certificate

问题 I am having a chain of X509Certificates starting with user certificate and ending with trusted CA certificate. For the test, I am experimenting with Google certificates. I want to check the revocation status of every certificate in Certificate chain. I am using following code: public static boolean isCertChainValid(ArrayList<X509Certificate> certificateList) { try { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); CertPath certPath = certificateFactory

问题 How can I send and receive multiple inputs using Runtime.getRunTime.exec(). For example if I wanted to run something such as openSSL to generate a csr, it will ask for things such as state, city, common name.. and so on. Process p = Runtime.getRuntime().exec(cmd); OutputStream out = p.getOutputStream(); //print stuff p.getInputStream(); //Now i want to send some inputs out.write("test".getBytes()); //flush and close??? don't know what to do here //print what ever is returned //Now i want to

问题 I'm confused about something in the SSL renewal process using WHM/cPanel for an existing Comodo Extended Validation cert. We have been issued a replacement certificate by Comodo without - I believe - every submitting a CSR for them. I say "I believe" because there are 3 people with access to WHM for this server, but I'm assured that no one has been fiddling in the last year. Does this sound possible? CAN a cert be supplied without a CSR if it's a replacement? I will attempt to get hold of

问题 I'm confused about something in the SSL renewal process using WHM/cPanel for an existing Comodo Extended Validation cert. We have been issued a replacement certificate by Comodo without - I believe - every submitting a CSR for them. I say "I believe" because there are 3 people with access to WHM for this server, but I'm assured that no one has been fiddling in the last year. Does this sound possible? CAN a cert be supplied without a CSR if it's a replacement? I will attempt to get hold of

问题 I'm using the following code to generate a certificate chain with a root certificate, an intermediate and an end certificate: TestCertificates.java import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; import org.bouncycastle.asn1.x509.BasicConstraints;

问题 If you sign a windows (native, not .NET) application with a code signing certificate, does this somehow prevent it being subsequently infected with a virus? Obviously if you sign an already infected file, you've got a problem... 回答1: If the application is signed, it can't be altered without invalidating the signature. So if nothing else, it's easier to identify that the application has been tampered with. If it were an Office document, template or add-in with signed VBA modules, then

问题 If I lost the original certificate.keystore file created with keytool, but have the exact terminal output and all the stuff I entered to make it, is that enough to be able to create a new certificate that the android market publish site will accept without saying that the new apk must be signed with the same certificate? 回答1: This is a MAJOR flaw in the google android market. unlike apple where you can request your certificate with your apple developer account, google has no such service yet.

问题 Is it possible to convert a cert file to a pfx file? I tried importing my cerf file into IE, but it is never shown under the "personal" tab, thus I cannot export there. I am looking for if there is alternatives available. FYI, the cerf file is created by using "keytool" and then doing an export to a cert file. 回答1: This article describes two ways of creating a .pfx file from a .cer file: Maxime Lamure: Create your own .pfx file for ClickOnce Create your public & private Keys (You will be

问题 I want to create WCF services using aspnet membership to authorize the user. However, if I just need the certificate for encryption purposes only, does it matter if it is a self signed certificate or do you need to buy a certificate from a vendor? 回答1: You could use self-signed certificates, but the problem there is that you have to install the certificate on each and every machine that will use the certificate for encryption. If you have a large number of machines that the clients will run

问题 I have WCF service, using both BasicHttpBinding and NetTcpBinding at different endpoints within one ServiceHost. NetTcp is using a self signed certificate, which is loaded from file, all were well untill I try to actually make use of the BasicHttpBinding, so I do: On server: var ServiceHost host = new ServiceHost(blah blah); host.Credentials.ServiceCertificate.Certificate = GetCertificate(); //load a certificate from file host.Credentials.ClientCertificate.Authentication