x509certificate

When newing up an instance of X509Certificate2(string, string) my IIS process simply crashes. No .Net exception, no nothing, except of this in my event log Faulting application name: w3wp.exe, version: 8.0.9200.16384, time stamp: 0x50108835 Faulting module name: ntdll.dll, version: 6.2.9200.16420, time stamp: 0x505ab405 Exception code: 0xc0000374 Fault offset: 0x00000000000ea485 Faulting process id: 0x102c Faulting application start time: 0x01ce10301e250c4d Faulting application path: c:\windows\system32\inetsrv\w3wp.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 5e55321c

I work in company with many servers and Pcs for developers. Servers are win2003, PC developers Windows XP. In a server Win2003 named preiis01, in preproduction environment, other people in company install a client certificate using any other user (domainCompany\adminsystems) for logging in server preiis01. Anyone admin uses the user "domainCompany\adminsystems" for log in server preiis01 (using Terminal Server, Remote Desktop for Windows XP). the admin user is domainCompany\adminsystems", which installs certificate. Admin user install it like this: Session login like "domainCompany

I want to create a X509 certificate using Java language and then extract public key from it. I have searched the internet and found many code examples, but all of them have errors (unknown variable or unknown type) or have many warnings that say something like : "the method ... from type ... is deprecated " etc. For example, why the following code doesn't work: PublicKey pk; CertificateFactory cf = CertificateFactory.getInstance("X.509"); String PKstr = pk.toString(); InputStream PKstream = new ByteArrayInputStream(PKstr.getBytes()); X509Certificate pkcert = (X509Certificate)cf

How can I create a certificate using makecert with a 'Subject Alternative Name' field ? You can add some fields eg, 'Enhanced Key Usage' with the -eku option and I've tried the -san option but makecert doesn't like it. This is a self-signed certificate so any method that uses IIS to create something to send off to a CA won't be appropriate. Makecert doesn't appear to support SANs so I created a certificate with SANs for use with IIS using OpenSSL. Check out my post about it. http://andyarismendi.blogspot.com/2011/09/creating-certificates-with-sans-using.html An even easier way is to use the

What is the difference between the two? p.campbell The x509Certificate was introduced in .NET v1.0/1.1 and was (comparatively) limited in its functionality. It can be used to get information about an existing certificate (valid dates, issuer, etc.). It had simple methods/operations (i.e. reading a cert from disk). The x509Certificate2 is a subclass of x509Certificate with additional functionality. It represents an actual X509 certificate. It was new in the .NET Framework v2.0. This class gives you access to all the V2 and V3 properties (authority key identifier and key usage). It supports

I need to ignore the PKIX path building exception javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderExc ption: unable to find valid certification path to requested target I know how to do this by writing my own class implementing X509TrustManager where I always return true from isServerTrusted . However, I don't want to trust all servers & all clients. I want all the default verification to be done for clients as is done currently. For servers, I want to ignore server cert verification

I need to create a wcf client to call a service that I have no control over. I have been given a wsdl and a working soapui project. The service uses both a username/password and a x509 certificate. UPDATE I now understand what the problem is, but am still unsure what steps I need to take to be able to create the required message, so any help would be much appreciated. I need to sign both the UsernameToken and the SecurityTokenReference. The code I had to create the custom binding has been removed from this post as its no longer used. I no longer add a SecurityBindingElement to the binding,