xamarin.forms - Sigining UWP-Apps with custom code sign certificate

What exactly is the requirement to create a company internal App with Xamarin.Forms UWP? I can compile the *.appxbundle-Package but nobody can install it because of an certificate error. If I try to use our normal code signing certificate from StartSSL to sign the package, I got the following error: The Manifest Designer could not import the certificate. The certificate you selected is not valid for signing because it is either expired or has another issue. For more information, see: https://go.microsoft.com/fwlink/?LinkID=241478The same ...Read more

certificate - PDF File size of 50kb increases dramatically up to 9mb after signing it with previously using Itext Java Application

I was a using a custom build itext based java application for digitally signing pdf files.Every thing was working fine for last one year but recently the size of the output signed pdf file drastically increasing up to 10 MB for just a 50kb source pdf file.Earlier for a 50 kb file ,the output was less than 300 kb.Kindly find the code snippetspublic void sign(String src, String dest, Certificate[] chain, PrivateKey pk, String digestAlgorithm, String provider, MakeSignature.CryptoStandard subfilter, String reason, String loca...Read more

clickonce - Self-signed certificate - unable to open certificate

I need a self-signed certificate to create a ClickOnce application in C++. I'm a real novice at deployment, so I'm following Stack Overflow question How to create a self signed certificate.Here's the command sequence I've usedmakecert -r -pe -n "CN=Watersteward" -ss CA -sr CurrentUser -sky signature -sv WaterSteward.pvk WaterSteward.cermakecert -pe -n "CN=Watersteward" -sky signature -ic WaterSteward.cer -iv WaterSteward.pvk -sv WsSPC.pvk WsSPC.cerpvk2pfx -pvk WsSPC.pvk -spc WsSPC.cer -pfx WsSPC.pfxmage -s Alpine.exe.manifest -CertFile WsSPC.pf...Read more

Something confusing about digital certificates

A digital certificate is a digital document that certifies that a certain public key is owned by a particular user. Thus if you trust the CA that signed the certificate C, then you can trust that specific public/private key pair is owned by the owner of certificate C.a) Assume client A wants to establish a connection with server B located at url www.some_domain.com. When establishing a connection with B, A may receive from the other end a X.509 certificate C and a public key, belonging to the owner of certificate C. But how can client know that...Read more

x509certificate - how to prove that one certificate is issuer of another certificates

I have two certificate. One certificate is issuer of another certificate. how can I see with java code that, my issuer certificate is really issuer? I know that AuthorityKeyIdentifier of my certificate and SubjectKeyIdentifie of issuer certifiactes must be the same. I checked and they are the same. but with java code I have that result: CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); InputStream usrCertificateIn = new FileInputStream("/usr.cer"); X509Certificate cert = (X509Certificate) certFactory.gener...Read more

lets encrypt - LetsEncrypt expiration certificate date issue

I am using Let’s encrypt on my production server to handle SSL certificate. My website certificate will expire next week so I regenerated it using the letsencrypt-auto renew command (I didn’t set cron task yet)The last log I get is 2016-08-20 17:12:20,305:DEBUG:certbot.renewal:no renewal failures which mean certificate has been successfully regeneratedBut when I go back to my website and check the certificate properties it still says that it will expire next week. So:Does Let’s Encrypt wait the last day of certificate to update its new expirat...Read more

Self-Signed Certificate with SAML 2.0

Is it possible to sign a SAML 2.0 post with a self-signed certificate? I am in charge of implementing a new SSO procedure with a vendor using SAML 2.0 and we trying to determine if we can sign the SAML post with a self-signed certificate or if we need to buy one. If we can use a self-signed certificate, does the Service Provider need to do any additional steps to verify the signature? We are creating the SAML 2.0 post as the Identity Provider.Thanks in advance....Read more

certificate - Unable to create a .pfx file

I have created the .pvk and .cer files using the makecert.exe (on commandline) as per - https://msdn.microsoft.com/en-in/library/ff699202.aspxIn my folder the .pvk and .cer files are available. However, when I run the pvk2pfx utility, the .pfx is not created instead I get a prompt for how to use the utility.Attached is the screenshot of the cmd prompt. I've also tried it at the MSVC bin folder and the behavior is the same.Kindly help.makecert and pvk2pfx - Command Screen Shot...Read more

root - self-signed certificate issue

I am doing self-signing certificate in my test environment. Here is more details about what I am doing.http://www.hanselman.com/blog/SigningPowerShellScripts.aspxMy brief steps are (the purpose is to establish trust connection between computer C and computer A based on certificate),Making computer A a root CA by using makecert.exe;Self sign a certificate B which is issued by computer A as root CA;Install certificate B on computer A as certificate used to do communication;Install/trust root CA (compter A) into computer C;Then computer C will tru...Read more

certificate - Disable private key protection

When using a self-signed Certificate for signing outgoing AS2 messages with BizTalk I get an error The MIME encoder failed to sign the message because the certificate has private key protection turned on ..." with a suggestion please disable private key protection to allow BizTalk to use a certificate for signing.How do I disable private key protection?Using Windows Server 2012 R2 and BizTalk Server 2016.Self-signed certificate created with Powershell New-SelfSignedCertificate....Read more

Java keytool won't parse Extensions of my CA certificate

I'm currently creating an Android app, which is supposed to send a POST request to a server. Unfortunately, the server is using self-signed certificate. So I have to create a PKCS12 keystore, which will include the CA Certificate, and make my App use that keystore.To create such a keystore, I'm currently using the command below:keytool -import -trustcacerts -alias my-alias -file cacert.pem-keystore mykeystorefile -storetype PKCS12Unfortunately the keystore doesn't work. (Request fails on SSL handshake.) When I inspected the keystore using this ...Read more