Stack Overflow
Stack Overflow

Questions tagged [certificate-authority]

In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates.

The digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or assertions made by the private key that corresponds to the public key that is certified. In this model of trust relationships, a CA is a trusted third party that is trusted by both the subject (owner) of the certificate and the party relying upon the certificate. CAs are characteristic of many public key infrastructure (PKI) schemes.

219 questions
47
votes
7 answers

What's the difference between rapidSSL and geotrust certificates?

I want to buy a 128bit SSL certificate for a website selling services. I checked http://www.rapidssl.com/ssl-certificate-products/ssl-certificate.htm and http://www.geotrust.com/ssl/compare-ssl-certificates.html. Why are the prices for QuickSSL…
Vitaly Sharovatov
  • 922
  • 1
  • 8
  • 12
35
votes
5 answers

Can a SSL certificate be signed by multiple certificate authorities?

It would be nice to spread the trust around a bit, so we don't have to rely on just one root in any instance. Is it possible to have a single certificate signed by more than one CA?
Ben Sand
  • 1,130
  • 3
  • 11
  • 18
27
votes
1 answer

How do I get the certificate authority certificate/key from a cluster created by kops?

I've created a Kubernetes cluster on AWS with the kops tool. I need to get hold of its certificate authority certificate and key though, how do I export these files through kops? I've tried the following, but it fails saying that yaml output format…
aknuds1
  • 65,625
  • 67
  • 195
  • 317
13
votes
1 answer

Does anybody know how the powershell certificate provider paths map to certmgr.msc folders?

When using powershell to investigate the Certificate Provider i noticed that all the paths seem similar but not the same as the folder structure within certmgr. It seems pretty clear that: Certs:\LocalMachine ~= Certificates (Local…
Lucas
  • 14,227
  • 9
  • 74
  • 124
12
votes
4 answers

Why is using a certificate, made with the MakeCert tool, in production bad?

I'm currently working on a project where I've created a CA cert and a couple of child certs to that CA cert. The certificates are going to be used to protect inter-server communication in a SAMLV2 setup so I'm going to have a cert for the identity…
JohannesH
  • 6,430
  • 5
  • 37
  • 71
12
votes
7 answers

What Certificate Authority Software is Available?

I am running a number of SSL-encrypted websites, and need to generate certificates to run on these. They are all internal applications, so I don't need to purchase a certificate, I can create my own. I have found it quite tedious to do everything…
kaybenleroll
  • 16,794
  • 16
  • 54
  • 66
11
votes
1 answer

Does a truststore need the sub-ca certificate?

I'm trying to setup a hierarchical PKI. Can I create a truststore containing only the root ca certificate, and will that mean my application trusts certificates signed by a sub-ca certificate which is in turn signed by the root ca? As an aside, it…
Draemon
  • 33,955
  • 16
  • 77
  • 104
11
votes
2 answers

How to resolve "enter the password for credential storage" issue?

So I am playing around with fiddler web proxy. I need to decrypt https traffic. So I am trying to put the fiddler root CA cert in my device trust store. But it keeps asking me "Enter the password for credential storage". If i enter anything and…
Aniket Thakur
  • 66,731
  • 38
  • 279
  • 289
11
votes
5 answers

Multiple computers with a standard iPhone developer program

I have enrolled on the standard iPhone Developer Program and I've successfully created a provisioning profile for my iMac. But I also have a MacBook Pro that I use to work while I'm traveling. But with the standard iPhone Developer Program there…
Tiago Fael Matos
  • 2,077
  • 4
  • 20
  • 34
11
votes
1 answer

Updating-Renewing self-signed CA certificate in java truststore

I've built a Java app that exposes web-services to external authorized clients. The Web-services use WS-security with Certificate Authentication. Basically we act as custom Certificate Authority - we maintain a java truststore on our server and…
jay
  • 125
  • 2
  • 9
10
votes
5 answers

Whats wrong with being your own Certificate Authority and self-signing for your email encryption?

Is there any real reason to use a 3rd party Certificate Authority for your own email security? ( meaning using S/MIME ) I found I am able to become my own CAuthority and create my own self-signed root certificates...and they work just fine installed…
tbarbe
  • 1,299
  • 2
  • 15
  • 22
9
votes
2 answers

What's the difference between class 1 and class 3 roots, and the certificates signed by them?

Pretty much what the question says. What's the difference between the two classes of roots? The differences between the certificates signed by such roots? What uses would a class 1 signed certificate have that a class 3 doesn't, and vice versa?
Chris Charabaruk
  • 4,367
  • 2
  • 30
  • 57
8
votes
0 answers

How do I add my own Certificate Authority to my Android device?

I want to access my https site running on my local machine from my Android device on the same network. Service workers and push notifications means I need to use https. I have created my own CA + key, created certificates for localhost and…
sennett
  • 8,014
  • 9
  • 46
  • 69
8
votes
2 answers

CFSSL config vs. OpenSSL config

Does anyone know if all the fields you can specify in an OpenSSL config file are available in Cloudflare's CFSSL's certificate authority toolkit? There are certain fields (such as default_md or specifying that countries must match) that appear to be…
user124384
  • 400
  • 1
  • 9
  • 22
8
votes
2 answers

SSL Socket connection iOS

I am trying to setup a secure connection to a java run SSLServerSocket. I have created my own root CA, and have signed the certificate that the Java SSLServerSocket using this certificate. I want to add this root certificate to my app so that any…
ABC
  • 718
  • 8
  • 23
1
2 3
14 15