x509certificate

PKCS#7 Signed Code Image extracting

Hi, I wanted to extract the Signer Informations from PKCS#7 Signed Code Image using C/CPP. I wanted to know the openssl API's. I am Able to extract Using bouncy castle (CMSSignedData). Please let me know the openssl API's which I can use in C/CPP to extract the each signers and signer informations and verify the Signers. is there any ...

WCF Error Deserializing body of request

I get the following error when attempting to consume a wcf web service with a wcf client: Error in deserializing body of request message for operation 'GetUpcomingRaces'. OperationFormatter encountered an invalid Message body. Expected to find node type 'Element' with name 'GetUpcomingRaces' and namespace 'http://tempuri.org/'. Found no...

Can I ensure, using C#, that an X509Certificate was issued by a trusted authority?

If I use X509Certificate.CreateFromSignedFile to get the certificate used to sign a file, can I confirm that it was signed by a trusted authority - and isn't just a "self-signed" cert of some kind? I want to extract the "Subject" (company) name from the cert to ensure that an unmanaged DLL I'm using is unmolested (I can't checksum it as...

Can't connect to HTTPS using X509 client certificate

Hi - I'm new to cryptography and I'm a bit stuck: I'm trying to connect (from my development environment) to a web service using HTTPS. The web service requires a client certificate - which I think I've installed correctly. They have supplied me with a .PFX file. In Windows 7, I double clicked the file to install it into my Current Use...

Signing X509Certificate programatically?

I'm retrieving a X509Certificate2 from my local X509Store and I'd like to use it to digitally sign emails. I'm using the SignedCms.ComputeSignature to generate the signature, but without the private key it throws exception "Keyset does not exist". So how do I enter the private key programmatically? The ComputeSignature(cmsSigner, fals...

How to extract CN from X509Certificate in Java?

Hi, I am using a SslServerSocket and client certificates and want to extract the CN from the SubjectDN from the client's X509Certificate. At the moment I call cert.getSubjectX500Principal().getName() but this of course gives me the total formatted DN of the client. For some reason I am just interested in the CN=theclient part of the DN...

How do I sign a HTTP request with a X.509 certificate in Java?

How do I perform an HTTP request and sign it with a X.509 certificate using Java? I usually program in C#. Now, what I would like to do is something similar to the following, only in Java: private HttpWebRequest CreateRequest(Uri uri, X509Certificate2 cert) { HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);...

C#: Verify a certificate against a store on another machine

Is it possible in .NET to verify a certificate chain against a store on another machine (that may possibly belong to another user)? I'm not too sharp on certificates and PKI but I've been tooling around with System.Security.Cryptography.X509Certificates and I've been able to figure a few things out. Something I'd like to be able to do ...

Is it possible to bundle a unique file for each copy of iPhone app downloaded from App Store?

Hi, I would like to verify the identity of each instance of the iPhone application that a user might use to connect to my service. To that end, I would like each instance of the iPhone app downloaded to include a certificate that I generate, or even some sort of UUID that I have generated. Does the App Store support the inclusion of uni...

Cannot find the X.509 certificate after publishing

I am building a WCF service as in this article and facing trouble with X.509 certificate. When I debug, everything is OK. When I publish and run the application, I receive the error: Cannot find the X.509 certificate using the following search criteria: StoreName 'My', StoreLocation 'CurrentUser', FindType 'FindBySubjectName', FindV...

Error in importing Certificate?

keytool -genkey -keyalg RSA -dname "cn=rahul,ou=OU,o=DEV,c=IN" -alias rahul12 -keypass rahul12 -keystore rahul12.jks -storepass rahul12 -validity 366 keytool -certreq -keyalg RSA -alias rahul12 -keypass rahul12 -keystore rahul12.jks -storepass rahul12 -file rahul12.cert keytool -import -alias rahul12 -file rahul12.cert -keystore rahul_...

Spring-Security with X509?

I am new to spring-security in general and am a bit confused. The project I am trying to integrate this with uses X509 certificates to identify users for signing in to the application. There are no usernames or passwords. We validate the certificates are good, and that they have been given access to our app. The question is how do I i...

How to silently import a Certificate into a specific Certificate Store?

I am attempting to import a Certificate into the Current User -> Personal store using the command line "importpfx -f [certificate name.p12] -p [password] -t USER -s Personal". It works, but for reasons I don't understand there are now two Personal stores under the Current User, and the imported certificate is in the new Personal store. W...

Silently import a Certificate into a specific Certificate Store.

Hi. I am attempting to import a Certificate into the Current User -> Personal store using the command line: "importpfx -f [certificate name.p12] -p [password] -t USER -s Personal". It works, but for reasons I don't understand there are now two Personal stores under the Current User, and the imported certificate is in the new Persona...

Java: Read certificates from windows store

Hello. It is possible to write a Java program to read one certificate (getting private and public key) stored in windows certificate store ? Thanks ...

Best way to sign data in web form with user certificate

We have a C# web app where users will connect using a digital certificate stored in their browsers. From the examples that we have seen, verifying their identity will be easy once we enable SSL, as we can access the fields in the certificate, using Request.ClientCertificate, to check the user's name. We have also been requested, howev...

How to add PrivateKeyUsage extension to a certificate using bouncycastle in java?

i have an X509Certificate that i want to add extensions to... i want to add the PrivateKeyUsage extension, but i dont know how to create a PrivateKeyUsage object or how to give it notBefore & notAfter values ... thanks ...

Silverlight and SSL Client Certificates

Can anyone point me in the right direction of how I can use SSL client-side certificates with Silverlight to access a restful web service? I can't seem to find anything on how to handle them, or even whether they are supported. Cheers. ...

Can't sign a dig sig utilizing java / keytool

I have created a certificate basically straight from the keytool example page: keytool -genkey -dname "cn=Anything, ou=Anything, o=Anything, c=US" -alias business -keypass kpi135 -keystore C:\mykeystore -storepass ab987c -validity 1095 I am trying to access this certificate and use the private key portion to digitally sign a portio...

WCF Custom Certificate Validator: How to call built-in chain trust validation on top of your custom validation?

Hi, I have a custom validator that does validation based on the thumbprint of the client cert. How can I still call the in-built chain trust validator or perform chain trust validation? Thanks. ...