Search Results

Search found 1094 results on 44 pages for 'ev certificates'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 38/44 | < Previous Page | 34 35 36 37 38 39 40 41 42 43 44  | Next Page >

  • WCF Http Bindings, Require SSL

    - by JoshKraker
    I have the following binding I'm using with my wsHttpBinding webservice. <binding name="wsHttpConfig"> <security> <transport clientCredentialType="None"/> </security> </binding> The issue is that it allows for the client to connect using either Http or Https. I would like to require them to use SSL. I tried adding the following: <system.web.extensions> <scripting> <webServices> <authenticationService enabled="true" requireSSL = "true"/> </webServices> </scripting> </system.web.extensions> But it had no effect; client could still connect with Http. I then tried checking the "Require SSL" in the IIS7 SSL Settings and had client certificates radio set to Accept. Now, when I try to view the service I am getting the error "Could not find a base address that matches scheme http for the endpoint with binding WSHttpBinding. Registered base address schemes are [https]." Anyone know exactly how to fix this error? I have been googling for the last 3 hours trying 500 different combinations (not 500, but too many to list) and could not get anything to run.

    Read the article

  • Web service SSL handshake fails in production environment unless SSL debugging enabled

    - by JST
    Scenario: calling a client web service over SSL (https) with mutual SSL authentication. Different service endpoint URLs and certs (both keystore and truststore) for test vs. production environments. Both test and production environments run tomcat / JBoss clustered. Production environment has load balancing / BigIP, runs Blade and non-Blade machines. Truststore is set (using -Djavax.net.ssl.trustStore=value) at startup. Keystore is set using System.setProperty("javax.net.ssl.keyStore", "value") in Java code. Web service call made using Axis2. All works fine in test environment, but when we moved to production environment (6 servers), it appears certs are not being forwarded for the handshake. Here's what we've done: in test environment, handshake using test versions of certs has been working all along, with no ssl debugging enabled confirmed in test environment that handshake with client production endpoint succeeds (production certs, both ours and theirs, are fine) -- this was done using -Djavax.net.debug=handshake,ssl confirmed that the error condition occurs on all 6 production servers took one server out of the cluster, turned on ssl debugging for just that one (with a restart), hit it directly, handshake works! switched to a different server without the debugging turned on, handshake error condition occurs turned debugging on on that second server (with a restart), hit it directly, handshake works! From the evidence, it seems like somehow the debugging being enabled causes the certificates to be properly retrieved/conveyed, although that makes no sense! I wonder whether somehow the enabled debugging makes the system pay attention to the System.setProperty call, and ignore it otherwise. However, in local and test environments, handshake worked without debugging enabled. Do I maybe need to be setting keystore on server startup like I'm setting truststore? Have been avoiding that because the keystore will differ for each of our test environments (16 of them).

    Read the article

  • How to create X509 self signed certificate for use in Apache Tomcat

    - by DaveJohnston
    I have a Java application that runs on Windows Mobile devices using a 3rd Party JVM. The application communicates with an Apache Tomcat server over HTTP. We have also used HTTPS for some connections and the certificates were created using the Sun keytool utility. First a keystore was created using genkey, then the certificate exported using export and finally that was imported into another keystore using import. The file created by genkey was loaded into the Apache server and the keystore created using import was loaded into the JVM on the PDA. Everything works as expected. I am now working with a new JVM on the PDA and (for whatever reason) I have established that this JVM requires the keystore to be in X509 (DER) format. I started working on this about a month ago and had it working, but stupidly never wrote down the steps I took, and now I can't for the life of me remember what I did. I seem to remember using openssl but other than that I am totally lost. Anything I create now using openssl and try to load into Apache causes an error at startup (Invalid Keystore Format) so I am probably missing something out entirely. Does anyone have any ideas how I should be going about creating this self-signed X509 certificate that can be loaded into Apache server and JVM running on a PDA?

    Read the article

  • java RMI newbie-- some basic questions about SSL and auth/.rate limiting an RMI service

    - by Arvind
    I am trying to work to secure a java based RMI service using SSL. I have some basic questions about the capabilities of using SSL. Specifically, from what I understand, the client and server connecting via SSL will need to have appropriate credential certificates in both client and server, for a client to be granted access to the server. Am I correct in my understanding? Also, what I want to know is, can a person who is already using my RMI service and has access to a client machine , make a copy of the certificate in the client machine to other client machines-- and then invoke my RMI service from those other machines as well? How do I prevent such a situation from occurring? I mean, in a REST API you can use OAuth authentication, can we have some kind of authentication in an RMI Service? Also, can I possibly limit usage of the RMI service? For eg, a specific client may be allowed to make only 5000 calls per day to my RMI service, and if he makes more calls the calls occurring after the 5000 calls limit are all denied? How do I do such rate limiting and/or authentication for my RMI Service?

    Read the article

  • How do i use signtool.exe correctly in hudson running as a service?

    - by Tim
    I just purchased a code signing cert (MS authenticode) from THAWTE and have installed it apparently on my build machine. I am logged in as a user and when I open a cmd prompt I can sign EXEs using the cert with signtool.exe. Unfortunately this same command line does not work in the hudson process that is running on the machine. the error message I get is: SignTool Error: No certificates were found that met all the given criteria. I presume this is because the hudson service is running under a different account than the account that I ran signtool.exe from and from the account I used to get the cert from thawte. So, my question is: How do I fix this problem? I thought i was going to download a file from thawte, but instead it just used IE somehow to install the cert in the user's cache magically. I probably want to export (or whatever the correct term is) to a file that I can store/save or use on any other machine. How do i do that and how do I call signtool correctly with either the file or the cert from another user in the system/services account?

    Read the article

  • Custom SSL handling stopped working on Android 2.2 FroYo

    - by Eric
    For my app, Transdroid, I am connecting to remote servers via HTTP and optionally securely via HTTPS. For these HTTPS connections with the HttpClient I am using a custom SSL socket factory implementation to make sure self-signed certificates are working. Basically, I accept everything and ignore every checking of any certificate. This has been working fine for some time now, but it no longer work for Android 2.2 FroYo. When trying to connect, it will return an exception: java.io.IOException: SSL handshake failure: I/O error during system call, Broken pipe Here is how I initialize the HttpClient: SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", new PlainSocketFactory(), 80)); registry.register(new Scheme("https", (trustAll ? new FakeSocketFactory() : SSLSocketFactory.getSocketFactory()), 443)); client = new DefaultHttpClient(new ThreadSafeClientConnManager(httpParams, registry), httpParams); I make use of a FakeSocketFactory and FakeTrustManager, of which the source can be found here: http://code.google.com/p/transdroid/source/browse/#svn/trunk/src/org/transdroid/util Again, I don't understand why it suddenly stopped work, or even what the error 'Broken pipe' means. I have seen messages on Twitter that Seesmic and Twidroid fail with SSL enabled on FroYo as well, but am unsure if it's related. Thanks for any directions/help!

    Read the article

  • Create a SSL certificate on Windows

    - by Ben Fransen
    Hi all, Since I'm very new to SSL certificates, and the creation and usage of them I figured maybe StackOverflow members can help me out. I'm from Holland, the common way of online payments is by implementing iDEAL. An online payment protocol supported by the major banks. I have to implement a 'professional' version. This includes creating a RSA private key. Based on that key I have to create a certificate and upload it to the webserver. I'm on a Windows machine and completely confused what to do. I took a look at the OpenSSL website, because the manual forwarded me to that website to get a SSL Toolkit. The manual provides two commands which have to be executed in order to create a RSA key and a certificate. The commands are: openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024 and openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer Is there a way I can do this by a utility on a windows machine? I've downloaded PuTTy KeyGenerator. But I'm not sure what to do, I've created a key (SSH-2 RSA, whatever that is..) but how do I create a certificate with that key? Any help is much appreciated! Ben

    Read the article

  • SSL HandShakeException: No_Certificate. Using IBM's J9 JVM and Apache Tomcat

    - by DaveJohnston
    I am developing a mobile application that is to run on a Windows Mobile PDA. The application is written in Java and to run it we are using the J9 JVM from IBM. The application communicates with an Apache Tomcat server over HTTP and we are trying to set it up now to use SSL. I have generated public/private keys for both the client and the server, exported their self signed certificates and imported them into the respective keystores. Initially I tried to just get it working using only server side authentication and that was successful. But I am now trying to get mutual authentication by setting clientAuth="true" in the server.xml file in the apache conf directory. I have enabled the SSL logging on the server and when the client connects the server reports an SSLProtocolException: handshake alert: no_certificate. The client logs also show an exception: javax.net.ssl.SSLHandshakeException: unexpected_message at com.ibm.j9.jsse.SSLSocketImpl.completeHandshake(Unknown Source) at com.ibm.j9.jsse.SSLSocketImpl.startHandshake(Unknown Source) at com.ibm.oti.net.www.protocol.https.HttpsURLConnection.openSocket(Unknown Source) at com.ibm.oti.net.www.protocol.https.HttpsURLConnection.connect(Unknown Source) at com.ibm.oti.net.www.protocol.https.HttpsURLConnection.sendRequest(Unknown Source) at com.ibm.oti.net.www.protocol.https.HttpsURLConnection.doRequest(Unknown Source) at com.ibm.oti.net.www.protocol.https.HttpsURLConnection.getInputStream(Unknown Source) The client keystore and truststore is configured by setting the following System Properties: javax.net.ssl.trustStore javax.net.ssl.trustStorePassword javax.net.ssl.keyStore javax.net.ssl.keyStorePassword Does anyone have any ideas how I can set up client authentication on the J9 JVM?

    Read the article

  • Getting SSL to work with Apache/Passenger on OSX

    - by jonnii
    I use apache/passenger on my development machine, but need to add SSL support (something which isn't exposed through the control panel). I've done this before in production, but for some reason I can't seem to get it work on OSX. The steps I've followed so far are from a default apache osx install: Install passenger and passenger preference pane. Add my rails app (this works) Create my ca.key, server.crt and server.key as detailed on the apple website. At this point I need to start editing the apache configs, so I added: # Apache knows to listen on port 443 for ssl requests. Listen 443 Listen 80 I thought I'd try editing the passenger pref pane generated config first to get everything working, when I add: It starts off looking like this <VirtualHost *:80> ServerName myapp.local DocumentRoot "/Users/jonnii/programming/ruby/myapp/public" RailsEnv development <Directory "/Users/jonnii/programming/ruby/myapp/public"> Order allow,deny Allow from all </Directory> </VirtualHost> I then append this: <VirtualHost *:443> ServerName myapp.local DocumentRoot "/Users/jonnii/programming/ruby/myapp/public" RailsEnv development <directory "/Users/jonnii/programming/ruby/myapp/public"> Order allow,deny Allow from all </directory> # SSL Configuration SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SSLOptions +FakeBasicAuth +ExportCertData +StdEnvVars +StrictRequire #Self Signed certificates SSLCertificateFile /private/etc/apache2/ssl.key/server.crt SSLCertificateKeyFile /private/etc/apache2/ssl.key/server.key SSLCertificateChainFile /private/etc/apache2/ssl.key/ca.crt SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 </VirtualHost> The files referenced all exist (I doubled checked that), but now when I restart my apache I can't even get to myapp.local. However apache can still server the default page when I click on it in the sharing preference panel. Any help would be greatly appreciated.

    Read the article

  • Secure Webservice (WCF) without storing credentials on consumer application

    - by Pai Gaudêncio
    Howdy folks, I have a customer that sells a lottery analysis application. In this application, he consumes a webservice (my service, I mean, belongs to the company I work for now) to get statistical data about lottery results, bets made, amounts, etc., from all across the globe. The access to this webservice is paid, and each consult costs X credits. Some people have disassembled this lottery application and found the api key/auth key used to access the paid webservice, and started to use it. I would like to prevent this from happening again, but I can't find a way to authenticate on the webservice without storing the auth. keys on the application. Does anyone have any ideas on how to accomplish such task? ps1.Can't ask for the users to input any kind of credentials. Has to be transparent for them (they shouldn't know what is happening). ps2. Can't use digital certificates for the same reason above, not to mention it's easy to retrieve them and we would fall into the original problem. Thanks in advance.

    Read the article

  • Access Denied while using System.Diagnostics.Process

    - by Mike C
    I am trying to use the unmanaged ImageMagick library in my ASP.NET application from the command line using System.Diagnostics.Process. Basically, users will upload an .eps file to the site, and then I will run the command line command to convert it into .jpg. This is the code I'm using to try and run the command: Dim proc As New System.Diagnostics.Process proc.StartInfo.RedirectStandardOutput = True proc.StartInfo.RedirectStandardError = True proc.StartInfo.FileName = "C:\Program Files (x86)\ImageMagick-6.6.1-Q16\convert.exe" proc.StartInfo.UseShellExecute = False proc.StartInfo.Arguments = String.Format("{0} {1}", Server.MapPath("~/logo/test.eps"), _ Server.MapPath("~/certificates/temp/test-1234.jpg")) proc.StartInfo.CreateNoWindow = True proc.Start() I am able to run this code just fine on our development Win 2k3 server, but not on our production Win 2k3 Server. I get the error "System.ComponentModel.Win32Exception: Access is denied". The main between the two servers is that the production is 64-bit and runs Plesk to manage multiple domains. I've tried adding rights asp.net user to the ImageMagick directory. The PS Admin says that in the case of Plesk, it's the same account that I use to access the site in VS using FPE. Does anyone know what I might do in order to allow this process to run on my production server? Thanks, Mike

    Read the article

  • "error creating files compilation failed" when publishing for iOS on Flash CS5.5

    - by user1662660
    I'm currently developing an app using Flash CS5.5 for iOS. All of my .ipa files have been created and tested with no problems so far. Until now. I'm using Windows. It only started today and happens to every file I try to publish. I get the error "error creating files. compilation failed..." That is the only piece of information I am given about the error. All of my certificates and provisioning profiles are legit and still valid. Has anyone had any experience with this before? Since posting the question I have found a resolution that I will post for anyone who encounters the same problem. In this case I was unable to publish my .ipa file as I was opening the document (and Flash) from the start menu in Windows 7. To fix this instance of the issue I simply opened Flash first and then opened my document and I was able to publish.

    Read the article

  • Authenticated WCF: Getting the Current Security Context

    - by bradhe
    I have the following scenario: I have various user's data stored in my database. This data was entered via a web app. We'd like to expose this data back to the user over a web service so that they can integrate their data with their applications. We would also like to expose some business logic over these services. As such we do not want to use OData. This is a multi-tenant application so I only want to expose their data back to them and not other users. Likewise, the business logic we expose should be relative to the authenticated user. I would like let the user use an OASIS scheme to authenticate with the web service -- WCF already allows for this out of the box as far as I understand -- or perhaps we can issue them certificates to authenticate with. That bit hasn't really been worked out yet. Here is a bit of pseudo-code of how I envision this would work within the service: function GetUsersData(id) var user := Lookup User based on Username from Auth Context var data := Get Data From Repository based on "user" return data end function For the business logic scenario I think it would look something like this: function PerformBusinessLogic(someData) var user := Lookup User based on Username from Auth Context var returnValue := Perform some logic based on supplied data return returnValue end function The hard bit here is getting the current username (or cert info in the cert scenario) that the user authenticated with! Does WCF even enable this scenario? If not would WSE3 enable this? Thanks,

    Read the article

  • SSL certificate pre-fetch .NET

    - by Wil P
    I am writing a utility that would allow me to monitor the health of our websites. This consists of a series of validation tasks that I can run against a web application. One of the tests is to anticipate the expiration of a particular SSL certificate. I am looking for a way to pre-fetch the SSL certificate installed on a web site using .NET or a WINAPI so that I can validate the expiration date of the certificate associated with a particular website. One way I could do this is to cache the certificates when they are validated in the ServicePointManager.ServerCertificateValidationCallback handler and then match them up with configured web sites, but this seems a bit hackish. Another would be to configure the application with the certificate for the website, but I'd rather avoid this if I can in order to minimize configuration. What would be the easiest way for me to download an SSL certificate associated with a website using .NET so that I can inspect the information the certificate contains to validate it? EDIT: To extend on the answer below there is no need to manually create the ServicePoint prior to creating the request. It is generated on the request object as part of executing the request. private static string GetSSLExpiration(string url) { HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest; using (WebResponse response = request.GetResponse()) { } if (request.ServicePoint.Certificate != null) { return request.ServicePoint.Certificate.GetExpirationDateString(); } else { return string.Empty; } }

    Read the article

  • Which book should I choose?

    - by sebastianlarsson
    Hi guys, I'm looking for a good read on object oriented design. The two books I'm currently looking Head First Design Patterns and Head First Object object-oriented analysis & design. They seem very similar when looking at the contents and browsing through available sample text. Which one would be the best choice? About myself: I have a bachelor in computer science and I am currently studying Msc. Software Quality Engineering (read Software Engineering with focus on Quality). I am already confident in object-oriented design and have a lot of programming courses in my backpack. I have done games in c++, courses in advanced java programming (I am SCJP certified), but my preferred language is C#. I have also worked with Java for the last 7 months while studying. I am currently also studying for certificates in C# (apart from my usual studies). So I believe I have the prerequisites of actually understanding the contents of both books. Reason: I just want to be better and keep evolving as a programmer. I think it is fun. I believe Bert Bates and Kathy Sierra are involved in both these books and I have previously read their SCJP preparation book in java. I really do enjoy their style of writing. Other books which I am considering are: Clean Code: A Handbook Of Agile Software Craftsmanship Thx in advance Sebastian

    Read the article

  • Is "Server not found" error related to Activclient?

    - by Kent
    Users are getting sporadic "Server not found" errors after idling in the browser. We have a HTTPS web application (Apache/Tomcat) using NSS for authentication on the server. The error occurs when a user opens the application and later lets it sit idle/untouched for 15 minutes. When they try to access the application they can get a "Server not found" error. Users use CAC cards with ActivClient software and our web application uses the certificates for authentication and authorization. We have been able to recreate the problem but have been unable to diagnose it. In recreating the problem the server is getting a series of "Unable to find the certificate or key necessary for authentication" errors in the NSS log associated with the browser error. These erros don't occur until the user tries to access the idle application. When the application is idle for 15 minutes the PIN is not requested yet the PIN Cache timeout in ActivClient is set at 15 minutes. All our server side timeout parameters are set to hours not minutes. IE 6 is our browser and NSS is using TLS. We have tried modifying "SetEnvIf User-Agent ".MSIE." ssl-unclean-shutdown" with no improvement. I understand that the PIN cache timeout and SSL session don't have a 1:1 relationship but the timing is suspicious. Can't find anything in the windows error logs that indicates a problem (security logs are not accessible to us). Any suggestions as to how to identify the cause of the problem would be appreciated.

    Read the article

  • Create x509 certificate with openssl/makecert tool

    - by Zé Carlos
    I'm creating a x509 certificate using makecert with the following parameters: makecert -r -pe -n "CN=Client" -ss MyApp I want to use this certificate to encrypt and decrypt data with RSA algoritm. I look to generated certificate in windows certificate store and everything seems ok (It has a private key, public key is a RSA key with 1024 bits and so on..) Now i use this C# code to encrypt data: X509Store store = new X509Store("MyApp", StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly); X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindBySubjectName, "Client", false); X509Certificate2 _x509 = certs[0]; using (RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)_x509.PrivateKey) { byte[] dataToEncrypt = Encoding.UTF8.GetBytes("hello"); _encryptedData = rsa.Encrypt(dataToEncrypt, true); } When executing the Encrypt method, i receive a CryptographicException with message "Bad key". I think the code is fine. Probably i'm not creating the certificate properly. Any comments? Thanks ---------------- EDIT -------------- If anyone know how to create the certificate using OpenSsl, its also a valid answer for me.

    Read the article

  • How to secure login and member area with SSL certificate?

    - by citronas
    Background: I have a asp.net webapplication project that should contain a public and a member area. Now I want to implement a SSL decription to secure communication between the client and the server. (In the university we have a unsecured wireless network and you can use a wlan sniffer to read username/password. I do not want to have this security problem for my application, so I thought of a ssl decription) The application is running on a IIS 7.5. It it possible to have one webapp that has unsecured pages (like the public area) and a secured area (like the member area, which requires a login)? If yes, how can I relealise the communication between these too areas? Example: My webapp is hosted on http://foo.abc. I have pages like http://foo.abc/default.aspx and http://foo.abc/foo.aspx. In the same project is page like /member/default.aspx which is protected by a login on the page http://foo.abc/login.aspx. So I would need to implement SSL for the page /login.aspx and all pages in /member/ How can I do that? I just found out how to create SSL certificates in IIS 7.5 and how to add such a binding to a webapp. How how can I tell my webapp which page should be called with https and not with http. What is the best practise there?

    Read the article

  • verifying the signature of x509

    - by sid
    Hi All, While verifying the certificate I am getting EVP_F_EVP_PKEY_GET1_DH My Aim - Verify the certificate signature. I am having 2 certificates : 1. a CA certificate 2. certificate issued by CA. I extracted the 'RSA Public Key (key)' Modulus From CA Certificate using, pPublicKey = X509_get_pubkey(x509); buf_len = (size_t) BN_num_bytes (bn); key = (unsigned char *)malloc (buf_len); n = BN_bn2bin (bn, (unsigned char *) key); if (n != buf_len) LOG(ERROR," : key error\n"); if (key[0] & 0x80) LOG(DEBUG, "00\n"); Now, I have CA public key & CA key length and also having certificate issued by CA in buffer, buffer length & public key. To verify the signature, I have following code int iRet1, iRet2, iRet3, iReason; iRet1 = EVP_VerifyInit(&md_ctx, EVP_sha1()); iRet2 = EVP_VerifyUpdate(&md_ctx, buf, buflen); iRet3 = EVP_VerifyFinal(&md_ctx, (const unsigned char *)CAkey, CAkeyLen, pubkey); iReason = ERR_get_error(); if(ERR_GET_REASON(iReason) == EVP_F_EVP_PKEY_GET1_DH) { LOG(ERROR, "EVP_F_EVP_PKEY_GET1_DH\n"); } LOG(INFO,"EVP_VerifyInit returned %d : EVP_VerifyUpdate returned %d : EVP_VerifyFinal = %d \n", iRet1, iRet2, iRet3); EVP_MD_CTX_cleanup(&md_ctx); EVP_PKEY_free(pubkey); if (iRet3 != 1) { LOG(ERROR,"EVP_VerifyFinal() failed\n"); ret = -1; } LOG(INFO,"signature is valid\n"); I am unable to figure out What might went wrong??? Please if anybody faced same issues? What EVP_F_EVP_PKEY_GET1_DH Error means? Thanks in Advance - opensid

    Read the article

  • x509 certificate verification in C

    - by sid
    Hi All, I do have certificates in DER and PEM format, My goal is to retrieve the fields of Issuer and Subject And verify the Certificate with the CA public key and simultaneously verify CA certificate with the Root public key. I am able to retrieve all the details of issuer and subject But unable to verify the certificate. Please help. The API's used, x509 = d2i_X509_fp (fp, &x509); //READING DER Format x509 = PEM_read_X509 (fp, &x509, NULL, NULL); //READING PEM Format X509_NAME_oneline(X509_get_subject_name(x509), subject, sizeof (subject)); //to retrive the Subject X509_NAME_oneline(X509_get_issuer_name(x509), issuer, sizeof (issuer)); //to retrive the Issuer // to store the CA public key (in unsigned char *key)that will be used to verify the certificate (My case Always sha1WithRSAEncryption) RSA *x = X509_get_pubkey(x509)->pkey.rsa; bn = x->n; //extracts the bytes from public key & convert into unsigned char buffer buf_len = (size_t) BN_num_bytes (bn); stored_CA_pubKey = (unsigned char *)malloc (buf_len); i_n = BN_bn2bin (bn, (unsigned char *)stored_CA_pubKey); if (i_n != buf_len) LOG(ERROR," : key error\n"); if (key[0] & 0x80) LOG(DEBUG, "00\n"); stored_CA_pubKeyLen = EVP_PKEY_size(X509_get_pubkey(x509)); For Verification I went through different approaches but unable to verify a) i_x509_verify = X509_verify(cert_x509, ca_pubkey); b) /* verify the signature */ int iRet1, iRet2, iReason; iRet1 = EVP_VerifyInit(&md_ctx, EVP_sha1()); iRet2 = EVP_VerifyUpdate(&md_ctx, cert_code, cert_code_len); rv = EVP_VerifyFinal(&md_ctx, (const unsigned char *)stored_CA_pubKey, stored_CA_pubKeyLen, cert_pubkey); NOTE : cert_code & stored_CA_pubKey is unsigned char buffer. Thanks in Advance

    Read the article

  • WCF with SSL- not finding localhost

    - by SteveCav
    Hi guys, I'm trying to get WCF to use SSL with ANYTHING for FIVE DAYS now. I've gone through countless walkthroughs, generated more certificates than a mail order diploma company, even tried hot fixes. After working with MS dev tools since VB1, I am now considering flipping burgers as a career option. WCF, as far as I can see, is a complete lemon. Anyway, to get to my actual question: If I run through this walkthrough: http://msdn.microsoft.com/en-us/library/ff648840.aspx I get to step 11 (adding the service reference) and get "There was an error downloading metadata from the address. Please verify that you have entered a valid address". Details of the error gives: There was an error downloading 'https://localhost/SSL6/Service.svc'. Unable to connect to the remote server No connection could be made because the target machine actively refused it 127.0.0.1:443 I'm using VS2008 on Windows 7 with IIS7. I followed the walkthrough exactly (apart from step 5 which was different on IIS7- I went into "SSL Settings" for the VD), so it shows my config (yes I've used httpsGetEnabled and mexHttpsBinding). Anyone care to save my sanity and job?

    Read the article

  • Safari doesn't detect my Extension Certificate

    - by Questor
    Hello, all! I have registered for the Safari Development Program and have a valid Apple ID. I've followed all the steps given by Apple. The problem is that Windows XP (Service Pack 2) does not recognize the command 'certreq', whereas the instructions said it would work on any Windows machine. However, the command 'certreq' was working on Windows Vista on the machine of my co-worker's, I downloaded the certificate (the .cer file) and installed it and Safari detected it. However, I don't have Windows Vista. I installed Windows 7 now on my machine, the command 'certreq' works and I have the Safari Extension Certificate (the .cer file) but when I open Safari's Extension Builder, my certificate does not appear there. I entered mmc in Start -- Run and checked if the certificate was installed there. It was in the 'Other People' but not in 'Personal'. Even on Internet Explorer 7+, when I go to Tools -- Internet Options -- Content (Tab) -- Certificates, the certificate is not there in the Personal tab, (WHEREAS IT GOT INSTALLED IN THE PERSONAL FOLDER AUTOMATICALLY IN WINDOWS VISTA). I tried importing the certificate (the .cer file) into the Peronal folder, the import is successful but still neither does it appear in the personal folder nor does Safari recognize/detect it when I go to the Extension Builder. ANY HELP?! I need to make an extension for my office project and the deadline is approaching. I really need to get it done. Thanks a million in anticipation.

    Read the article

  • How can I sign a Windows Mobile application for internal use?

    - by AR
    I'm developing a Windows Mobile application for internal company use, using the Windows Mobile 6 Professional SDK. Same old story: I've developed and tested on the emulator and all is well, but as soon as I deploy to advice I get an UnauthorizedAccessException when writing files or creating directories. I'm aware that an application installed to a device needs to be signed but I'm running into roadblocks at every turn: Using the project properties 'Devices' window I select 'Sign the project output with this certificate, and choose one of the sample certificates from the SDK. This results in a build error: "The signer's certificate is not valid for signing" when running SignTool. If I try to run SignTool.exe from the commandline, I get an error telling me to run SignTool.exe from a location in the system's PATH. I can't use the 'Signing' tab in the Project Properties to create a test certificate - this is greyed out (presumably for WinMobile projects?). If at all possible, I would like to avoid having to go through Versign or the like to get a Mobile2Market certificate. If I have to go this route for a final version that's fine, but I need to at least be able to test the app on real devices. Any advice would be most welcome!

    Read the article

  • Is there any other way of using signed applets

    - by 640KB
    Hi There, If I want to deploy high privileged applets they need to be signed. For that a certificate is created and then a jar file is signed with a jarsigner. After that in the HTML code one has to specify code,codebase AND archive (jar) which we signed before. However I wrote a servlet which acts as two things: it sits at the URL pointed by the codebase and serves class bytecode to the applet. The same servlet also uses serialization to communicate with the applet whereby whenever the applet gets a class it does not know it goes to the codebase which ends up back at the servlet. Almost like a mini RMI setup but simpler. I hope you can see the power in this. Unfortunately for signed applets one needs the archive. Now the servlet is also able to load a Certificate object and can send it to the applet too. So here is the setup: At one point the applet receives class bytecode and it also has the Certificate. It would be nice if the applet could instantiate all received classes using that certificate (otherwise code from jar is signed and outside is not which prompts nasty messages to the user). So my question to you fine Java aficionados: Would there by any way for me to use the bytecode data and the Certificate to instantiate the class as a signed object so that the plugin pops the Security dialog, accepts teh certificate and elevates the object's privileges. What I could find is that the there is a class CodeSource that accepts codebase URL and certificate and is essential to the signing process. What I am not sure is how one could intercept the class loading inside applets to install additional certificates not obtained through a JAR file via archive. What do you say? Thanks a bunch.

    Read the article

  • Uploading Binary iPhone App "The signature was invalid" again again and again...

    - by user338386
    Hello! I'm going crazy! I'm trying to upload the binary of my first application but I have always the same error! "The binary you uploaded was invalid. The signature was invalid, or it was not signed with an Apple submission certificate." I did everything, EVERYTHING!! I created the request for the certificate, used it for both developer and distribution certificate, created the provisioning profile (12 times!!!) always cleaning my keychain and my Xcode deleting the old certificates and profiles.. I reboot the machine, reboot Xcode, the log is correct, but... I can't upload my app!!!! Checked if my iPhone is connected (i tried with iPhone disconneted too). I checked the certificate in both my project settings "Distribuition" Configuration (duplicate of "Release" configuration) and in my target settings. Reveal in finder, compress the app and sent the zip... I tried with Application Loader and iTunes connect online.. but nothing! NOTHING!! I've spent 8 hours! And again i can't have my app uploaded!!! I'm really going crazy! Can anyone help me pleeease? Thx!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 34 35 36 37 38 39 40 41 42 43 44  | Next Page >