client-certificates

Debugging SSL Handshake

孤街浪徒 提交于 2019-11-27 09:49:50
问题 How to debug ssl handshake, preferably with curl? I would like to troubleshoot per directory authentication with client certificate. I would specially like to find out which acceptable client certificates does server send. Thanks in advance 回答1: I have used this command to troubleshoot client certificate negotiation: openssl s_client -connect www.test.com:443 -prexit The output will probably contain "Acceptable client certificate CA names" and a list of CA certificates from the server, or

How safe are client SSL certificates in a mobile app?

偶尔善良 提交于 2019-11-27 09:26:30
问题 I'd like to have secure communication between my Android/iOS app and my Internet-accessible backend service, so I'm investigating HTTPS/SSL. If I create self-signed certificates, then put a client certificate in the app and cause the backend service to require that client certificate, is this truly secure ? Here's why I'm asking. It seems that the client certificate could be "hacked" by interrogating the .apk. The client certificate is just a string constant, right? That means anyone could

Mutual certificates authentication fails with error 403.16

99封情书 提交于 2019-11-27 04:19:26
问题 I'm using Windows Server 2012 and IIS 8.5. I've set SSL for the website and the SSL Settings are: Require Required and Require Client Certificates. The client certificate that I'm sending to the server has been issued by a self-signed authority (let's called it MyCompany CA). MyCompany CA certificate has been successfully installed in the Local Computer Account - Trusted Root Certification Authorities. It's expiration date is 2039, so is the client certificate expiration date. However, with

How to use a client certificate to authenticate and authorize in a Web API

試著忘記壹切 提交于 2019-11-26 23:50:25
I am trying to use a client certificate to authenticate and authorize devices using a Web API and developed a simple proof of concept to work through issues with the potential solution. I am running into an issue where the client certificate is not being received by the web application. A number of people of reported this issue, including in this Q&A , but none of them have an answer. My hope is to provide more detail to revive this issue and hopefully get an answer for my issue. I am open to other solutions. The main requirement is that a standalone process written in C# can call a Web API

IBM MQ.Net CertificateLabel, CipherSpec

我的梦境 提交于 2019-11-26 23:42:41
问题 I am trying to connect to a remote IBM MQ server (v.8.0) and am receiving the error below. I'm using .Net 4.5.2 on Windows 10. I have modified the SimplePut.exe program that ships with the client install. I think I may be missing something to do with the client certificate I was issued and have installed following their instructions. Possibly the CertificateLabel setting? I am very new to IBM MQ so any help is much appreciated. -h <host> -p 1434 -s TLS_RSA_WITH_AES_256_CBC_SHA256 -q INS -l

iOS Client Certificates and Mobile Device Management

本小妞迷上赌 提交于 2019-11-26 20:43:16
问题 Our customers want to use an MDM (mobile device management) solution (MobileIron) to install client certificates onto corporate iOS devices, in order to limit access to certain corporate web services to corporate devices only. MobileIron installs the client certificate into Settings > General > Profiles , which is the default location for certificates in iOS, and Safari can respond with this certificate when a corporate web service challenges it for one. But I need the same thing to happen

Make IIS require SSL client certificate during initial handshake

青春壹個敷衍的年華 提交于 2019-11-26 16:25:12
问题 I am trying to configure an IIS website to require SSL client certificates. The website is set up in both IIS 6 and 7, though I am more interested in making it work for 7. I set the require client certificates property in IIS and it works fine when accessing the site through a web browser, but a Java-based client is having trouble accessing it. I believe the problem is that IIS does not request a client certificate during the initial SSL handshake. Instead it negotiates a normal SSL

How to use a client certificate to authenticate and authorize in a Web API

两盒软妹~` 提交于 2019-11-26 07:57:16
问题 I am trying to use a client certificate to authenticate and authorize devices using a Web API and developed a simple proof of concept to work through issues with the potential solution. I am running into an issue where the client certificate is not being received by the web application. A number of people of reported this issue, including in this Q&A, but none of them have an answer. My hope is to provide more detail to revive this issue and hopefully get an answer for my issue. I am open to

Java HTTPS client certificate authentication

徘徊边缘 提交于 2019-11-26 03:14:53
问题 I\'m fairly new to HTTPS/SSL/TLS and I\'m a bit confused over what exactly the clients are supposed to present when authenticating with certificates. I\'m writing a Java client that needs to do a simple POST of data to a particular URL . That part works fine, the only problem is it\'s supposed to be done over HTTPS . The HTTPS part is fairly easy to handle (either with HTTPclient or using Java\'s built-in HTTPS support), but I\'m stuck on authenticating with client certificates. I\'ve noticed
订阅 client-certificates