digital-certificate

问题 I created one root, one intermediate certificate. Then I signed my Extended Certificate, but it did not. I added root and intermediate certificates to the browser and to the computer' keystore. I see the word "Secure" but I want to see my name in the green bar. What is the policy for generating one extended certificate with OpenSSL? certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect [polsect] policyIdentifier = 1.3.5.8 CPS.1="https://jitc.rahmican.com.tr"; userNotice.1=@notice [notice]

问题 My scenario is we have one program (exe) that will start other programs if found in a particular folder. I want to ensure it only ever starts programs which are signed with our Corporate certificate (Verisign approved etc). Essentially then it will only start the programs with the same certificate as itself. I don't want to ship the certificate itself. I've been searching the web and the system namespace and haven't found a clear example that reads the certificate data from a file and also

问题 I have an asp.net application and I need to authenticate users using X509 certificates. That is, the user must install a certificate issued by me so that he can browse my website and I can identify which user is, by this certificate. I have already configured SSL on IIS, but it's not what I'm looking for right now, and I don't know where to start. How can I achieve this in asp.net c#? 回答1: To create a secure authentication mechanism you would use both client certificates and username /

问题 I have a rootcert file and I dont know whether it is in .pem format or not, how do I check that it is in .pem format? 回答1: A .pem format certificate will most likely be ASCII-readable. It will have a line -----BEGIN CERTIFICATE----- , followed by base64-encoded data, followed by a line -----END CERTIFICATE----- . There may be other lines before or after. 回答2: DER vs. CRT vs. CER vs. PEM Certificates and How To Convert Them Quote from the support page: View ==== Even though PEM encoded

问题 I provide SSL pages on my web server, and I have a question. What is the difference between SSLCACertificateFile and SSLCertificateChainFile? When I use SSLCertificateChainFile, I got warnings from Japanese cellular phone browser, but when I use PC browser(like IE, FF), there was no problem. On the other hand, SSLCACertificateFile didn't cause any problem for both browsers. Is there any difference when browsers connect to apache? 回答1: SSLCertificateChainFile was a correct option to choose but

问题 I'm trying to establish a https connection using the server's .cer certificate file. I am able to manually get the certificate file using a browser and put it into the keystore using keytool. I can then access the keystore using java code, obtain the certificate i added to the keystore and connect to the server. I now however want to implement even the process of getting the certificate file and adding it to my keystore using java code and without using keytool or browser to get certificate.

问题 I need a function in Delphi to verify the digital signature of an external EXE or DLL. In my particular application, I am going to occasionally invoke other processes, but for security purposes I want to make sure these executables were created by our organization before running them. I have seen Microsoft's example in C, however, I do not want to waste the time translating this to Delphi if somebody else already has. I would prefer a snippet or code example over a third-party library. Thanks

问题 I am trying to setup the Royal Mail Shipping API (if anyone has any experience of this i'd be grateful if you could assist). In the documentation they provide I need to download a certificate (a .p12 file) & import this onto my Windows machine - this is pretty straightforward using the 'Certificate Import Wizard'. Once it gets to the "Set Security Level' I must select High & this will request permission with a password each time this is used. In Internet Explorer in 'Internet Options' within

问题 I want to manually verify the integrity of a signed pdf. I have been able to reach at:- got the value of '/Content' node from pdf(using PyPDF2 ). This is a der encoded PKCS#7 certificate. Now as per pdf specifications , the message digest of the pdf data is stored along with the certificate in /Content node. Tried a lot but I am not able to get the digest value which I would eventually compare with hashed pdf content(specified by /ByteRange ). PDF specification snapshot:- Don't understand the

问题 Has anyone came across where they have to deal with .truststore file? and knowing how to import .cer into .truststore file? I am not sure if I have to use Java Keytool or Linux command (such as openssl command). Thanks 回答1: # Copy the certificate into the directory Java_home\Jre\Lib\Security # Change your directory to Java_home\Jre\Lib\Security> # Import the certificate to a trust store. keytool -import -alias ca -file somecert.cer -keystore cacerts -storepass changeit [Return] Trust this