Authenticating user with RSA certificate through iPhone' Safari browser not working with IIS website. I cant get it working. IIS just gives up with "client certificate required" error and safari doesn't provide certificate. Client: iPhone 3G latest firmware CA and user certificates deployed (it shows them as unsigned) Server: II...
I am getting the following error when I try to instantiate an instance of a third party web service client... Cannot find the X.509 certificate using the following search criteria: StoreName 'My', StoreLocation 'LocalMachine', FindType 'FindByThumbprint', FindValue '[value in here]'. The strange thing is that we have this working on an...
I have some code that makes a call to a third party web service that is secured using X.509 certification. If I call the code directly (using a unit test) it works without any problems. When deployed, this code will be called via a WCF Service. I have added a second unit test that calls the WCF Service, however this fails with a Crypto...
Hello, I'm using digital certificates to sign a transaction results, also, I need to print out a slip with information and digital signature on it. I was wondering if there is any shorter representation of X.509 digital signature specifically designed for printed media? Maybe some kind of hash or something similar... Thank you very mu...
Am I correct in understanding that a WCF Service could be setup with "Transport Security", + "Certificate Authentication" and without a "Client Certificate" installed client side? My scenario would be: WCF Services on Remote Server Windows Forms Client shipped potentially to hundreds of users (authenticates users (against DB) and per...
Don't know much about encryption... Say I'm preparing a SAML request to submit to an identity provider. Why would I need to apply an x.509 certificate to this request? Is transmission over SSL alone not secure enough? ...
Hello I am looking to identify a third party API which will perform certificate management using c/c++; Ideally, the API should perform the following, Generate CSR's Perform Certificate conversions(pem<>DER) Retrieves certificates from CA's Parsing X509 certificates to extract various fields like public key, subject name, i...
I have a SecCertificateRef representing an X.509 certificate. Does Cocoa Touch have any libraries for working with the contents of the certificate (I couldn't find any), or will I need to parse the DER representation of the certificate myself? Parsing is not a problem, however I'd prefer to save some time if I overlooked some functionali...
Hi, I have to make a connection to an XMLRPC site from a web application, which uses an X.509 certificate for authentication. Here on my development machine (Vista), I have the keys installed under my User and it's in my Personal certificates storage; if I run my code, it works well (loading the key from a file): X509Certificate cli...
I order to set up SSO and function as Service Provider with my Identity Provider I need to specify which certificate I want to use for signing and encrypting in the exchanged metadata XML file. But how do I create the encrypted and encoded representation (like below) of my certificate so it can be put into the XML. What process do I need...
Hello I'm trying to understand how certificate and asymmetric encryption works. I'm looking for a python library where i can import public or private ca signed certificates and automatically encrypt or decrypt message in string format, i viewed the crypto library embedded in python source, but i don't know how to use the hex modulus and ...
I would like to delaySign and later fully sign .NET assemblies with X.509 Certificates. How would I do this? ...
Hello, I am currently programming a Certification Authority for a uni class, I am currently struggling with the concept of creating the certificates. How does a CA usually decide if it should give a Certificate to an entity , is it enough to prove that the entity is the owner of a public key by signing a certificate-request with their ...
Hello, I am programming a Certification Authority in java for a uni class, now I don't know what's the best option for the serial number of the Certificate. Simple static counter from 0 to veryBigNumber some huge BigInt random number Is there any good reason for choosing one over the other... or none of them?? thanks, ...
Is there any way to programmatically edit the purposes enabled for a give x.509 certificate? This functionality is available via the certificates mmc snap-in (hyperlink below) but I need to perform the action through code. preferably C#. modify the properties of a certificate ...
Hi, I am new to the OpenSSL world and trying to implement SSO on my PHP based application. I have already set up the OpenSSL Library and PHP openssl extension. Now, what I need to know is, what steps I need to take and where I can find reference of that. My requirement are 1- User will be provided a certificate, and browser will submi...
Hi, through the bouncycastle wiki page I was able to understand how to create a X.509 root certificate and a certification request, but I do not quite understand how to proceed concept- and programming wise after that. Lets assume party A does a cert request and gets his client certificate from the CA. How can some party B validate A's...
Hi, Is there an alternative in OpenSSL to SSL_set_connect_state()/SSL_set_accept_state() for X.509 certificate based authentication? The problem is that in my application the client and server do not communicate using sockets, and the establishment of direct connection between them is not possible. So what I want from OpenSSL is to 'e...
I'm developing a site where a user conducts a given transaction and once completed, the user is issued with a 'secure certificate'. The certificate serves as proof of the transaction and the user is able to upload the certificate at a later stage, to view the details of the transaction. At the moment I'm using a custom XML document with...
I'm writing a small utility to manually decode and extract an RSA public key from an X.509 certificate. It seems to have worked fine so far, but recently failed for a test certificate. Here's why: While decoding the ASN.1 OID, I'm expecting '2a 86 48 86 f7 0d 01 01 01', which decodes to 1.2.840.113549.1.1.1 (rsaEncryption). The certific...