certificate

WCF client certificare not valid

I try to send a message to MSMQ using WCF. I want to use Transport security and sign messages. However, when I set clientcertificate credentials and try to send message, an error is being thrown: "An error occurred while sending to the queue: The user certificate is invalid. (-1072824276, 0xc00e002c)". Certificate is stored in LocalMachi...

WCF service certificate and client side endpoint identity - why it doesn't work?

[Update] - I attach also full config files, for service, and for client (outside of here, not to flood the topic) I'm having situation pretty much identical to the one outlined in this question, however my question is somewhat different. I'm using NetTcpBinding with security set to TransportWithMessageCredential I'm using Password/Use...

SAML: Why is the certificate within the Signature???

Hi, I have to implement SSO with SAML for my company's website (as the relying party). An essential part off course is the verification of the signature. Here is the signature part of a sample SAML from our partner company (asserting party): <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"&gt; <ds:SignedInfo xmlns:ds="http:...

CertCreateCertificateContext returns ASN1 bad tag value met

Hi, I'm loading a .p7b certificate file into memory and then calling CertCreateCertificateContext on it, but it fails with the error "ASN1 bad tag value met.". The call look like this: m_hContext = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, pbCertEncoded, dwCertEncodedLen); This returns NULL and GetLastErro...

How to add timestamping signature to System.IO.Packaging.Package?

There is a way to create packages, add some parts and sign it with a X509Certificate. I would also like to add a timestamping signature to the package. If the certificate expires or gets revoked the signature should remain valid if the package parts have been timestamped before the expiration/revokation. P.S. I'm using the System.IO...

Problem with certificate

Hi, I´m developing a tool (ASP.NET page that generates a file with stamped with a private key to be validated later on other app. I´m using makecert for the certificate creation: makecert -sky "privatekey" -sk "MyCompany"-n "CN=MyCompany" -ss -pe CertFile.cert The generated cert is on my dev machine. Then I run this code and It can ...

After VS2008 to VS2010 project upgrade getting "manifest signing certificate" error

I created a test project with VS2008 C# Express on computer 1 (Vista). I converted it to VS2010 C# Express on computer 2 (Windows 7). The converted project gives me this error: Unable to find manifest signing certificate in the certificate store. I've found articles about signing project certificates etc. but they are not that ...

Change pfx password in .NET

Hi, I wonder how to change the password for .pfx file using crypt32.dll. I tried : public bool ChangePassword(String pfxfilename, String pswd, String newPfxfilename, String newPswd) { IntPtr hMemStore = IntPtr.Zero; IntPtr hCertCntxt = IntPtr.Zero; IntPtr pProvInfo = IntPtr.Zero; bool result = false; ...

multiple services with same self-signed certificate

I've got a WCF intranet application I'm working on that will have 150 clients controlled/monitored by a control application. Is it kosher to create a self-signed certificate and install this same certificate on each of the 150 clients? I want security between the client and server but will not have authentication support from a domain ...

Determine certificate type

There doesn't seem to be any sort of standard naming convention for OpenSSL certificates, so I'd like to know if there's a simple command to get important information about any OpenSSL certificate, regardless of type. I'd like to know at least the certificate type (x509, RSA, DSA) and whether it's a public or private key. Looking at the ...

How can I create an automated test for valid WIndows installer certificates?

We have a situation where for some reason the certificates on our Windows Installers for our product tends to get broken or go bad. Never mind why, the key is that it is not currently detected by our nightly test runs. So how can that be done? I.e., an automatic test that runs a Windows installer and checks if it pops up a UAC or bad...

WCF : Could not establish trust relationship for the SSL/TLS secure channel with authority - back to the drawing board

Really thought I had this issue fixed, but it was only disguised before. I have a WCF service hosted in IIS 7 using HTTPS. When I browse to this site in internet explorer, it works like a charm, this is because I HAVE added the certificate to the local root certificate authority store. I'm developing on 1 machine, so client and serve...

Accept SSL Certificate in vb6 using the Webbrowser control.

The Problem: I am creating a vb6 application that will connect to a particular web service located on a a HTTPS site. The problem is, the HTTPS site I'm accessing requires all request to accept it's certificate policy. (as its a self-signed ssl certificate) Basically I need the application to accept security certificate dialog boxes aut...

Automating Clickonce deployment with security ( certificates etc. ) such that client installs the application without any prompt.

Hi, I just read this --> Configuring ClickOnce Trusted Publishers and got it running at another computer on network. I deployed the application on network itself (i.e. \\abc\something ). Though I could not find certmgr.exe as part of Windows core component, as the article says ( ..so you will need to use the certificate management c...

SslRequireCert doesn't work with a WCF-service

I'm currently developing a RESTful service using WCF and WCF Rest Contrib. The service is split into two parts: BasicAuthService and CertAuthService. On the first one the client is authenticated using Basic authentication (over HTTPS) and on the second X509 client certificates are used. My problem is that IIS never requests a client ce...

netsh error on windows 2008 R2

We are upgrading the server from Windows 2003 to 2008. As part of the process, I need to configure a port with a SSL certificate. When I ran the following command: netsh http add sslcert ipport=1.2.3.4:8000 certhash=certificatehash appid={someGUID} I got the following error: SSL Certificate add failed, Error: 1312 A specified logon s...

Where did 'My" certificate store go?

Because I'm awesome I'm trying to run the latest WIF demo app using VS2k10 B2 on my 7 boxen... 64bit of course (my neckbeard is strong) I'm having a problem getting it running. Part of the whole demo thing requires I install some certificates on the local machine. Problem is that they ask me to install some of the website certs into a ...

How can I have multiple SSL certificates for a Java server

I have an in-house HTTP server written in Java; full source code at my disposal. The HTTP server can configure any number of web sites, each of which will have a separate listen socket created with: skt=SSLServerSocketFactory.getDefault().createServerSocket(prt,bcklog,adr); Using a standard key store created with the Java keytool, I c...

Generate certificate for signing AIR app

How do I generate a self-signed certificate to sign an adobe AIR app? I'm using the maven flexmojos plugin. I've followed an openssl tutorial to generate a .p12, but now the mvn plugin /adt compiler is telling me that the certificate is not a X509 certificate. Thanks ...

Code signing didn't complain when I changed an exe file?

I purchased a code signing certificate and all looks well. When tested inside a clean Virtual PC OS I no longer get the "The Publisher could not be verified" message. So just for grins, using a hex editor, I change a few constants in the VB6 exe which I see on a form. And the VB 6 exe still runs wihout any error message. I thought th...