x509certificate

I have developed an IOS App that is communicating with a Server using HTTPs (I'm also the developer of the server, it's embedding a Tomcat server). This App is working without any issues with IOS8 but it's not with IOS9. I get the following error when sending an HTTPs request: Session download has failed : Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo=0x7fa9c44b2e40 {NSErrorFailingURLStringKey=https://127.0.0.1:8443/MyServer/MyApp, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?,

Android's WebViewClient calls onReceivedSslError when it encounters an untrusted cert. However, the SslError object I receive in that call doesn't have any way public way to get to the underlying X509Certificate to validate it against an existing TrustStoreManager . Looking at the source, I can access the X509Certificate 's encoded bytes thusly: public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { Bundle bundle = SslCertificate.saveState(error.getCertificate()); X509Certificate x509Certificate; byte[] bytes = bundle.getByteArray("x509-certificate"); if (bytes

I need to trust some self-signed certificates in the application, so I override validation callback like this: ServicePointManager.ServerCertificateValidationCallback = MyRemoteCertificateValidationCallback; ... public static bool MyRemoteCertificateValidationCallback( Object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { if (sslPolicyErrors == SslPolicyErrors.None) return true; if (IsAprrovedByMyApplication(sender, certificate)) // <-- no matter what the check here is return true; else return false; // <-- here I'd like to call the default Windwos

I'm unit testing a .NET application; some of the unit tests involve programmatically generating X509Certificate2 objects. I don't care about actual signing/private key/validation stuff, I'd just like to have an object that doesn't throw exceptions when its fields are examined. I tried using the parameterless constructor, but then a whole bunch of fields throw exceptions when accessed. As seen in the debugger: SubjectName = '(new System.Collections.Generic.Mscorlib_CollectionDebugView(result.Certificates)).Items[0].SubjectName' threw an exception of type 'System.Security.Cryptography

I'm developing WCF service with Transport Security hosted on IIS 7.5 under Windows 2008R2. I have a certificate, generated in IIS 7.5 which is stored in Local folder. When I use BasicHttpBinding or WSHttpBinding with Transport Security - everything works fine. But when I change it to NetTcp I get an exception : CryptographicException 'Keyset does not exist'. After a bit of googling I found out that the problem can be because my NETSERVICE IIS account doesn't have premission to the private key of my certificate. The solution could be to set the rights to accesss in MMC by right-clicking on my

I am using the following code and get HttpRequestException exception: using (var handler = new HttpClientHandler()) { handler.ClientCertificateOptions = ClientCertificateOption.Manual; handler.SslProtocols = SslProtocols.Tls12; handler.ClientCertificates.Add(new X509Certificate2(@"C:\certificates\cert.pfx")); // I also tried to add another certificates that was provided to https access // by administrators of the site, but it still doesn't work. //handler.ClientCertificates.Add(new X509Certificate2(@"C:\certificates\cert.crt")); //handler.ClientCertificates.Add(new X509Certificate2(@"C:

I want to generate a self signed trusted certificate and a csr and sign the csr with trusted certificate created. I am trying it with keytool. In the first step of creating a trusted certificate using the below command keytool -genkey -alias mytrustCA -keyalg RSA -keystore keystore.jks -keysize 1024 where it puts the certificate into keystore. How can I store it to a file ? and when I list the contents using keytool -list -v -keystore cert/test.keystore Certificate created with above "genkey" command creates with entry type as "PrivateKeyEntry", how can create a trusted Cert Entry ? In your

I need to get my dev machine to read a certificate from the local machine store to do this I need to run winhttpcertcfg.exe and specify the account I want to elevate What would this account be for IIS express? (For IIS it would be the IWAM_MachineName) thanks a lot IIS Express runs as your user account. When installed, you should find an IISExpress folder in your My Documents folder. 来源： https://stackoverflow.com/questions/8446359/what-account-does-iis-express-run-under

I am using the following code to retrieve all certificates in my PC from an asp.net webapp. The certificates collection is empty, and I can't understand why. I tried impersonating my own user account and I didn't succeed as well. What am I doing wrong? var store = new X509Store(StoreLocation.CurrentUser); //StoreLocation.LocalMachine fails too var certificates = store.Certificates; foreach (var certificate in certificates) { var friendlyName = certificate.FriendlyName; Console.WriteLine(friendlyName); } //original problem: fetch a single certificate by its subject name X509Certificate2

I do have private key(my_ca.key) and public key(my_cert.crt) which is signed by DigiCert. Now I want to generate the SSL certificate (version 3) and sign it by my private key . Here is the way I tried to do that. But when I export into keychain (Mac OS X). I have been getting error like this " This certificate has an invalid issuer keychain ". No idea how to solve this. Here my_cert.crt is extended from DigiCert High Assurance CA-3 and that one extended from DigiCert High Assurance EV Root CA. Also added DigiCert High Assurance CA-3, DigiCert High Assurance EV Root CA into keychain. It shows