certificate

calling a web service that has an untrusted certificate using ssl in flex/air

Hi, In our flex/air application we are calling a web service over https. The web service is java based and has, at the moment, an untrusted certificate. When doing a POST to the service with some json, the payload on the server side is pretty garbled. A popup does occur asking whether you want to continue and even when I do and add...

Serve different certs for same Tomcat application via connectors?

For a limited time, we have to serve the same Tomcat 6 web application from two different domain names. Both domains need to be served HTTPS - is it technically possible to handle serving different certs for the same app using connectors (or other method)? The other option (which we are trying to avoid) is to handle the cert delivery up...

Publisher name does not appear on the UAC dialog

I've signed my .msi with this command line: signtool.exe sign /f mycert.pfx /p /t http://timestamp.verisign.com/scripts/timstamp.dll /d "MSIName.msi" /v "MSIName.msi". The 'Digital Signature' tab is displayed on the .msi properties dialog and contains the right information but when the UAC dialog appears the 'Publish Name' is still ...

Should I be able to see subjectAltName options when I view a certificate?

I've requested an certificate (for SSL on IIS 7) with several subjectAltNames. I'd read that some people might not like to do this because of the public being able to see links between different sites. (This doesn't matter as the certificate is for internal use). But this suggests that I should be able to see the subjectAltNames when ...

Security token in message transfered by SSL

Hi, I need in WCF ensure soap header like this: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"&gt;&lt;SOAP-ENV:Header&gt; <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1"> <wsse:BinarySecurityToken xmlns:wsu="http:...

Why does WCF complain over identity check failure?

I'm creating a WCF application where I'll be using certificates to encrypt the communication between the client and server. In my development environment, I want to use a test certificate / self signed certificate which I've created using makecert. (Only the server will have a certificate, the client won't). I've installed the certifica...

Delphi 7 access Windows X509 Certificate Store

Hello, My questions if pretty simple: is there a simple way to access Windows X509 Certificate Store using Delphi 7? Before asking this questions I have googeled, but have not found any useful info Thank You ...

Securing multiple domains on a single app.

I'm investigating a feature to allow users to point their own domain names at our service to provide a more complete white-lable offering. So, I end up with multiple domains hitting the same IP. How do I provide SSL security for this? Do I need a cert per domain? UC certs? How would you deploy and manage this in a rails app? ...

Apple Push Notification Service: Certificate Install Server Side?

I've followed the instructions at How to build an Apple Push Notification provider server (tutorial) in an attempt to set up a push notification server. When I attempt to connect with the following PHP code // connect to apns server $strAPNSUrl = 'ssl://gateway.sandbox.push.apple.com:2195; $strAPNSCert = 'dev.pem'; // generate stream ...

iphone app submission with other developers binary

Hey All. I am making an app that needs to be released by the client. Am I able to build and sign the final binary with my distribution certificate and send it to the client to upload? Or will I have to send them the source to compile with there own certificate? Cheers ...

X509Certificate2-class problem

Hi all, i have two machines machine1 and machine2. On one of those two machines (machine2) is my certificate store, the certificate store on machine1 is not allowed to be used. Further, i have do do some webservice-calls from machine1 against an client-certificate-secured web-service. The certificate which i would like to add to the web...

Java: How to show a dialog to let the user accept SSL certificates

I'm currently having a self signed certificate for my HTTPS webserver. In my java program there is a SSLSocketFactory that will create a socket to the webserver. The default implementation of sun blocks the self signed certificate. With an own implementation of a X509TrustManager I can only check whether the date of the certificate is v...

verify cert with certutil.exe

Hi, I have stupid problem, what is correct syntax on verify certificate in certificate store with certutil.exe. I have client certificate in cerstore. I try this: certutil.exe -verify CertCommonName but in finish with this error : DecodeFile returned The system cannot find the file specified. 0x80070002 (WIN32 : 2) LoadCert(Cert) retu...

WCF client endpoint certificate reference, how to find when there's a comma in the distinguished name parts?

We are trying to reference a certificate for a client endpoint configuration in our WCF configuration file. The configuration looks like this: <client> <endpoint address="https://domain.server.com/path/service.asmx" binding="basicHttpBinding" bindingConfiguration="TestServiceSoap" contract="..." name="..."> ...

Using client side certificates with objective-c under macosx with Cocoa

I am looking for sample code or documentation on how to use client side certificates with SSL under MacOSX. The server I want to connect to, does speak a custom ascii protocol but allows only ssl connections with registered client certificates. I already wrote a client in Java that works. In Java I initialized a SSLContext with a Ke...

Problem with extracting X509 certificate from Context on web service side

Hi, I have one problems. I used X509 certificate to call asmx web service. The communication scenario is : client pick a x509 certificate from certstore, add to proxy object and call method CreateConnection on web service side: Code is here : private void button1_Click(object sender, EventArgs e) { X509Certificate2 cert = new X509...

Client-side SSL theoretical question

I work at company X and we want to engage in a B2B transaction with company Y. In doing so, Y is requiring client side authentication; they already provide server-side authentication - so this would be a mutual SSL transaction. My understanding is that I simply need to provide my CA-signed cert as part of my client side HTTPS communica...

How to create a self signed certificate with the private key inside in a file in one simple step ?

I'd like to generate a certificate for development purpose but, I don't want to install the certificate in the store. makecert with the switch -pe doesn't create the private key if you specify an output file an output file. I tried to create a .pfx file by exporting the certificate created with makecert, it asks me a password to protect...

How can I verify that a certificate is an EV certificate with Java?

Consider the following sample code which uses a TrustManager to log whether an outgoing connection used a valid certificate (but accept the connection in all cases): import java.security.*; import java.security.cert.*; import javax.net.ssl.*; public class CertChecker implements X509TrustManager { private final X509TrustManager def...

Where is the trust store in JBOSS for a self-signed certificate?

I have created a self-signed certificate on my server. Now I need to import the certificate to the trust store so that the application . If it was Tomcat, I would put it here: %JAVA_HOME%\jre\lib\security\cacerts Where is the equivalent in JBoss? Where should I look? ...