I am building an application and I am planning on using Open SSL for securing data transfers. I am planning on only having the client validate the server's certificate. I am confused on how I should secure the server's certificate. I would like to encrypt the server's certificate containing the private key but I do not want to use any ha...
For two way verification is it necessary to import certicate from both sides? ...
How can I verify an X509 (or DER-formatted) certificate against the Java certificate store via the command line? I've looked into using the keytool utility, but it looks like it only handles import/export/display functionality (no verification). EDIT: It looks as though keytool can be used for verification, but only if an import is at...
According to the FAQ to GoDaddy they support SignTool from Microsoft, but mage.exe isn't mentioned. Mage.exe is used to sign the application, but I haven't been able to figure out if mage.exe uses SignTool. If anyone have used GoDaddy's code signing certificate for ClickOnce a short confirmation would have been appreciated. ...
My iPhone application runs fine in the simulator. I'm trying to deploy it onto a physical iPhone. When I install the provisioning profile, my Organizer says "A signing identity matching this profile could not be found in your keychain." I can't resolve this. What do I do? ...
When i generate a Certificate using MakeCert.exe I want to change the key size from 1024 to 2048. Is this possible? Or do i need to setup a Certificate Authority? Cheers Rohan ...
Some background: in order to provide authentication I'm using certificates on client and server side (WCF) and use one certificate for all clients (manually loading it from application directory - not the safest way, but it doesn't require to manage certificate storage and making installation more difficult): AddressHeader host...
I need to have my java applet use a soap based web service over ssl. I know that you can have a servlet act as a go-between/proxy, but I want to have the applet use the web service directly over SSL. The problem is supplying the certs to the web server hosting the web services. I supplied these Java Applet Runtime Settings via the Java C...
Hi all, I need to post XML to a server via https, but I need to verify that the self-signed server certificate is correct before I push the XML (which contains sensitive information). I'd prefer a perl solution, but there doesn't seem to be a CPAN solution that actually verifies the certificate - I thought Crypt::SSLeay would do it, bu...
Hi, Hope someone can help me on this matter. I'm looking for a way of enabling message level security on my WCF service other than using certificates. Problem is that the application is used on clients that connect via a VPN with multiple sites that each have their own domain controller and the domains does not trust each other. I'm tota...
I'm currently developing some software that uses XML Signing to transfer files securely between two machines. We're using X.509 certificates from our own CA as keys. The CA (Windows 2003 server) offers several types of certificates (Email Cert, Server Cert, ...) Which one of those would I need to generate for XML Signature? To my knowl...
Hi, My use case is very simple : I have a GUI application, and inside this application I host a service however clients of this services must be able to authenticate with UserName safely (The only thing I want is to encrypt messages to be sure that nobody can sniff to retrieve password of clients, I don't care about more security). So,...
On a customer's internal network, I can make a request to my SSL site using IE6 SP1 (on Win2K) and see one cert validation requests, but if I use IE6 SP2 (on XP) 13 separate cert validation requests get fired off. Needless to say, this slows down my page load a lot. Firefox loads the page just fine with no unnecessary cert validation r...
I am currently working on a MSI package for one of my application. It works well; however, before the installation starts, I get the expected UAC window asking me if I trust or not this program from the Unidentified Publisher. I am not concerned by UAC itself, but by the Unidentified Publisher. How do I change that? I've heard that I nee...
Our web service wraps around a third party library that contains the following code. We are using an Active Directory service account in the IIS 6 app pool (no interactive login abilities). Our service fails with the error “The system cannot find the file specified”. We’ve traced the error to the “RSACryptoServiceProvider provider =...
I have a Java keystore (.jks file) holding a single certificate. How can I create a .pfx file from this keystore? ...
I'm currently working on a project where I've created a CA cert and a couple of child certs to that CA cert. The certificates are going to be used to protect inter-server communication in a SAMLV2 setup so I'm going to have a cert for the identity provider and a cert for the service provider. The user/browser isn't going to validate the ...
I found a tool on Zend site. But it is only show who have achieved ZCE by country. I plan to take ZCE for PHP 5 and I just want to know how many Zend certified engineer available around the world. Thanks... ...
Hi How can I ensure to I am accesing the Certificates from my SmartCard and not form my personal certificate store in c#? and How can I make my RSACryptoProvider to utilize my smart card certificate private key? thanks Wally ...
I have a certificate generated via MakeCert. I want to use this certificate for WCF message security using PeerTrust. How can I programmatically install the certificate into the "trusted people" local machine certificate store using c# or .NET? I have a CER file, but can also create a PFX. ...