Although this depends on the KeyStore type, generally, you can store multiple private keys and certificates in a single store. Which key and certificate combination is used for a Java-based server will depend on how the application was implemented. A number of applications let you select a given certificate using the alias name. The key … Read more
Up to date (January 2021) (Xcode 10 – 12) Go to Xcode – Preferences – Accounts – Manage Certificates Click on the + at the bottom left, then Apple Distribution Wait a little, then click Done That’s all. You may want to revoke the old certificate on developer.apple.com too. Old answer Step 1: Xcode -> … Read more
Python’s standard library, even in the latest version, does not include anything that can decode X.509 certificates. However, the add-on cryptography package does support this. Quoting an example from the documentation: >>> from cryptography import x509 >>> from cryptography.hazmat.backends import default_backend >>> cert = x509.load_pem_x509_certificate(pem_data, default_backend()) >>> cert.serial_number 2 Another add-on package that might be … Read more
It may be a server certificate problem…. Check here, I solved my kSecTrustResultRecoverableTrustFailure problem, adding subjectAltName = DNS:example.com into openssl config file, specifically in server key generation… If you are not using openssl to generate it, I’m sorry but I can help you.. Anyway if you want to use openssl, here is a good tutorial … Read more
The reason the Junos app is able to do this has been explained in a post in the Apple Developer Forums. Original Question: https://devforums.apple.com/message/660579#660579 Explanation about Junos app: https://devforums.apple.com/message/351326#351326 To sum it up, access to this is not provided in the SDK and is by invitation from Apple only.
Your NSURLConnection delegate should respond to the connection:didReceiveAuthenticationChallenge: delegate method (see link below). http://developer.apple.com/library/ios/documentation/cocoa/reference/foundation/Classes/NSURLConnection_Class/Reference/Reference.html#//apple_ref/occ/instm/NSObject/connection:didReceiveAuthenticationChallenge: It should respond by asking the challenge for its ‘sender’ and providing it with an appropriate credential. Something like: – (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { id sender = [challenge sender]; // create a credential from a certificate // see doco for … Read more
Here is a PHP script with a literal translation of your command line call: <?php $data = “var1=value1&var2=value2&…”; $url = “https://www.somesite.com/page”; $keyFile = “key.pem”; $caFile = “ca.pem”; $certFile = “client.pem”; $certPass = “xxxxxx”; // Initialise cURL $ch = curl_init($actualUrl); // The -d option is equivalent to CURLOPT_POSTFIELDS. But… // PHP’s libcurl interface does not implement … Read more
This largely elaborates on Peter Lyons’ answer, providing an example. I am assuming that you are requesting a domain running over HTTPS with a certificate signed by your own certificate authority (ca). When using the request library, as you do, there is no need to actually instantiate the agent yourself, you can simply provide some … Read more
You might be able to achieve this in Silverlight by allowing cross-domain communication between the web server the hosts the Silverlight application and the remote WCF service. In that case you need to place a clientaccesspolicy.xml file at the root of the domain where the WCF service is hosted: <?xml version=”1.0″ encoding=”utf-8″?> <access-policy> <cross-domain-access> <policy> … Read more
You can get the example to work even with self-signed certificates. I’ve extracted the commands from the makecert tutorial that you’re using with minor modifications: makecert -sv RootCATest.pvk -r -n “CN=FakeServerName” RootCATest.cer makecert -ic RootCATest.cer -iv RootCATest.pvk -n “CN=FakeServerName” -sv TempCert.pvk -pe -sky exchange TempCert.cer cert2spc TempCert.cer TempCert.spc pvkimprt -pfx TempCert.spc TempCert.pvk makecert and cert2psc … Read more