I have a simple company portal which allows users to start their apps from the browser. The URLs in the hypelinks are passed (using Javascript) to a signed applet to actually start the client-side apps. All clients are XP or Vista and all run IE6 or IE7. I have recently been looking at Silverlight and am wondering if I could do somethin...
I need my application to use client's phone-number to generate unique ID for my web-service. Of course a phone-number is unique, but it must be secured. So it can be implemented with symmetric encryption (asymmetric will be later, because leak of resources), but I do not know where to store a encryption-key. 1. I do not know why, but s...
In my Java application, I need to connect to the same host using SSL, but using a different certificate each time. The reason I need to use different certificates is that the remote site uses a user ID property embedded in the certificate to identify the client. This is a server application that runs on 3 different operating systems, a...
Does anyone know how I could go about finding out when a certificate for user is set to expire? I know I can get pull all of the certificates for a given user by usin the following code: Set objUserTemplate = _ GetObject("LDAP://cn=userTemplate,OU=Management,dc=NA,dc=fabrikam,dc=com") arrUserCertificates = objUserTemplate.GetEx("us...
I need to secure a WCF service that uses netTcpBinding and connects directly with a Windows Forms based application. I only need it to be secured at the transport layer. I'm pretty sure that I have it working locally, i.e. I can run the service locally, and connect to it with the client. When I try to setup the service so that it is r...
Hi everyone, I thought this would be straightforward but apparently it isn't. I have a certificate installed that has a private key, exportable, and I want to programmatically export it with the public key ONLY. In other words, I want a result equivalent to selecting "Do not export the private key" when exporting through certmgr and e...
We have a third party we are working with that is running an internal (vpn site to site connection) that is using their own CA. We have been given a .p7b file which we import into Third-Party trusted CA to get it to work properly with our WCF Services. The problem is that for some reason the Certificate keeps getting removed. I believ...
I'm trying to deploy a Java applet on my website. I also need to sign it, because I need to access the clipboard. I've followed all the signing tutorials I could find but have not had any success. Here is what I've done so far: Wrote an applet in NetBeans. It runs fine in the applet viewer. Made a .jar file out of it. Created a cer...
I was reading What happens when a code signing certificate expires - Stack Overflow and wondering about a more solid answer. The answer provided was more about setting up your own CA. Even with your own CA you will still need to deal with expiring code certificates. If you signed the code without using a time stamping service, after t...
What exactly do certificates purchased from a CA do again (in the context of Java applets)? Lets say I have an applet on a website that accesses the users files (requiring a security certificate). If I make a self-signed certificate, the client will get a security warning asking if the client should trust this application. If I purcha...
I've setup a WCF service that is using transport security over netTcpBinding. The certificate used for the service's security is signed by a CA we created for development. Can someone explain how it works that my anonymous client can connect and communicate with the service without having that same CA installed locally? I'm rather new...
Dears, If I take the exams for MCSE (70-290, 70-291, 70-293 and 70-294) and as a core exam on client operating systems, 70-620, do I automatically get MCSA as well? I mean, the exams are the same. Best regards, nhaa123 ...
I've been trying to get WCF security working for my project, and have had little luck. I'm trying to create a service that uses net.tcp as the binding, and does both message and transport security. Message security is done using username and password and transport security is done (supposedly!) using certificates. For my development tes...
An online service provided me with their certificate (a pfx file) along with its password. I am looking to load that into my WebLogic 8.1 truststore in Unix. There is a truststore currently that exists in my WebLogic. I am new to this so I was wondering what was the process to add that other party's certificate to my existing WebLogic...
We are looking for ways to certificate our QA department. What courses/certificates could you recommend? What QA certificates are respected (in Europ/world wide)? Did you pass any QA certification ... was it worth the effort/money? Perhaps there are some certificates you do not recommend? Any other useful info is appreciated. ...
I am working on a native iPhone app that needs to be able to automatically (in the background) sign into a captive portal on a company's large WiFi network before accessing the net. The captive portal is a simple HTTPS page with username and passsword form that authenticates then allows access to the Internet. The hope is that the user...
I want to open source one of my iPhone applications (that I've already published in the iTunes store) but I obviously don't want to expose anything "sensitive" like provisioning certificates and code-signing keys, etc. I'm guessing that stuff is merely referenced from the Xcode project folder (actually stored in my keychain elsewhere on...
I'm having a problem with a site that uses client side certificates for authentication. The site contains an iframe which loads a page hosted on a different server. This page also uses the client certificate. This works perfectly, except that a hiccup in the "inner page" webserver sometimes causes it to lose the authenticated state of t...
hi everyone, is there any way to securely get the method invoker while running the called method (server-side)? i know there's a client string reachable through the server properties, but isn't it too "weak"? any way to get e.g. the client certificate owner? please give me a couple of hints, WILL RTFD right afterwards ;) thanks in ad...
I'm using Plesk running on Windows Server 2003. I have the following domain name on an exclusive IP, for which I have purchased a Wildcard SSL certificate from RapidSSL: webvitality.eu This works fine in both http and https. Should display "Web Vitality Dev Server". Now I have the following subdomain: garyparkerhearing.webvitality.eu...