x509certificate

I want to use TLS mutual authentication to authenticate a client on a API made in go. I've created a certificate authority, and let's say Bob has a key pair he wants to use with the client. Bob created a certificate request and want me to validate his certificate in order to be authorized and authenticated on the API. I've used this to create my Certificate Authority : openssl genrsa -aes256 -out ca.key 4096 openssl req -new -x509 -sha256 -days 730 -key ca.key -out ca.crt Bob used this to create his certificate and certificate request : openssl genrsa -out bob.key 4096 openssl req -new -key

We create a X509Certificate2 object in our ASP.NET app to make periodic outgoing connections. Every time one of these certificates is created a new file is created in: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys That folder now has 4 million files that never get cleaned up. I've tried removing the Persist flag new X509Certificate2(certBytes, p12Pwd, X509KeyStorageFlags.MachineKeySet); //no X509KeyStorageFlags.PersistKeySet but that doesn't help -- still get the 2Kb file on every call. I got my hopes up when I saw this answer , but this is a 2008 R2 server, and the temp files are not 0

I have written a program (obviously COPIED from the net, and modified it little according to my needs!) for file download/upload using apache ftp api and by creating a local server using Filezilla server. Everything is working FINE . The problem is I didn't get the part where we have to create a trust manager. Code: FTPSClient ftpsClient= null; SSLContext sslContext = SSLContext.getInstance(protocol); TrustManager tm = new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { System.out.println("getAcceptedIssuers------"); return null; } @Override public void checkClientTrusted

I want to know if it is possible to sign data using a smart card's private key without resorting to a java applet or activex control. I am tantalizingly close! Our environment is: AD Domain PKI infrastructure/smart cards (PIV) I knocked up a simple ASP.NET (.net 4.0) web forms app with: Windows Authentication on, Anonymous off Identity Impersonate on With the smart card in the reader I can easily enumerate the certificates on the logged-in user's smart card (StoreLocation.CurrentUser). However, when I try to access the private key (via a CSP), I get an "Access Denied" error. On my local

I have a WPF and WCF app that requires to install the certificate (.pfx) on the client side to enable WPF calling the WCF service. Now how can I prevent the client to export the certificate from his certificate store (so that he won't be able to grab the .pfx file and install it on another client computer)? Generate Certs for WCF Generate a Certificate Authority Cert makecert -r -pe -n "CN=MyCA" -ss my -sr localMachine MyRootPublicCert.cer -r Create a self signed -pe Mark generated private key as exportable -ss Subjects certificate store names that stores the output certificate -sr Subjects