Search Results

Search found 3588 results on 144 pages for 'digital certificate'.

Page 28/144 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • Will Your Brand Survive the Age of Digital Darwinism?

    - by Christie Flanagan
    It’s the end of business as usual.  Trends such as the mobile web, social media, gamification and real-time are forcing businesses to rethink the way they operate.  At the same time, people are embracing a new digital culture across ever expanding networks.  Together, these trends have given rise to a new breed of connected consumer, one that is ready to shake the very foundation of business today.  This is the age of Digital Darwinism – where society and technology evolve faster than your ability to adapt.  How well poised is your brand to survive and thrive in this new environment? Attend this webcast to hear Altimeter Group digital analyst and futurist, Brian Solis, discuss the rise of connected consumerism and learn how brands can survive Digital Darwinism by better understanding customer expectations, disruptive technology, and the new opportunities that arise from them. You will learn: How brands are being redefined in the digital consumer landscape and what they can do to create and steer these experiences Why consumer influence is growing and how businesses can use this to their advantage How to connect with a rising audience through new touchpoints between consumers, brands, and influencers Why you need to create a culture of change to earn trust, influence and significance among today’s connected customers Register now.

    Read the article

  • iPack -The iOS Application Packager

    - by user13277780
    iOS applications are distributed in .ipa archive files. These files are regular zip files which contain application resources and executable-s. To protect them from unauthorized modifications and to provide identification of their sources, the content of the archives is signed. The signature is included in the application executable of an.ipa archive and protects the executable file itself and the associated resource files. Apple provides native Mac OS tools for signing iOS executable-s (which are actually generic Mach-O code signing tools), but these tools are not generally available on other platforms. To provide a multi-platform development environment for JavaFX based iOS applications, we ported iOS signing and packaging to Java and created a dedicated ipack tool for it. The iPack tool can be used as a last step of creating .ipa package on various operating systems. Prototype has been tested by creating a final distributable for JavaFX application that runs on iPad, all done on Windows 7. Source Code The source code of iPac tool is in OpenJFX project repository. You can find it in: <openjfx root>/rt/tools/ios/Maven/ipack To build the iPack tool use: rt/tools/ios/Maven/ipack$ mvn package After building, you can run the tool: java -jar <path to ipack.jar> <arguments>  Signing keystore The tool uses a java key store to read the signing certificate and the associated private key. To prepare such keystore users can use keytool from JDK. One possible scenario is to import an existing private key and the certificate from a key store used on Mac OS: To list the content of an existing key store and identify the source alias: keytool -list -keystore <src keystore>.p12 -storetype pkcs12 -storepass <src keystore password> To create Java key store and import the private key with its certificate to the keys store: keytool -importkeystore \ -destkeystore <dst keystore> -deststorepass <dst keystore password> \ -srckeystore <src keystore>.p12 -srcstorepass <src keystore password> -srcstoretype pkcs12 \ -srcalias <src alias> -destalias <dst alias> -destkeypass <dst key password> Another scenario would be to generate a private / public key pair directly in a Java key store and create a certificate request from it. After sending the request to Apple one can then import the certificate response back to the Java key store and complete the signing certificate entry. In both scenarios the resulting alias in the Java key store will contain only a single (leaf) certificate. This can be verified with the following command: keytool -list -v -keystore <ipack keystore> -storepass <keystore password> When looking at the Certificate chain length entry, the number next to it is 1. When an executable file is signed on Mac OS, the resulting signature (in CMS format) includes the whole certificate chain up to the Apple Root CA. The ipack tool includes only the chain which is stored under the alias specified on the command line. So to have the whole chain in the signature we need to replace the single certificate entry under the alias with the corresponding full certificate chain. To do that we need first to create the chain in a separate file. It is easy to create such chain when working with certificates in Base-64 encoded PEM format. A certificate chain can be created by concatenating PEM certificates, which should form the chain, into a single file. For iOS signing we need the following certificates in our chain: Apple Root CA Apple Worldwide Developer Relations CA Our signing leaf certificate To convert a certificate from the binary DER format (.der, .cer) to PEM format: keytool -importcert -noprompt -keystore temp.ks -storepass temppwd -alias tempcert -file <certificate>.cer keytool -exportcert -keystore temp.ks -storepass temppwd -alias tempcert -rfc -file <certificate>.pem To export the signing certificate into PEM format: keytool -exportcert -keystore <ipack keystore> -storepass <keystore password> -alias <signing alias> -rfc -file SigningCert.pem After constructing a chain from AppleIncRootCertificate.pem, AppleWWDRCA.pem andSigningCert.pem, it can be imported back into the keystore with: keytool -importcert -noprompt -keystore <ipack keystore> -storepass <keystore password> -alias <signing alias> -keypass <key password> -file SigningCertChain.pem To summarize, the following example shows the full certificate chain replacement process: keytool -importcert -noprompt -keystore temp.ks -storepass temppwd -alias tempcert1 -file AppleIncRootCertificate.cer keytool -exportcert -keystore temp.ks -storepass temppwd -alias tempcert1 -rfc -file AppleIncRootCertificate.pem keytool -importcert -noprompt -keystore temp.ks -storepass temppwd -alias tempcert2 -file AppleWWDRCA.cer keytool -exportcert -keystore temp.ks -storepass temppwd -alias tempcert2 -rfc -file AppleWWDRCA.pem keytool -exportcert -keystore ipack.ks -storepass keystorepwd -alias mycert -rfc -file SigningCert.pem cat SigningCert.pem AppleWWDRCA.pem AppleIncRootCertificate.pem >SigningCertChain.pem keytool -importcert -noprompt -keystore ipack.ks -storepass keystorepwd -alias mycert -keypass keypwd -file SigningCertChain.pem keytool -list -v -keystore ipack.ks -storepass keystorepwd Usage When the ipack tool is started with no arguments it prints the following usage information: -appname MyApplication -appid com.myorg.MyApplication     Usage: ipack <archive> <signing opts> <application opts> [ <application opts> ... ] Signing options: -keystore <keystore> keystore to use for signing -storepass <password> keystore password -alias <alias> alias for the signing certificate chain and the associated private key -keypass <password> password for the private key Application options: -basedir <directory> base directory from which to derive relative paths -appdir <directory> directory with the application executable and resources -appname <file> name of the application executable -appid <id> application identifier Example: ipack MyApplication.ipa -keystore ipack.ks -storepass keystorepwd -alias mycert -keypass keypwd -basedir mysources/MyApplication/dist -appdir Payload/MyApplication.app -appname MyApplication -appid com.myorg.MyApplication    

    Read the article

  • How much is modern programming still tied to underyling digital logic?

    - by New Talk
    First of all: I've got no academic background. I'm working primarily with Java and Spring and I'm also fond of web programming and relational databases. I hope I'm using the right terms and I hope that this vague question makes some sense. Today the following question came to my mind: How much is modern programming still tied to the underlying digital logic? With modern programming I mean concepts like OOP, AOP, Java 7, AJAX, … I hope you get the idea. Do they no longer need the digital logic with which computers are working internally? Or is binary logic still ubiquitous when programming this way? If I'd change the inner workings of a computer overnight, would it matter, because my programming techniques are already that abstract? P. S.: With digital logic I mean the physical representation of everything "inside" the computer as zeroes and ones. Changed "binary" to "digital".

    Read the article

  • Are Chief Digital Officers the Result of CMO/CIO Refusal to Change?

    - by Mike Stiles
    Apparently CDO no longer just stands for “Collateralized Debt Obligations.”  It stands for Chief Digital Officer. And they’re the ones who are supposed to answer the bat signal CEO’s are throwing into the sky, swoop in and POW! drive the transition of the enterprise to integrated digital systems. So imagine being a CMO or a CIO at such an enterprise and realizing it’s been determined that you are not the answer that’s needed. In fact, IntelligentHQ author Ashley Friedlein points out the very rise of the CDO is an admission of C-Suite failure to become savvy enough, quickly enough in modern technology. Is that fair? Despite the repeated drumbeat that CMO’s and CIO’s must enter a new era of cooperation and collaboration to enact the social-enabled enterprise, the verdict seems to be that if it’s happening at all, it’s not happening fast enough. Therefore, someone else is needed with the authority to make things happen. So who is this relatively new beast? Gartner VP David Willis says, “The Chief Digital Officer plays in the place where the enterprise meets the customer, where the revenue is generated, and the mission accomplished.” In other words, where the rubber meets the road. They aren’t just another “C” heading up a unit. They’re the CEO’s personal SWAT team, able to call the shots necessary across all units to affect what has become job one…customer experience. And what are the CMO’s and CIO’s doing while this is going on? Playing corporate games. Accenture reports 38% of CMOs say IT deliberately keeps them out of the loop, with 35% saying marketing’s needs aren’t a very high priority. 31% of CIOs say marketers don’t understand tech and regularly go around them for solutions. Fun! Meanwhile the CEO feels the need to bring in a parental figure to pull it all together. Gartner thinks 25% of all orgs will have a CDO by 2015 as CMO’s and particularly CIO’s (Peter Hinssen points out many CDO’s are coming “from anywhere but IT”) let the opportunity to be the agent of change their company needs slip away. Perhaps most interestingly, these CDO’s seem to be entering the picture already on the fast track. One consultancy counted 7 instances of a CDO moving into the CEO role, which, as this Wired article points out, is pretty astounding since nobody ever heard of the job a few years ago. And vendors are quickly figuring out that this is the person they need to be talking to inside the brand. The position isn’t without its critics. Forrester’s Martin Gill says the reaction from executives at some traditional companies to someone being brought in to be in charge of digital might be to wash their own hands of responsibility for all things digital – a risky maneuver given the pervasiveness of digital in business. They might not even be called Chief Digital Officers. They might be the Chief Customer Officer, Chief Experience Officer, etc. You can call them Twinkletoes if you want to, but essentially anyone who has the mandate direct from the CEO to enact modern technology changes not currently being championed by the CMO or CIO can be regarded as “boss.” @mikestiles @oraclesocialPhoto: freedigitalphotos.net

    Read the article

  • Adobe e-book reader ("Digital Editions") not downloading on Mac OS X

    - by doug
    i recently bought a couple of books from ebooks.com, which i thought would be ordinary pdf files. After paying for them, and downloading them, you learn that while they are pdf files, they come with a lot of DRM baggage. The most conspicuous is that you can only view these files using an Adobe ebook reader called Adobe Digital Editions. (Note: this is not the ordinary Adobe Acrobat Reader, or anything close--it's a dedicated app for reading DRM-laden files. Fine--i'll know better next time. Still, i paid for these books and there's only one way i can actually read them, which happens to be an App that i seem to be unable to download. Here's the error message i get: "Couldn't write the application to the hard disk. Please verify the hard disk is available and try again" I've tried on several different browsers. My rig is a MBP, OS X 10.6.2. I've also checked the Adobe boards and this doesn't appear to be a known issue, nor could i find anything on their discussion forums. And just to be sure, i've checked my hard disk--no problems, plenty of space, and i have no problem, nor have i ever downloading other apps.

    Read the article

  • Postfix certificate verification failed for smtp.gmail.com

    - by Andi Unpam
    I have problem, my email server using postfix with gmail smtp, i use account google apps, but always ask for SASL authentication failed, I sent an email using php script, after I see the error logs in the wrong password, after I open the URL from the browser and no verification postfixnya captcha and could return, but after 2-3 days later happen like that again. This my config postfix #myorigin = /etc/mailname smtpd_banner = Hostingbitnet Mail Server biff = no append_dot_mydomain = no readme_directory = no myhostname = webmaster.hostingbitnet.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = localhost, webmaster.hostingbitnet.com, localhost.localdomain, 103.9.126.163 relayhost = [smtp.googlemail.com]:587 relay_transport = relay relay_destination_concurrency_limit = 1 mynetworks = 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/16, 10.0.0.0/8, 103.9.126.0/24 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all default_transport = smtp relayhost = [smtp.gmail.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/google-apps smtp_sasl_security_options = noanonymous smtp_use_tls = yes smtp_sender_dependent_authentication = yes tls_random_source = dev:/dev/urandom default_destination_concurrency_limit = 1 smtp_tls_CAfile = /etc/postfix/tls/root.crt smtp_tls_cert_file = /etc/postfix/tls/cert.pem smtp_tls_key_file = /etc/postfix/tls/privatekey.pem smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache smtp_tls_security_level = may smtp_tls_loglevel = 1 smtpd_tls_CAfile = /etc/postfix/tls/root.crt smtpd_tls_cert_file = /etc/postfix/tls/cert.pem smtpd_tls_key_file = /etc/postfix/tls/privatekey.pem smtpd_tls_session_cache_database = btree:$data_directory/smtpd_tls_session_cache smtpd_tls_security_level = may smtpd_tls_loglevel = 1 #secure smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,check_client_access hash:/var/lib/pop-before-smtp/hosts,reject_unauth_destination Log from mail.log Oct 30 14:51:13 webmaster postfix/smtp[9506]: Untrusted TLS connection established to smtp.gmail.com[74.125.25.109]:587: TLSv1 with cipher RC4-SHA (128/128 bits) Oct 30 14:51:15 webmaster postfix/smtp[9506]: 87E2739400B1: SASL authentication failed; server smtp.gmail.com[74.125.25.109] said: 535-5.7.1 Please log in with your web browser and then try again. Learn more at?535 5.7.1 https://support.google.com/mail/bin/answer.py?answer=78754 ix9sm156630pbc.7 Oct 30 14:51:15 webmaster postfix/smtp[9506]: setting up TLS connection to smtp.gmail.com[74.125.25.108]:587 Oct 30 14:51:15 webmaster postfix/smtp[9506]: certificate verification failed for smtp.gmail.com[74.125.25.108]:587: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority Oct 30 14:51:16 webmaster postfix/smtp[9506]: Untrusted TLS connection established to smtp.gmail.com[74.125.25.108]:587: TLSv1 with cipher RC4-SHA (128/128 bits) Oct 30 14:51:17 webmaster postfix/smtp[9506]: 87E2739400B1: to=<[email protected]>, relay=smtp.gmail.com[74.125.25.108]:587, delay=972, delays=967/0.03/5.5/0, dsn=4.7.1, status=deferred (SASL authentication failed; server smtp.gmail.com[74.125.25.108] said: 535-5.7.1 Please log in with your web browser and then try again. Learn more at?535 5.7.1 https://support.google.com/mail/bin/answer.py?answer=78754 s1sm3850paz.0) Oct 30 14:51:17 webmaster postfix/error[9508]: B3960394009D: to=<[email protected]>, orig_to=<root>, relay=none, delay=29992, delays=29986/5.6/0/0.07, dsn=4.7.1, status=deferred (delivery temporarily suspended: SASL authentication failed; server smtp.gmail.com[74.125.25.108] said: 535-5.7.1 Please log in with your web browser and then try again. Learn more at?535 5.7.1 https://support.google.com/mail/bin/answer.py?answer=78754 s1sm3850paz.0) BTW I made cert follow the link here http://koti.kapsi.fi/ptk/postfix/postfix-tls-cacert.shtml and it worked, but after 2/3 days my email back to problem invalid SASL, and then i'm required to log in use a browser and enter the captcha there but success log in after input captcha, and my email server can send emails from telnet or php script. but it will be back in trouble after 2/3days later. My question is how to make it permanent certificate? Thanks n greeting.

    Read the article

  • OpenSSL x509 Purpose flag "Any Purpose" What is this?

    - by Nick
    Looking at the details of a certificate using the following: openssl x509 -noout -text -purpose -in mycert.pem I find a bunch of purpose flags (which I've discovered are set by the various extensions attached to a certificate). One of these purpose flags is "Any Purpose". I can't seem to find ANY documentation on this flag and why or why not it is set. Do any of you know where I can find more information on this purpose and what it means? Thanks,

    Read the article

  • Can I use my existing SSL certificates on a new server with Plesk?

    - by Wil
    We are migrating to a Virtual Private Server running on Ubuntu 8.04 LTS and with a Plesk configuration panel. We have some valid SSL certificates on the old server, which I would like to use on the new configuration. I have the CSR, private key, certificate and CA-certificate. I cannot find a way to change the CSR and private key in the Plesk configuration panel. Anyone know, if this is possible and how?

    Read the article

  • What is this warning message all about?

    - by brilliant
    Why is it so that every time when i start "FireFox", this message pops up: advisordb.wmtransfer.com: 443 uses an invalid security cetificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer) I guess it has to do with "WebMoney" that I had installed on my computer. But I have already uninstalled it, yet this message still pops up.

    Read the article

  • OpenSSL x509 Purpose flag "Any Purpose" What is this?

    - by Nick
    Looking at the details of a certificate using the following: openssl x509 -noout -text -purpose -in mycert.pem I find a bunch of purpose flags (which I've discovered are set by the various extensions attached to a certificate). One of these purpose flags is "Any Purpose". I can't seem to find ANY documentation on this flag and why or why not it is set. Do any of you know where I can find more information on this purpose and what it means? Thanks,

    Read the article

  • How to update cURL CA bundle on RedHat?

    - by Andrew
    I am running into issues where the CA bundle that has been bundled with my version of cURL is outdated. curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html Reading through the documentation didn't help me because I didn't understand what I needed to do or how to do it. I am running RedHat and need to update the CA bundle. What do I need to do to update my CA bundle on RedHat?

    Read the article

  • cURL or SSL problems, how to solve?

    - by deadman
    I keep getting this error: No cURL data returned for https://XXX.XXXX.XXX:XXXX [0] SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed I am not sure, or I could say, I dont know what is this problem. And how to solve this? Please help!

    Read the article

  • Apache certificates for some urls not working

    - by Vegaasen
    We are having a rather strange problem with a Apache-installation. Here is a short summary: Currently I'm setting up Apache with https, and server-certificates. This is fairly easy and works straight out of the box - as expected. This is the configuration for this setup: Listen 443 SSLEngine on SSLCertificateFile "/progs/apache/ssl/example-site.no.pem" SSLCertificateKeyFile "/progs/apache/ssl/example-site.no.key" SSLCACertificateFile "/progs/apache/ssl/ca/example_root.pem" SSLCADNRequestFile "/progs/apache/ssl/ca/example_intermediate.pem" SSLVerifyClient none SSLVerifyDepth 3 SSLOptions +StdEnvVars +ExportCertData RequestHeader set ssl-ClientCert-Subject-CN "%{SSL_CLIENT_S_DN}s" RewriteEngine On ProxyPreserveHost On ProxyRequests On SSLProxyEngine On ... <LocationMatch /secureStuff/$> SSLVerifyClient require Order deny,allow Allow from All </LocationMatch> ... <Proxy balancer://exBalancer> Header add Set-Cookie "EX_ROUTE=EB.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED BalancerMember http://10.0.0.1:7200 route=ee1 retry=300 flushpackets=off keepalive=on BalancerMember http://10.0.0.2:7200 route=ee2 retry=300 flushpackets=off keepalive=on status=+H ProxySet stickysession=EX_ROUTE scolonpathdelim=Off timeout=10 nofailover=off failonstatus=505 maxattempts=1 lbmethod=bybusyness Order deny,allow Allow from all </Proxy> RewriteCond %{REQUEST_URI} !^/index.html [NC] RewriteRule ^/(.*)$ balancer://exBalancer/$1 [P,NC] ProxyPassReverse / balancer://exBalancer/ Header edit Set-Cookie "(.*)" "$1;HttpsOnly" ... So - everything works fine and as expected for all of the pages that are not a part of the LocationMatch-directive. When requesting something that matches the LocationMatch-directive, I'm asked for a certificate (hence the SSLVerifyClient required attribute) - and getting all the correct certificates in my browser that is based on the root/intermediate chain. After choosing a certificate and clicking "OK", this is what pops up in the apache logs: [ssl:info] [pid 9530:tid 25] [client :43357] AH01998: Connection closed to child 86 with abortive shutdown ( [Thu Oct 11 09:27:36.221876 2012] [ssl:debug] [pid 9530:tid 25] ssl_engine_io.c(1171): (70014)End of file found: [client 10.235.128.55:45846] AH02007: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] And this just spams the logs. What is happening here? I can see this configuration working on my local machine, but not on one of our servers. There is no configration differences between the servers, only minor application-wise-changes. I've tried the following: 1) Removing CA-certificate-checking (works) 2) Adding required CA-certificate for the whole site (works) 3) Adding "SSLVerifyClient optional" does not work 4) ++ Server/Application Information Local: -OpenSSL v.1.0.1x -Apache 2.4.3 -Ubuntu -mpm: event -every configuration should be turned on (failing) server: -OpenSSL 0.9.8e -Apache 2.4.2 -SunOS -mpm: worker -every configuration should be turned on Please let me know if more information is needed, I'll provide it instantly. Brief sum-up: -Running apache 2.4 -Server certificates works just fine -Client certificates for some /Locations does not work, fails with errors PS: Could it be related with the OpenSSL version and the "Renegotiation" stuff related to TLS/SSLv3?

    Read the article

  • Plesk SSL Certificate (Default cert when SSL enabled, CORRECT cert when SSL is disabled)

    - by hztetra
    I'm running Plesk 8.6.0: I have an SSL cert installed through Plesk's admin interface. But I have a bit of an issue: When I enabled SSL for the site, and selected my cert, then restart httpd, Plesk defaults to using my self-signed default certificate. Conversely, when I disable SSL support for the domain, all of a sudden Plesk is using my new SSL certificate. Unfortunately, when I try to view any folder on the site (mydomain.tld/folder) I'm simply met with a 404 (with files placed both in httpdocs and httpsdocs). I switch SSL support back on, and Plesk defaults back to the default self-signed cert and I can then view the folders that were not previously accessible. Any ideas? One further note: I tried following http://kb.parallels.com/en/939 . Once I tried to restart httpd with the edited ssl.conf file, I received an httpd could not start error. I restored the original ssl.conf file, and still received the could not start error. So as of now, I am running without an ssl.conf file. The following is the error I receive when I attempt to reintroduce ssl.conf: Starting httpd: [Mon Aug 23 15:45:40 2010] [warn] module ssl_module is already loaded, skipping (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443 no listening sockets available, shutting down Unable to open logs

    Read the article

  • How to make prevent public key inside jar to be saved using Java code

    - by Abhijith V R
    After signing a jar , we can retrieve the public keys from jar using Certificate[] cert = jarentry.getCertificates(); Once certificate is extracted we can save this to a new keystore as trusted cert. Once this is done , then second user can sign any jar using this certificate , isn't ? I want to distribute content as jars , contents will contain properties files for a application init. I want to make sure that an user is not capable to rebuilding the property files using the certificate he extracted from jarentry. In the code which reads the jar contents i am checking that jar is signed with my certificate only and also checking that jar is not tampered with . But the issue came to my mind that if i am able to extract the cerificate from jar then why don;t a third guy ? Can any one help me in this............

    Read the article

  • CC.NET + SVN : Server certificate issue

    - by MSI
    I am trying to setup Continuous Integration in our office. Being a puny little developer I am facing this supposedly infamous problem: " Source control operation failed: svn: OPTIONS of 'https://trunkURL': Server certificate verification failed: issuer is not trusted" So I tried the following solution - Run CC.NET service (server running as win service) using a domain account (rather than default LOCAL SYSTEMS) and accept cert permanently using command prompt under that user by using svn log/list on the repo. Doesn't help :(. I am getting the following from my artifact/log files(or dashboard) ThoughtWorks.CruiseControl.Core.CruiseControlException: Source control operation failed: svn: OPTIONS of 'https://TrunkURL': Server certificate verification failed: issuer is not trusted (https://ServerAdd) . Process command: E:\(svn.exe Path) log https://TrunkURL -r "{2010-11-08T02:12:20Z}:{2010-11-08T02:13:21Z}" --verbose --xml --no-auth-cache --non-interactive at ThoughtWorks.CruiseControl.Core.Sourcecontrol.ProcessSourceControl.Execute(ProcessInfo processInfo) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.Svn.GetModifications(IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.QuietPeriod.GetModificationsWithLogging(ISourceControl sc, IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.QuietPeriod.GetModifications(ISourceControl sourceControl, IIntegrationResult lastBuild, IIntegrationResult thisBuild) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.GetModifications(IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.Integrate(IntegrationRequest request) We are using VisualSVN Server and CC.NET for this adventure. Tips, suggestions will be highly appreciated. Thanks

    Read the article

  • x509 certificate verification in C

    - by sid
    Hi All, I do have certificates in DER and PEM format, My goal is to retrieve the fields of Issuer and Subject And verify the Certificate with the CA public key and simultaneously verify CA certificate with the Root public key. I am able to retrieve all the details of issuer and subject But unable to verify the certificate. Please help. The API's used, x509 = d2i_X509_fp (fp, &x509); //READING DER Format x509 = PEM_read_X509 (fp, &x509, NULL, NULL); //READING PEM Format X509_NAME_oneline(X509_get_subject_name(x509), subject, sizeof (subject)); //to retrive the Subject X509_NAME_oneline(X509_get_issuer_name(x509), issuer, sizeof (issuer)); //to retrive the Issuer // to store the CA public key (in unsigned char *key)that will be used to verify the certificate (My case Always sha1WithRSAEncryption) RSA *x = X509_get_pubkey(x509)->pkey.rsa; bn = x->n; //extracts the bytes from public key & convert into unsigned char buffer buf_len = (size_t) BN_num_bytes (bn); stored_CA_pubKey = (unsigned char *)malloc (buf_len); i_n = BN_bn2bin (bn, (unsigned char *)stored_CA_pubKey); if (i_n != buf_len) LOG(ERROR," : key error\n"); if (key[0] & 0x80) LOG(DEBUG, "00\n"); stored_CA_pubKeyLen = EVP_PKEY_size(X509_get_pubkey(x509)); For Verification I went through different approaches but unable to verify a) i_x509_verify = X509_verify(cert_x509, ca_pubkey); b) /* verify the signature */ int iRet1, iRet2, iReason; iRet1 = EVP_VerifyInit(&md_ctx, EVP_sha1()); iRet2 = EVP_VerifyUpdate(&md_ctx, cert_code, cert_code_len); rv = EVP_VerifyFinal(&md_ctx, (const unsigned char *)stored_CA_pubKey, stored_CA_pubKeyLen, cert_pubkey); NOTE : cert_code & stored_CA_pubKey is unsigned char buffer. Thanks in Advance

    Read the article

  • Sending Client Certificate in HttpWebRequest

    - by Aaron Fischer
    I am trying to pass a client certificate to a server using the code below however I still revive the HTTP Error 403.7 - Forbidden: SSL client certificate is required. What are the possible reasons the HttpWebRequest would not send the client certificate? var clientCertificate = new X509Certificate2( @"C:\Development\TestClient.pfx", "bob" ); HttpWebRequest tRequest = ( HttpWebRequest )WebRequest.Create( "https://ofxtest.com/ofxr.dll" ); tRequest.ClientCertificates.Add( clientCertificate ); tRequest.PreAuthenticate = true; tRequest.KeepAlive = true; tRequest.Credentials = CredentialCache.DefaultCredentials; tRequest.Method = "POST"; var encoder = new ASCIIEncoding(); var requestData = encoder.GetBytes( "<OFX></OFX>" ); tRequest.GetRequestStream().Write( requestData, 0, requestData.Length ); tRequest.GetRequestStream().Close(); ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback( CertPolicy.ValidateServerCertificate ); WriteResponse( tRequest.GetResponse() );

    Read the article

  • Clickonce intranet application trust

    - by Mark
    Hi, we have a VSTO outlook add-in we'd like to silently deploy to everyone via AD. I'm signing the App with a "Code signing" certificate (requested certmgr from AD). If I add this certificate to my Trusted Publishers, then I can silently install the signed app via the VSTOInstaller.exe (with the /S switch). We don't want to have to install my certificate as a trusted publisher on everyone's machine - we'd like to be able to say that any code signed by a certificate issued within our AD is trusted. Is there some way to do this?

    Read the article

  • help setting up wsHttpBinding WCF service on .net

    - by manu1001
    I'm trying to host a WCF service with wsHttpBinding. I created a certificate using makecert and put some lines in web.config. This is the error that I'm getting: System.ArgumentException: The certificate 'CN=WCfServer' must have a private key that is capable of key exchange. The process must have access rights for the private key. On googling up it seems to be some issue with access rights on the certificate file. I used cacls to give read permission to NETWORK SERVICE and also my username but it didn't change anything. I also went to security settings in the properties of the certificate file and gave full control to NETWORK SERVICE and my username. Again to no avail. Can you guide me as to what the problem is and what exactly I need to do? I'm really flaky with these certificate things. Here's my web.config: <system.serviceModel> <services> <service name="Abc.Service" behaviorConfiguration="Abc.ServiceBehavior"> <endpoint address="" binding="wsHttpBinding" bindingConfiguration="Abc.BindConfig" contract="Abc.IService"> <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> </services> <behaviors> <serviceBehaviors> <behavior name="Abc.ServiceBehavior"> <serviceMetadata httpGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="false"/> <serviceCredentials> <clientCertificate> <authentication certificateValidationMode="PeerTrust"/> </clientCertificate> <serviceCertificate findValue="WCfServer" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" /> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <wsHttpBinding> <binding name="Abc.BindConfig"> <security mode="Message"> <message clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel>

    Read the article

  • SSL certificates work fine from command line but fails in script

    - by jrallison
    I'm trying to setup email notifications for my continuous integration server. I have a script which uses nail to send the email when the build works: #!/bin/bash echo "Build Worked!" | nail -A myisp -s 'Build Success' [email protected] When I run this from the command line with sh build-worked, it works and I receive the email. However, when I start the continuous integration server which executes the same script, I get the following error: nail: /opt/bitnami/common/lib/libssl.so.0.9.8: no version information available (required by nail) nail: /opt/bitnami/common/lib/libcrypto.so.0.9.8: no version information available (required by nail) Error with certificate at depth: 0 issuer = /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected] subject = /C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com err 20: unable to get local issuer certificate Continue (y/n)? could not initiate SSL/TLS connection: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed . . . message not sent. I must be messing some configuration, any ideas?

    Read the article

  • File not found on RSACryptoServiceProvider, service account permissions?

    - by Ben Scheirman
    Our web service wraps around a third party library that contains the following code. We are using an Active Directory service account in the IIS 6 app pool (no interactive login abilities). Our service fails with the error “The system cannot find the file specified”. We’ve traced the error to the “RSACryptoServiceProvider provider = new RSACryptoServiceProvider();”. The third party assembly depends on a x509 file based certificate for its encryption process and the Service Account has Read / Write access to the keys folder. Additionally, the service account has Read, Write, Modify rights to “C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys”. Code: StringBuilder builder = new StringBuilder(publicKeyData); builder.Replace("-----BEGIN CERTIFICATE-----", ""); builder.Replace("-----END CERTIFICATE-----", ""); X509Certificate2 certificate = new X509Certificate2( Convert.FromBase64String(builder.ToString())); string xmlString = certificate.PublicKey.Key.ToXmlString(false); RSACryptoServiceProvider provider = new RSACryptoServiceProvider(); //BOOM CspKeyContainerInfo containerInfo = provider.CspKeyContainerInfo; provider.PersistKeyInCsp = false; provider.FromXmlString(xmlString); loadedKeys.Add(key, provider); provider2 = provider; We cracked open FileMon and noticed that there is a FILE NOT FOUND for that AppPool, followed by another SUCCESS for the same exact file. I'm out of my element here, anybody have an idea as to why we're seeing this?

    Read the article

  • How can I sign an ActiveX control with a code signing certificate and be a verified publisher?

    - by davidcl
    I'm trying to sing an ActiveX control with a code signing certificate issued by Thawte. I was able to successfully sign the control using signtool.exe. When I look at the file properties, it says "The certificate in the signature cannot be verified." When I view the certificate it says "Windows does not have enough information to verify the certificate." On the certification path tab, it says "The issuer of this certificate cannot be found." In internet explorer, the certificate is recognized as signed but the user receives warnings that the publisher is not verified. I've tried creating a single PFX file containing my certificate along with the root and intermediate certificates that chain to my Thawte developer certificate, and then re-signing the control using that PFX file. No dice. Any suggestions?

    Read the article

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >