom left to add new certificates to the approved list.
    Last edited by Preemptive; 09/04/2015 at 04:48 AM.
  14. #534  
    Quote Originally Posted by Preemptive View Post
    See above: This post



    The device info app is in the settings tab of your app launcher - or just type, 'device' in the universal search bar. On any app you should see a tab in the top left of the screen containing the app's name and a down-pointing arrow. Swipe your finger down over this to see a menu. Tap on 'certificate manager'. In the card that opens, tap the 'rosette'-like button at the bottom left to add new certificates to the approved list.
    Thanks, it worked perfectly well, as soon I I understood what to do!
    You're masters here in this forum for dummies like me, thanks again!
  15. #535  
    BTW, does that work as well on the Pre2? Then the solution would be just perfect!
  16. #536  
    Yes it works on all devices. You can patch cert manager's appinfo.Jon file too so the icon is available in the launcher.
  17. #537  
    Matt, not sure you've seen these? Might be able to allow you to add certificates from command line this way

    luna-send -n 1 luna://com.palm.certificatemanager/addcrl '{"url":"http://crl.palm-contentid.pp.trustcenter.de/crl/v2/palmcontentid-CA-I.crl"}'
    And
    var args = {'certificateFilename': this.details.certificateFilename};

    if(this.details.passkey)
    args.passphrase = this.details.passkey;

    Mojo.Log.info("cert install trust ", Object.toJSON(args));
    var request = this.controller.serviceRequest('palm://com.palm.certificatemanager', {
    method: 'addcertificate',
    parameters: args,
    onSuccess: function(response){
    Mojo.Log.info("addcert response " + Object.toJSON(response));
    this.controller.stageController.popScenesTo('list');
    }.bind(this),
    The second one you should be able to rewrite as a proper luna-send from command line as well:

    Should look something like:

    luna-send -n 1 palm://com.palm.certificatemanager/addcertificate '{"certificateFilename":"path/to/mycert.cer"}'

    I haven't tested this yet, but might work like that from command line. For the first one you might need to substitute url with file for it to work, not sure.
    HP Veer (daily driver), HP Pre 3, HP Touchpad Proper 4G/LTE (Sierra MC7710), HP Touchpad 32GB WiFi, Palm Pre 2
    Preemptive likes this.
  18. #538  
    Quote Originally Posted by Herrie View Post
    Matt, not sure you've seen these? Might be able to allow you to add certificates from command line this way



    And

    The second one you should be able to rewrite as a proper luna-send from command line as well:

    Should look something like:

    luna-send -n 1 palm://com.palm.certificatemanager/addcertificate '{"certificateFilename":"path/to/mycert.cer"}'

    I haven't tested this yet, but might work like that from command line. For the first one you might need to substitute url with file for it to work, not sure.
    No, I hadn't seen those. I'll check it out. What site did they come from? I'd like to be able to remove the old ones too if possible. For the folks whose cert manager isn't working, this may or may not work, depending on where the problem lies.
    Preemptive likes this.
  19. #539  
    To make getting to the cert manager a bit faster, here are patches for phone and Touchpad to unhide the icon. The back button on the Touchpad cert manager screen will take you to a blank card, so just toss it away when you are done instead of hitting the back button.
    Attached Files Attached Files
    Preemptive likes this.
  20. #540  
    Quote Originally Posted by Grabber5.0 View Post
    No, I hadn't seen those. I'll check it out. What site did they come from? I'd like to be able to remove the old ones too if possible. For the folks whose cert manager isn't working, this may or may not work, depending on where the problem lies.
    These come from the Doctor. Was just searching for certificate manager references and came across these bits of code. So thought they might be of interest. Seems that the first one is used to add the root certificate when the device is being setup

    I'll have a look. There should be a luna-send command for that too. Just the certificate manager API isn't documented so need to go by code and binaries
    HP Veer (daily driver), HP Pre 3, HP Touchpad Proper 4G/LTE (Sierra MC7710), HP Touchpad 32GB WiFi, Palm Pre 2
    Preemptive likes this.

Similar Threads

  1. Replies: 23
    Last Post: 09/04/2015, 11:51 AM
  2. "Requested encryption not supported by server"
    By freebirds in forum webOS Tips, Info & Resources
    Replies: 14
    Last Post: 02/28/2015, 07:33 AM
  3. Replies: 3
    Last Post: 11/10/2014, 04:31 AM
  4. CM9 Encryption Unsuccessful Touchpad Error
    By JackisBack in forum Android on webOS
    Replies: 6
    Last Post: 08/04/2012, 11:51 AM
  5. Can not access 128 encryption server (sercurity) error code 18
    By quedawg in forum Palm OS Devices & Apps
    Replies: 0
    Last Post: 02/06/2005, 02:16 PM

Posting Permissions