Highest Voted 'pki' Questions

10

votes

2 answers

Is it possible to use a client certificate installed on an iOS device within my app?

I want to be able to install a client certificate (via email, for example) and then use that certificate to authenticate requests sent by my app. I have the feeling that Apple won't allow that kind of access, but can't find any definite answer. Is…

asked May 11 '12 at 20:16

kevboh

5,207
5
38
54

9

votes

1 answer

Should I accept an OCSP responder certificate signed by the trust anchor?

Could someone please help me on the following? RFC2560 defines when an OCSP responder certificate (sigining the response) could be accepted: 1. Matches a local configuration of OCSP signing authority for the certificate in question; or …

java security cryptography pki ocsp

asked May 04 '11 at 19:42

Cratylus

52,998
69
209
339

9

votes

1 answer

Is there a way to modify the VSCode certificate store to add certificates?

Currently, the only way to use VSCode get around a corporate firewall that requires company CA certificates is to set "http.proxyStrictSSL = false" in the config. This is a no-go for me at work. I know that VSCode uses the Chromium networking stack,…

visual-studio-code ssl-certificate pki

asked Dec 15 '18 at 14:36

aspaltv

115
1
7

9

votes

2 answers

SSL Client certificate Microsoft Edge

I am having issue with Client Side certificates in MS Edge browser, Window 10. Basically my PKI structure is following: RootCA(self signed 4096) -> Intermediate CA (signed by RootCA 2048)-> One Server Certificate, One client Certificate (both signed…

ssl microsoft-edge pki

asked Oct 06 '16 at 14:18

Kosta

189
1
1
9

9

votes

2 answers

What's the difference between class 1 and class 3 roots, and the certificates signed by them?

Pretty much what the question says. What's the difference between the two classes of roots? The differences between the certificates signed by such roots? What uses would a class 1 signed certificate have that a class 3 doesn't, and vice versa?

certificate pki certificate-authority

asked Dec 06 '08 at 04:16

Chris Charabaruk

4,367
2
30
57

9

votes

2 answers

What format is java's cacerts format expected to be?

I'm slightly confused about cacerts formats. An application I use recently had to upgrade it's cacerts file. The original cacerts file was pk12 format (I assume, it's binary), while the new format is clearly pem. I can use either cacert, but when…

java ssl pki

asked Dec 12 '14 at 19:17

dsollen

6,046
6
43
84

9

votes

4 answers

Unencrypted SSL protocol?

Is it possible to send a message over https that isn't encrypted? For example, require that certificate validation and authorization occur, but not encrypt the actual data being sent over the socket?

encryption ssl https certificate pki

asked Dec 18 '09 at 19:05

bkritzer

1,418
3
16
27

9

votes

1 answer

RSA Key Values and Modulus in Public/Private Keys

I am writing an application that used PKI to secure email, files etc. Using the System.Cryptography namespace, I am generating a new key pair using RSACryptoServiceProvider. The method is: public static void GenerateKeys(int keySize, out string…

rsa pki rsacryptoserviceprovider

asked Jul 17 '13 at 07:04

JDubya13

95
1
1
5

9

votes

1 answer

How can I extract a key from an SSL certificate?

I have an SSL certificate I purchased in a .pem, .crt, .der format. I was wondering how I get the key file from the certificate. Is there any way of doing this?

ssl ssl-certificate rsa pki pem

asked Jul 09 '13 at 23:28

nkcmr

10,690
25
63
84

9

votes

1 answer

Mac OS X Code Signing and Executable Validation

I work on a vertical-market Mac application that uses a USB dongle to make sure users have paid for it. It's expensive enough, and in enough demand, that "black hats" have tried to crack the dongle scheme, so the app checks the executable and key…

xcode macos code-signing pki

asked Dec 04 '12 at 03:08

Bob Murphy

5,814
2
32
35

8

votes

1 answer

What does "exporting private keys" mean ( Makecert -pe )?

By specifying a –pe switch ( using Makecert utility ) we make a private key exportable. a) What is it meant by private key being exportable? That we can copy the created .pvk file ( containing private key ) to another system and use it…

.net certificate pki

asked Nov 23 '10 at 20:33

user437291

4,561
7
37
53

8

votes

1 answer

Difference between Authenticode, SPC and Java CodeSign?

Most CAs are selling code signing certificates in different "products", like Verisign or Certum: Microsoft Authenticode - "Allows you to sign EXE, OCX, DLL, bla..." Java CodeSign - "Allows you to sign Java code" Software Publisher Certificate -…

java security certificate code-signing pki

asked Sep 07 '10 at 01:51

Daniel Marschall

113
1
6

8

votes

3 answers

Importing Thawte trial certificates into a Java keystore

I'm trying to configure a Tomcat server with SSL. I've generated a keypair thus: $ keytool -genkeypair -alias tomcat -keyalg RSA -keystore keys Next I generate a certificate signing request: $ keytool -certreq -keyalg RSA -alias tomcat -keystore…

tomcat ssl pki thawte

asked Apr 09 '10 at 08:42

lindelof

34,556
31
99
140

7

votes

3 answers

Some understanding gaps about Public Key Infrastructure workflow

Recently, I have stumbled upon the basic understanding about PKI work-in-action process. I have looked at major articles about the principles but still I feel quite dumb to understand this process. I understand that PKI is not for „My blog„ but for…

apache ssl ssl-certificate pki

asked Jan 31 '11 at 18:19

Centurion

14,106
31
105
197

7

votes

1 answer

C# .NET - Pinning Certificates Authorities - I am doing it correctly?

My software connects to Dropbox using an HTTPS connection in order to retrieve some sensitive data. I would like to pin the Certificates Authorities in order to prevent a man-in-the-middle attack. So far I have the following code: static bool…

c# .net https pki ca

asked Oct 16 '17 at 18:40

John

1,011
11
18

Questions tagged [pki]