3,210 questions
-4
votes
0
answers
71
views
Windows 11, 64-bit, Firefox certutil.exe [closed]
I’m trying to get Windows 11, 64-bit, Firefox certutil.exe to programmatically import my cert into Firefox. I’ve tried Windows Visual Studio, Ubuntu, MSYS2_MINGW64 with varying degrees of success. I ...
- 13
0
votes
0
answers
50
views
NSURLAuthenticationMethodClientCertificate not getting fired in URLSession:didReceiveChallenge: for TLS 1.3 but works fine with TLS 1.2
I am trying to authenticate the communication using certificates over TLS 1.3 in Cocoa application, but URLSession:didReceiveChallenge:ComplitionHandler didn't get called for ...
- 896
0
votes
0
answers
70
views
How to create a x509 certificate without Subject name but with Subject Alternative Name?
I read that a machine certificate can be created without a subject name if it has a subject alternative name. My use case is to generate such a certificate and use it for certificate chain ...
0
votes
0
answers
98
views
ASP.NET loading a certificate from a string without storing it
I am developing an ASP.NET application hosted in IIS. I need to load a certificate (.pfx) from a simple Base64 string, use it once for a request to a third-party API and dispose of it. Of course, I ...
- 642
-1
votes
1
answer
69
views
OpenSSL x509 certificate chain verification fails with error 53
I have three certificates, rootca.pem, intermediate.pem and VPN_Client_Test_Certificate.pem. OpenSSL verification fails with error 53. Not sure what syntax error is happening. Kindly help. Certs are ...
0
votes
0
answers
53
views
Issue merging Azure Key Vault signed csr with Subject Alternate Name URL field
I have generated a certificate in Azure Key Vault using the following parameters:
Method of Certificate Creation - Generate
Certificate Name - mycert
Type of Certificate Authority (CA) -...
- 306
0
votes
1
answer
122
views
RSA.ExportRSAPrivateKey throws The requested operation is not supported Error
Background:
I'm using the Azure Key Vault to create certificates. I need the the public and private key once the certificate is created. The public key is a available from the Azure.Security.KeyVault....
- 8,551
0
votes
1
answer
30
views
Does RFC5280 require the RDNSequence in the CRL Issuer field to be output in reverse order in the string?
I saw in RFC 4514 that the RDNSequence should be output in reverse order in the string (for example: RDNSequence (binary order): [C=US, O=Example, CN=CA]
String representation (RFC 4514): CN=CA,O=...
- 39
0
votes
0
answers
33
views
WCF communication with ClientCredentials
I have a problem while trying to use a WCF with security.
First of all, I've generated an auto signed certificate and inserted in the root place of a Windows 11 pc.
In that PC, I've used the command &...
- 11
1
vote
1
answer
46
views
Does RFC 5280 require that a RelativeDistinguishedName can store an emailAddress?
I saw in RFC 4514 that it specifies that the Distinguished Name must support the following short names.
CN commonName (2.5.4.3)
L localityName (2.5.4.7)
ST stateOrProvinceName (2.5.4....
- 39
-3
votes
1
answer
46
views
ClickOnce failing to run - file name too long
How do I shorten the name of the shortcut created by the ClickOnce installation process?
Apparently the moderators don't like the way I ask questions, so I can't respond to the
original post. However,...
- 327
0
votes
0
answers
38
views
GpgOL not using Windows certificate store for S/MIME decryption - Key not exportable
I'm experiencing an issue with GpgOL and S/MIME certificates stored in the Windows user's personal certificate store. My S/MIME private key resides in this store, but it is not exportable.
I need ...
- 11
0
votes
1
answer
107
views
Does OCSP Responder Certificate require digitalSignature key usage?
I want to verify X.509 Certificates (if they were revoked) using the OCSP Protocol and Java/Kotlin.
As this is a non trivial task I use Java Security together with the Bouncy Castle Crypto lib.
When I ...
- 362
1
vote
0
answers
146
views
Generating and trusting an SSL certificate in a Docker container
I've got an application I created that hosts a web server (https on port 8090) inside a Docker container. However, when I create a self-signed certificate and add it to the trusted root it always ...
- 1,777
1
vote
1
answer
254
views
Wildcard subdomains for home.arpa considered invalid by Chrome [closed]
I have created a new self signed server cert as the old old expired. To my surprise, the wildcard domain name is rejected by Google Chrome with an error "NET::ERR_CERT_COMMON_NAME_INVALID" ...
- 415