I am running a number of SSL-encrypted websites, and need to generate certificates to run on these. They are all internal applications, so I don't need to purchase a certificate, I can create my own. I have found it quite tedious to do everything using openssl all the time, and figure this is the kind of thing that has probably been don...
I want to buy a 128bit SSL certificate for a website selling services. I checked http://www.rapidssl.com/ssl-certificate-products/ssl-certificate.htm and http://www.geotrust.com/ssl/compare-ssl-certificates.html. Why are the prices for QuickSSL (Geotrust, $249) and RapidSSL (rapidSSL, $69) so different? Is there any particular reason for...
I just installed a SSL certificate. This certificate is encrypted with 2048 bit encryption. However, the cypher is 128 bit encryption(or 40, or some other variation depending on the browser.) It seems that there are two different types of encryption here. The "handshake" encryption of 2048 and the "over the wire" encryption of some mag...
I want a SSL certificate for my web site that will not only be accepted without warning by all popular browsers (at least accepted by Firefox and Internet Explorer), but also give my visitors the green address bar. Which certificate authority is selling the least expensive extended validation SSL certificates? ...
Can anyone please tell me if Certifying Authorities (CAs) are allowed to make modifications to the Certificate Signing Request (CSR) before actually signing the certificate with their own private key? Specifically, I'd like to know if it's valid for the CA to insert additional fields (such as EKUs) into the cert before adding their sig...
Is it possible to query certificate store on windows server 2008 using .net platform? I would like to get information about certificates that were issued by this system. tnx grega g ...
Pretty much what the question says. What's the difference between the two classes of roots? The differences between the certificates signed by such roots? What uses would a class 1 signed certificate have that a class 3 doesn't, and vice versa? ...
I'm trying to setup a hierarchical PKI. Can I create a truststore containing only the root ca certificate, and will that mean my application trusts certificates signed by a sub-ca certificate which is in turn signed by the root ca? As an aside, it seems that you must provide an entire certificate chain, including the root ca certificate...
Is there any certificate authority that allows for programmatic signing of windows mobile applications? At the moment my team uses Geotrust. Our build procedure looks like this: Build app "pre-sign" app with multi-step tool ( fill out form and upload "pre-signed" app on geotrust web site download signed app repeat There must be a b...
I'm currently working on a project where I've created a CA cert and a couple of child certs to that CA cert. The certificates are going to be used to protect inter-server communication in a SAMLV2 setup so I'm going to have a cert for the identity provider and a cert for the service provider. The user/browser isn't going to validate the ...
I'm using Citrix's sample code as a base and trying to get it to generate ICA files that direct the client to use their Secure Gateway (CSG) provider. My configuration is that the ICA file's server address is replaced with a CSG ticket and traffic is forced to go to the CSG. The challenge is that both the Citrix App Server (that's prov...
Automatic certificate enrollment for [userid] failed to enroll for one Basic EFS certificate (0x800706ba). The RPC server is unavailable. I have been getting these errors for a few weeks, about a dozen every day. I checked the certificates with MMC and they are going to expire in 2 weeks. I cannot find an answer to these questions: ...
I need to be able to remove a specific certificate from each PC in my organization. Yes, I could go seat-to-seat, but I have until Thursday to pull it off, and I don't have the manpower to go seat-to-seat. Is there a programmatic way of doing this using C#? ...
I'm tasked with obtaining a code signing certificate. Our application actually consists of 2 complementary components: a desktop application and a Windows Mobile application designed to run on PDAs. Currently our mobile install (via CAB file) triggers the security prompts in Windows Mobile 6 and it is confusing to our users. We want to e...
I need a small CA software which meet following criteria: CLI Interface (we all really hate gui things for server software, don't we?) Issuing certificates for websites. So I just can install one root certificate on client machines to get rid of that warnings) Issuing user certificates (as p12 and other stuff, so I can authenticate usi...
Hello, I migth have another question about SSL. I have a Smart Client and I deploy it using ClickOnce. In this Smart Client application, I call a HTTPS Web Service. I need so to install a Trusted Root Certification Authorities to give access to this HTTPS Web Service. Let's say that I want to keep it fully "ClickOnce", meaning that I ...
I'm looking at options to buy a code signing certificate for my company. I want it to be usable for MS Authenticode and also for Java and I want it to be trusted with the default trusted authority list that ships with a new install of Windows (ie. I don't want the use to have to add a new trusted authority). I've seen previous discussio...
I'm reposting my question from discussions.apple.com since it hasn't been answered, yet: Certificates created with "/System/Library/CoreServices/Certificate Assistant.app" (verion 2.0, build 32175) lack many standard X509v3 extensions, not limited to but most notably: Subject Key Identifier ( 2 5 29 14 ) Authority Key Identifier ( 2 5...
Problem: I'm getting a thrown error from javax.net.ssl.SSLHandshakeException (see attached picture) Is it possible for Java to have a corrupt or missing CA cert? If so how can I repair or resolve this issue/error? Things I've Tried: I have removed all versions of JRE from the PC and installed the latest version of JRE (1.6.14). Cl...
How to import certadm.dll into managed project and use RevokeCertificate method? I tried adding it as reference but I got error asying it's not assembly or COM object. Any ideas? UPDATE: I already tried regsvr32 c:\certadm.dll and I get following error: LoadLibrary("c:\certadm.dll") failed - the specified procedure could not be found....