signing

问题 Im trying to write program which should verify XML sign using xades4j library. I have something like this: public static void verify() throws Exception { FileSystemDirectoryCertStore certStore = new FileSystemDirectoryCertStore("C:\\(...)"); KeyStore trustAnchors = KeyStore.getInstance("jks"); trustAnchors.load(null); CertificateValidationProvider certValidator = new PKIXCertificateValidationProvider(trustAnchors, false, certStore.getStore()); XadesVerificationProfile p = new

问题 When I compile my application , I get following compile error. Unable to find manifest signing certificate in the certificate store. Then I find the resolution for the above error and then try to import certificate, I am getting following error. An internal error occurred. the private key that you are importing might require a cryptographic service provider that is not installed on your system. I also check the folder option of MachineKeys in C:\Documents and Settings\All Users\Application

问题 Just updated from OSX 10.9.4 to 10.9.5, looks like I have to change how I sign Java application after updating because Im now getting this output after signing with export CODESIGN_ALLOCATE="/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate" /usr/bin/codesign --sign "Developer ID Application: P Taylor" --force --deep --verbose /Applications/SongKong.app Im getting: /Applications/SongKong.app: the main executable or Info.plist must be a

问题 i have getting a issue when i generate signed APK from android studio 3.1 i get error Magic Number Mismatch. I already do uninstall android studio and reinstall new copy download and install. Can you please help me to resolve this issue. 来源： https://stackoverflow.com/questions/47808279/magic-number-mismatch-error-in-android-studio-when-generate-sign-apk

问题 It is a conundrum! I have an applet in a JAR. When JAR is signed - be it self-signed or with a DigiCert sertificate - I get a ClassNotFoundException on the main applet class. When I don't sign the applet, it loads just fine - (not counting the expected SecurityException due to the code not being signed). But I can unpack the signed JAR and find everything to be where it is supposed to be. The strangest part is that up until last week the set-up worked just fine. Same main class, self-signed,

问题 Developer signed an app with his personal keystore but it should have been the company's keystore. Is it possible to update the app in the marketplace using the company's keystore now, and still having streamlined updates to users? Are there any consequences of this? 回答1: No, you will have to publish the app as a new app in the market. This time signed with the company's key. You will also have to change the package name as it is already used by the app which is already in the store. When you

问题 I purchased an authenticode certificate from a well known provider. Now I want to strong name an assembly and later on digitally sign it. This is what I've done so far: Extracted public key from pfx by running sn.exe -p keypair.pfx key.snk Checked both "Sign the assembly" and "Delay sign only" checkboxes on project properties signing tab Provided key.snk as keyfile to sign with Extracted public key token by running sn.exe -tP key.snk Disabled strong name verification on my devbox by running

问题 I've just discovered J2ME and I love the possibilities that it presents. I'm currently working on a simple application and I'd like to maybe release it as an open-source project sometime in the future. As part of my research into J2ME and mobile devices, I looked into applet signing. It seems that people who want to create applets for free are caught between and rock and an awful shite-place. Applet signing is extremely expensive and extremely convoluted - and the expense can't be justified

问题 My boss has procured a certificate from Comodo and I've been breaking myself against walls of text trying to find the solution to the problem of getting the certificate into a VB6 application. The certificate itself is in VB6 format and I know like next to nothing about this type of thing. The people at Comodo were just OH so helpful (From my boss, they said he can find something on the internet. Apparently they don't know how big the internet is -.-) Does signing the project require putting

问题 Is there a way to determine whether an Android application is signed for production or debug at runtime? 回答1: Yes, but no 100% reliable. The default (auto-generated) certificate has the DN 'CN=Android Debug,O=Android,C=US' as described here. If you check the DN and it matches the default, it is most probably the debug certificate. Nothing prevents people from generating their own debug certificate or using the same one for production and debugging though. You can get the signing certificate