certificate

问题 I am trying to configure a product called Hermes for a digital signature. I have a file MyCert.pfx which I specified in its configuration as follows: <component id="keystore-manager-for-signature" name="Key Store Manager for Digital Signature"> <class>hk.hku.cecid.piazza.commons.security.KeyStoreManager</class> <parameter name="keystore-location" value="/opt/mycompany/certs/MyCert.pfx"/> <parameter name="keystore-password" value="12345678"/> <!-- parameter name="key-alias" value="joeblank"/--

问题 I created a wcf service and could SUCCESSFULLY refer it in client application. But the problem comes when I implement X509 certificate. 1) when I change the service to use x509 Certificate, I couldn't create a proxy as the mex end points are not shown in the browser. So in this case, how should I refer the Service in client app, when the service is secured and mex end points are not exposed? 2) Can I use both message and transport security as Certificate? Will this scenario work for

问题 I am trying to learn using RSelenium. I am stuck with just trying to start the server using rsDriver. I am simply trying to run the code below and got the following error: rD <- rsDriver() checking Selenium Server versions: BEGIN: PREDOWNLOAD Error in open.connection(con, "rb") : Peer certificate cannot be authenticated with given CA certificates I searched around stack overflow and found out we can give options to rsDriver using below but I still got error: my_extra <- list("--ignore-ssl

问题 i've got following C# code for doing what i asked for in subject: public static void ExportCertificatesToFile(string FileName) { stringBuilder builder = new StringBuilder(); X509Store storeMy = new X509Store(StoreName.My); storeMy.Open(OpenFlags.ReadOnly); foreach (X509Certificate2 cert in storeMy.Certificates) { builder.AppendLine("-----BEGIN CERTIFICATE-----"); builder.AppendLine(Convert.ToBase64String(cert.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks)); builder

问题 I have a .NET web application which connects to a database hosted in the cloud on Microsoft's SQL Azure platform. Now I'd like to use Domo, a third-party cloud-based business intelligence service, to do some reporting on the data in the Azure database. The Domo consultant has told me that he needs a CA certificate path for the database server (in addition to other standard connection info) in order to connect to it. He has suggested that I need to get a cert and apply it to the database

问题 I want users to be able to install their own personal certificate into my Android application after installation from a website which generates the certificates, but when I use a WebClient or the Android Browser to surf to it, the Secure Storage pops up and installs it, which is unavailable by API until version 14 (Android 4.0), which my users do not have installed. An example of such a site is http://www.comodo.com/home/email-security/free-email-certificate.php . Here you can request a

问题 Imagine for a moment that we're using classic asymmetric encription with WCF (private/public key pairs). Obviously it's secure until private keys aren't stolen. We don't need any trust chains between keys, right? Client only needs to know its server's public key and vice versa. A problem arises only if client doesn't know server's public key in advance and gets it on the first access. Here we have a risk that actual server is a "man-in-the-middle" instead of the real server. Here we need

问题 I'm hoping someone can help me resolve this maddening issue. My friend and I are developing a mac store app, hosted on github. We published the app a month ago from his machine, with his dev center account. I recently pull the source from github onto my machine, to work on an update, but when I try to build it in xcode, I get the error: "code signing identity does not match any valid, non-expired code-signing certificate in your keychain" I downloaded the 2 certificates from my friend's

问题 I have an issue with Request.getAttribute("javax.servlet.request.X509Certificate") returning NULL for some users during client certificate authentication and a valid certificate for others. For the users where this failed, if we delete and rebuild their Windows user profile, the problem get fixed. There is a workaround for this issue but I was hoping to avoid having our users rebuild their Windows account profile. Is there a specific setting in IE or ActivIdentity that might be causing IE to

问题 I am writing a very basic SSL client to connect to a HTTPS web server. I can connect and process the request/response just fine. However OpenSSL is reporting UNABLE_TO_GET_ISSUER_CERT_LOCALLY , but so far I choose to ignore the error :-). Now I want to solve that part of the problem. I am testing by connecting to a public SSL server on HTTPS, such as Google or Yahoo, and checking the return of SSL_get_verify_result(...) . As I understand it, I need the CA pem files for that specific site so