Stack Overflow
Stack Overflow

Questions tagged [x509]

In cryptography, X.509 is a standard for a public key infrastructure (PKI) for single sign-on (SSO) and Privilege Management Infrastructure (PMI).

X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.

X.509 was initially issued on July 3, 1988 and was begun in association with the X.500 standard. It assumes a strict hierarchical system of certificate authorities (CAs) for issuing the certificates. This contrasts with web of trust models, like PGP, where anyone (not just special CAs) may sign and thus attest to the validity of others' key certificates. Version 3 of X.509 includes the flexibility to support other topologies like bridges and meshes (RFC 4158).

(From the Wikipedia article on X.509.)

1911 questions
0
votes
1 answer

Rampart: how to use a JKS certificate without any password

I have the following situation: a JKS keystore file without password, containing a private key ALSO unprotected. I've tried to configure Rampart in order to use this keystore, but i keep getting the following error: Caused by:…
rekotc
  • 595
  • 1
  • 10
  • 21
0
votes
1 answer

Which X.509 certificate to use for NodeMCU SSL connections?

Wow, SSL authentication is overwhelming! I am using a NodeMCU device (ESP8266) device to connect to a Microsoft Azure IoT Hub securely using the MQTT protocol. Microsoft offer the ability to authorise clients using self-signed X.509…
GeoReb
  • 21
  • 1
  • 10
0
votes
1 answer

Is it possible to create a x509 certificate without signature field?

For test purposes I want to create a certificate without signature field. (I think I could call this unsigned then.) All my tries failed so far. Whenever I create a certificate it has a signature field. I used this command to create a…
zomega
  • 1,538
  • 8
  • 26
0
votes
1 answer

How to authenticate a device (R-Pi say to be connected to Azure IoT Hub) using X.509 certificate

So, in the first place I have connected a DHT11 (temperature sensor) to my RPi (Raspberry Pi) then, in my azure portal I have created an IOT Hub and registered a Virtual device identity in the hub, while creating this (for the first time) I have…
Kaushik Betanabotla
  • 11
  • 1
0
votes
1 answer

How to sign cert with an arbitrary or deprecated extension

For example say I want to sign a cert with an arbitrary or deprecated extension (nsCertType for example): https://www.openssl.org/docs/manmaster/man5/x509v3_config.html I believe I'm supposed to add the arbitrary extension as part of the certificate…
Jesse
  • 8,223
  • 6
  • 49
  • 81
0
votes
1 answer

Generating public key with EC in Python

I'm creating JWT parser and now I need to create public key. I made it in Kotlin. But now I have to create same parser in Python. But I got stuck in creating X.509 certificate in python. I tried with cryptography library but with no success. Code in…
Patrik Dendis
  • 313
  • 6
  • 20
0
votes
0 answers

kube-lego not working because of a specific error

We have kube-lego setup so the certs should've auto-renewed. It didnt and according to the logs below it seems to be a problem with reaching the sites: time="2019-08-28T22:17:26Z" level=warning msg="authorization failed after 5m0s: reachability…
Aech
  • 9
  • 4
0
votes
0 answers

How to trust a self signed certificate on macOS for a Vue.js development environment

I have a local development environment for Vue.js where I'm wanting to use HTTPS. Within my vue.config.js file I have: module.exports = { devServer: { open: process.platform === 'darwin', host: '0.0.0.0', port: 8080, …
ChristianF
  • 1,735
  • 4
  • 28
  • 56
0
votes
1 answer

supply public key in CERTENROLL request

I want to request a cert (from AD cert server) using a template. I want to supply the public key in the request. Using msft's SDK sample IX509CertificateRequest iRequest = objEnroll.Request; // then get the inner PKCS10 request …
pm100
  • 48,078
  • 23
  • 82
  • 145
0
votes
1 answer

Client side or server side error on SecurityTokenValidationException certificate expiration

I am having some trouble with an issue using client-server authentication with an specific client in WCF. This client has updated the certificates in his website but when he tries to establish a channel to my application The program gets a…
Energ888
  • 69
  • 1
  • 7
0
votes
1 answer

Reason for comparing interim_reasons_mask and reasons_mask in CRL Processing

In RFC5280 in 6.3.3. CRL Processing section there is a step: Verify that interim_reasons_mask includes one or more reasons that are not included in the reasons_mask. Could someone explain what's the point of this check. When I try to verify…
Julian Rubin
  • 1,175
  • 1
  • 11
  • 23
0
votes
1 answer

await HttpClient.SendAsync is not responsive

I have a curl command that returns an output. Access Denied is fine for me, the XML output is what interests me at the moment. curl -v -E C:\SEB\certificate.pfx --cert-type p12 -X GET…
dmxyler
  • 79
  • 1
  • 1
  • 14
0
votes
1 answer

Can Root CA Certificate located in the middle of certificate path?

I made a program that connects to website(tls) and save certificate chain to files. Sometimes certificate chain from a website is looking different from what I expected. One of this certificate chain is issued from Sectigo(ex Comodo) CA. I think…
Sangpil Kim
  • 139
  • 1
  • 14
0
votes
1 answer

x509 validation fails before it can be captured

I have a Spring Boot application, using x509 authentication which further validates users against a database. When a user accesses the site, internal Spring code calls the loadUserByUsername method which in turn makes the database call. This all…
Randy Avis
  • 75
  • 9
0
votes
1 answer

Creating X509 certificate in C using post-quantum public key algorithm?

I'm trying to implement a self signed x509 certificate that uses a post-quantum (PQ) public key algorithm as the public key algorithm. I looked at the openssl library in c, and the way it's done using RSA. I'm essentially trying to replicate the…
LRubens
  • 3
  • 1
  • 1
1 2 3
99
100