certificate

问题 On Aug 14th, the gtecybertrust5ca certifcate used by Glassfish expired causing my Arquillian tests to print errors. This problem is similar to this one: Certificate has expired” in log by starting Glassfish 3.1.2 except, I am using the Embedded version of Glassfish via Maven, Arquillian and SureFire to run unit and integration tests. I have tried instructing Maven to use a local keystore, the one that comes with the JRE, in an effort to keep the expired cert from being used. I verified the

问题 I'm trying to find the SHA1 hash of my signature key store on macos sierra using the following comand: keytool -exportcert -alias androiddebugkey -keystore $HOME/.android/debug.keystore -list -v -storepass android The result looks like below: Alias ​​name: androiddebugkey Date of creation: Oct 25, 2017 Input Type: PrivateKeyEntry Length of certificate chain: 1 Certificate [1]: keytool error: java.util.IllegalFormatConversionException: d != java.lang.String java.util

问题 I'm trying to connect to a secure webservice throught a proxy using the curl command, but I get the follow error: Unable to load client cert -8018. Complete log: [e-ballo@myserver]# curl -v -x proxy01.net:8080 https://endPointURL.com/SOAP --key ./cert.crt --cert ./cert.crt -capath=/etc/pki/tls/certs * About to connect() to proxy proxy01.net port 8080 (#0) * Trying 10.0.3.64... connected * Connected to proxy01.net (10.0.3.64) port 8080 (#0) * Establish HTTP proxy tunnel to endPointURL.com:443

问题 I'm trying to connect to a secure webservice throught a proxy using the curl command, but I get the follow error: Unable to load client cert -8018. Complete log: [e-ballo@myserver]# curl -v -x proxy01.net:8080 https://endPointURL.com/SOAP --key ./cert.crt --cert ./cert.crt -capath=/etc/pki/tls/certs * About to connect() to proxy proxy01.net port 8080 (#0) * Trying 10.0.3.64... connected * Connected to proxy01.net (10.0.3.64) port 8080 (#0) * Establish HTTP proxy tunnel to endPointURL.com:443

问题 I am trying to use the (java) keytool to create a self signed certificate but when I attempt to use it I get the following exception (see bottom for entire exception). ...<5 more exceptions above this> Caused by: sun.security.validator.ValidatorException: No trusted certificate found at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304) at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107) at sun.security.validator.Validator

问题 I want to modify .Net's default ServerCertificateValidationCallback to validate as true some of my company's certificates, but keeping the default validation for other certificates. I can't seem to do this since the default ServerCertificateValidationCallback value is null. ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => validCertificatesSerialNumbers.Contains(certificate.GetSerialNumberString()) || defaultlCallback.Invoke(sender,

问题 through the bouncycastle wiki page I was able to understand how to create a X.509 root certificate and a certification request, but I do not quite understand how to proceed concept- and programming wise after that. Lets assume party A does a cert request and gets his client certificate from the CA. How can some party B validate A's certificate? What kind of certificate does A need? A root certificate? A 'normal' client certificate? And how does the validation work on programming level, if we

问题 Is there a way to programmatically check the Subject Alternative Names of a SAN SSL cert? Using, for instance, the following command I can get many info but not all the SANs: openssl s_client -connect www.website.com:443 Thank you very much! 回答1: To get the Subject Alternative Names (SAN) for a certificate, use the following command: openssl s_client -connect website.com:443 | openssl x509 -noout -text | grep DNS: First, this command connects to the site we want (website.com, port 443 for SSL

问题 I'm trying to generate ECDSA self-signed certificate as described in generate certificate using ECDSA. Putting all pieces from bartonjs's answer together and using Net.Framework 4.7 (or Net.Core 2.0 ) following code seems to be working although there are some ambiguities (at least one) left: I'm not sure how to properly convert private key ('D' parameter) from BC-BigInteger to MS-byte[] . Using BigInteger.ToByteArray() throws exception: CryptographicException : The specified key parameters

问题 I'm trying to sign an ActiveX control with a code signing certificate issued by Thawte. I was able to successfully sign the control using signtool.exe. When I look at the file properties, it says "The certificate in the signature cannot be verified." When I view the certificate it says "Windows does not have enough information to verify the certificate." On the certification path tab, it says "The issuer of this certificate cannot be found." In internet explorer, the certificate is recognized