x509

问题 Since the documentation for phpseclib is very poor, I'm asking here if there is a way to set the ns-cert-type for a certificate whis this library. Searching on the sources, I've found this: // the following OIDs are unsupported but we don't want them to give notices when calling saveX509(). case 'id-pe-logotype': // http://www.ietf.org/rfc/rfc3709.txt case 'entrustVersInfo': // http://support.microsoft.com/kb/287547 case '1.3.6.1.4.1.311.20.2': // szOID_ENROLL_CERTTYPE_EXTENSION case '1.3.6.1

问题 i have this code : // Turn the encoded key into a real RSA public key. // Public keys are encoded in X.509. X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PublicKey publicKey = keyFactory.generatePublic(keySpec); error: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: Detect premature EOF where is the problem? 回答1: public static PublicKey getPublicKey(String key) throws Exception

问题 In my ongoing struggle with public key crypto i ran into a snag that's possibly beyond my expertise with parsing CSR's: I have not been able to get phpseclib to X509->loadCSR() this chunk from a MS server 2012r2 CA: # more file -----BEGIN NEW CERTIFICATE REQUEST----- MIIFGDCCAwACAQAwOjEWMBQGCgmSJomT8ixkARkWBnNlY3VyZTEgMB4GA1UEAxMX LlNlY3VyZSBFbnRlcnByaXNlIENBIDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw ggIKAoICAQCzgEpL+Za7a3y7YpURDrxlGIBlks25fD0tHaZIYkBTaXA5h+9MWoXn

问题 I am having a hard time with X509 certificate-based WS-Security in WebSphere v7. Here's a little background: We are using spring-ws in our application, and we allow for UsernameToken profile security or X509 security. The two are implemented using the Xws Security interceptor, which runs off of the Xws Security Framework: http://docs.oracle.com/cd/E17802_01/webservices/webservices/docs/1.6/tutorial/doc/XWS-SecurityIntro4.html We implement the security on both the client-side & the server-side

问题 My question is pretty simple: is there a simple way to access Windows X509 Certificate Store using Delphi 7? Before asking this question I have googled, but have not found any useful info. 回答1: the easiest way is to use capicom, hitting the win capi api directly is painful. once you've registered the com object and created your typelib unit from it.. open the appropriate store, and from there use the certificates() method.. var store: TStore; certificates: ICertificates; certificate:

问题 I managed to authentify the user against the Ldap using the username found in the certificate. What I would like to obtain is to authentify the user using directly the certificate on the Ldap. I cannot found how to pass the certificate to the Ldap. here is the current config (using the certificate's username) : <security:x509 subject-principal-regex="CN=(.*?)," user-service-ref="userService"/> <bean name="userService" class="org.springframework.security.ldap.userdetails.LdapUserDetailsService

问题 I am using springboot and I am writing a client application. The header(header name ssl_cert_header) needs to have x509 cert. I am not finding any help on how to set httpheader with x509 cert. Header needs to be set on web server(irule) or should be coded? appreciate if someone can respond. 来源： https://stackoverflow.com/questions/48158250/x509-in-request-header-springboot

问题 I use BouncyCastle to generate certificats. Now I want to add some SubjectAlternativeName , just like: ... ArrayList namesList = new ArrayList(); namesList.add(new GeneralName(GeneralName.dNSName, "*.test")); namesList.add(new GeneralName(GeneralName.iPAddress, "127.0.0.1")); namesList.add(new GeneralName(GeneralName.rfc822Name, "zoltar@spkac.spectra.org")); GeneralNames subjectAltNames = new GeneralNames(new DERSequence((GeneralName[])namesList.toArray(new GeneralName [] {}))); new_cert

问题 I basically have the same problem as in this question, but I'm having trouble filling in the apparently trivial parts left out from the accepted answer. I'm doing this in C# with Mono. I have a CA root certificate, and from that I can get a byte[] holding a public key. I then get an untrusted certificate I need to verify. From what I understand, RSACryptoServiceProvider.VerifyData should do the trick, but first I need to set RSAParameters with the modulus and exponent from the public key.

问题 I have to write a test case against new code which checks to make sure that an X.509 cert is version 3, but I need some legacy (v1/v2) certs to use during testing to verify that the code works. I'm trying to generate the certs using openssl on a Mac. All i get are v3 certs. I've read thru the openssl manpage and see nothing about creating v1 or v2 certs. Aside from setting up an old OS on old hardware and installing an old version of openssl, are there any ideas for generating old certs or