Archive for the ‘Windows’ Category

Biztalk 2016 wants to disable private key protection

Biztalk 2016 failed to receive AS/2 messages with this error:

The MIME encoder failed to sign the message because the certificate has private key protection turned on or the private key does not exist. Please disable private key protection to allow BizTalk to use a certificate for signing.

Sounds straightforward except that private key protection was disabled already. And the user profile for the Biztalk user was loaded, nothing wrong there. I went through the documentation several times, nothing wrong. Finally I found that it was the cryptographic provider.

Basically the problem is that Biztalk 2016 still relies on the ancient .NET 3.5, which lacks support for KSP. Check the certificate:

certutil -p password cert.pfx

If it says “Provider = Microsoft Software Key Storage Provider” then Biztalk will fail and complain about private key protection. Fix it with openssl:

openssl pkcs12 -in my-original-cert.pfx -out temp.pem
openssl pkcs12 -export -in temp.pem -out my-fixed-cert.pfx

Import my-fixed-cert.pfx to the personal certificate store (and if self-signed also import as CA key). Update Biztalk to use the updated certificate and hopefully the problem should be solved. If you are starting from scratch, specify the old provider instead:

New-SelfSignedCertificate -Provider "Microsoft Strong Cryptographic Provider" ...
Categories: Windows

Install .NET 3.5 on Windows Server 2016 for Biztalk

Why would Windows Server 2016 need .NET 3.5? Well, ask Microsoft as it is needed for Biztalk 2016, a product that also requires an old SQL Server version (will not install on 2017) with Windows authentication. Anyway, put that aside. We need it and it should be a simple thing to add the feature. Unfortunately it is not. The wizard complains that it can’t find the files.

After some digging I managed to get it to work. First of all, open the group policy editor (gpedit). Navigate to Local Computer Policy -> Computer Configuration -> Administrative templates -> System -> Specify settings for optional component installation and component repair. Change the option to Enabled with “Download repair content…” on. Exit the application and run in a command prompt as administrator:

dism /online /enable-feature /featurename:NetFX3 /all /LimitAccess

Hopefully that should do the job. Phew!

Categories: Windows

Windows 10 update issues

With Windows 10 there is no easy way to block an update. If Windows Update thinks you need it, well then there you are. Perhaps that is good, perhaps it is bad. I don’t like it. However, it turns out to be particularly nasty if an update fails!

In my case the printer driver for HP LaserJet CM1415 had a new version, but the update consistently failed. Not a big deal, the old driver worked well – or so I thought. Unfortunately the failure to install this one update caused Windows Update to ignore all others. It would keep trying with the printer driver every and keep failing. As a result none of the really important updates got through. So, if an update fails, don’t ignore it.

When that had been solved the Anniversary Update started, but consistently failed with a black screen. It took me some time to determine why. Apparently it didn’t play well with TrueCrypt (Windows Home does not support Bitlocker). Decrypting the drive for the update solved the issue.

Categories: Windows

Microsoft finally got something right, bash on Windows!

I’m still on Windows 7. It was a great OS. It is becoming less great with nagging and spying upgrades from Microsoft, but it works well and I hated Windows 8. Windows 10 seems a bit better, but it is still inferior to Windows 7 in my view. Or was until now! Finally Microsoft seems to have found a killing feature: native bash on Windows, supported by Canonical (Ubuntu). Read more in this blog. Perhaps it is time to upgrade?

Categories: Windows

Windows-like keyboard shortcuts in Linux Eclipse

I have worked with Windows as my main development platform since Windows 3.1 and the keyboard shortcuts are hardwired by now. Unfortunately Microsoft has failed utterly. In my opinion Windows 7 is the pinnacle from a usability standpoint, Windows 8 was a disaster and Windows 10 is not that much of an improvement. It is time to move on, in particular as Microsoft seems determined to spy on customers.

Java is cross-platform, so I can use Linux. It works well and bash is great, but the keyboard shortcuts are plain wrong. Fortunately there is a solution. For example, to expand a treeview in Eclipse StackOverflow recommends this for GTK 2:

binding "gtk-binding-tree-view" {
    bind "j"        { "move-cursor" (display-lines, 1) }
    bind "k"        { "move-cursor" (display-lines, -1) }
    bind "h"        { "expand-collapse-cursor-row" (1,0,0) }
    bind "l"        { "expand-collapse-cursor-row" (1,1,0) }
    bind "o"        { "move-cursor" (pages, 1) }
    bind "u"        { "move-cursor" (pages, -1) }
    bind "g"        { "move-cursor" (buffer-ends, -1) }
    bind "y"        { "move-cursor" (buffer-ends, 1) }
    bind "p"        { "select-cursor-parent" () }
    bind "Left"     { "expand-collapse-cursor-row" (0,0,0) }
    bind "Right"    { "expand-collapse-cursor-row" (0,1,0) }
    bind "semicolon" { "expand-collapse-cursor-row" (0,1,1) }
    bind "slash"    { "start-interactive-search" () }
class "GtkTreeView" binding "gtk-binding-tree-view"

And this for GTK 3:

@binding-set MyTreeViewBinding {
    bind "Left"     { "select-cursor-parent" ()
                      "expand-collapse-cursor-row" (0,0,0) };
    bind "Right"    { "expand-collapse-cursor-row" (0,1,0) };
GtkTreeView {
    gtk-key-bindings: MyTreeViewBinding;

With Ubuntu the files to edit are found below /usr/share/themes.

Categories: Java, Linux, Windows

Remove the “Get Windows 10” icon

Since I keep doing this for one Windows computer after another, here goes. Microsoft “helpfully” advertises the Windows 10 upgrade by installing a tray icon for Windows 7 and 8 users through Windows Update. It is annoying and it steals CPU cycles, so let’s get rid of it. There is a good explanation here, but in summary uninstall KB3035583 and then mark the update as hidden.

To uninstall from an administrator command prompt:

wusa /uninstall /kb:3035583
Categories: Windows

Chocolatey brings package management to Windows

Finally there is a package manager like apt-get or yum for Windows! Chocolatey can install and upgrade applications with simple commands, very similar to the Linux equivalents. For example, install the native Windows docker client with choco install docker and keep it up to date with choco upgrade docker. Highly recommended.

Categories: Windows