root-certificate

how do I update root certificates of certifi?

蹲街弑〆低调 提交于 2021-02-19 01:15:56
问题 I am using certifi python module to verify ssl connections. I looked at the root certificates included in certifi (python2.7/site-packages/certifi/cacert.pem) and some of those certificates have expired. How do I update those certificates? I tried updating certifi package using pip but that only updates the package and not the root CA files. 回答1: certifi/cacert.pem is, naturally, a part of certifi . Consequently, it's supposed to be updated with the module. You can check if the latest code at

import a certificate using CryptUIWizImport automatically as a trusted root with C++

余生长醉 提交于 2020-01-06 16:23:16
问题 I am using the following code to import a certificate as a trusted root: #include "stdafx.h" #include "windows.h" #include "Cryptuiapi.h" #pragma comment(lib, "Cryptui.lib") int _tmain(int argc, _TCHAR* argv[]){ CRYPTUI_WIZ_IMPORT_SRC_INFO importSrc; memset(&importSrc, 0, sizeof(CRYPTUI_WIZ_IMPORT_SRC_INFO)); importSrc.dwSize = sizeof(CRYPTUI_WIZ_IMPORT_SRC_INFO); importSrc.dwSubjectChoice = CRYPTUI_WIZ_IMPORT_SUBJECT_FILE; importSrc.pwszFileName = L“C:\\PathToCert\\MyCertificate.cer”;

How best to store Apple Root Certificates for receipt validation

青春壹個敷衍的年華 提交于 2019-12-25 07:31:46
问题 When validating a StoreKit receipts (I'm using ReceiptKit). You need the Apple Root Certificate. Is it ok just to include this in the App bundle or should I be downloading a fresh copy every time? They both seem to have their risks? 回答1: All reference I have found recommend downloading and storing the certificate in your bundle. I would not suggest downloading it on the fly. The repository you refer to recommends it: I scoured the Apple Docs, tutorials and many sample repositories while

SSL Socket connection iOS

放肆的年华 提交于 2019-12-20 09:45:25
问题 I am trying to setup a secure connection to a java run SSLServerSocket. I have created my own root CA, and have signed the certificate that the Java SSLServerSocket using this certificate. I want to add this root certificate to my app so that any certificate signed by the root certificate will work. So far I have the secure connection working fine by setting the read and write stream properties to this: NSDictionary *settings = [[NSDictionary alloc] initWithObjectsAndKeys: (id

How to import self-signed certificate in iOS 11 to build the app instead of adding to simulator manuelly after building?

穿精又带淫゛_ 提交于 2019-12-11 18:54:07
问题 I'm currently getting this "SSL error" on the simulator of my app. Error Screenshot I have my own self-signed certificate. And this problem can be solved by installing the cert file manually on the simulator. However, we are trying to avoid manually installing the certificate to the simulator (drag and drop) every time after building the app. And instead, I want to find a way to import the certificate file into our ios app bundle. I followed this article and tried with the following way, but

Provide own root-certificate for HTTPS-connection?

我的梦境 提交于 2019-12-11 18:15:57
问题 currently my app connects to a (special) webserver via HTTP to retrieve some data from there via GET/POST and HttpClient. Now I plan to switch over to HTTPS. My problem: the webpage I'm communicating with uses a CACert root certificate which is not available on all Android devices, so for most users this connection will fail. CACert provides their root certificates at http://www.cacert.org/index.php?id=3&lang=en . Is there a possibility to use these certificates for my HTTPS connection? I don

Load CA root certificate at runtime in Java

折月煮酒 提交于 2019-12-06 05:22:29
问题 tl;dr: Using custom CA without adding it to persistent keystore. I am writing a Java application that should connect to a remote server using HTTPS. The code for the connection is ready, however the SSL certificate of the server was signed by StartSSL, which is not in Java's CA root cert store. Using this code, I get valid certificate information from websites like https://www.google.com/ : Response Code : 200 Cipher Suite : TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Cert Type : X.509 Cert Hash

Load CA root certificate at runtime in Java

你说的曾经没有我的故事 提交于 2019-12-04 10:48:24
tl;dr: Using custom CA without adding it to persistent keystore. I am writing a Java application that should connect to a remote server using HTTPS. The code for the connection is ready, however the SSL certificate of the server was signed by StartSSL , which is not in Java's CA root cert store. Using this code , I get valid certificate information from websites like https://www.google.com/ : Response Code : 200 Cipher Suite : TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Cert Type : X.509 Cert Hash Code : -1643391404 Cert Public Key Algorithm : RSA Cert Public Key Format : X.509 Cert Type : X.509

Trusted Root Certificates in DotNet Core on Linux (RHEL 7.1)

故事扮演 提交于 2019-11-28 01:12:09
I'm currently deploying a .net-core web-api to an docker container on rhel 7.1. Everything works as expected, but from my application I need to call other services via https and those hosts use certificates signed by self-maintained root certificates. In this constellation I get ssl-errors while calling this services (ssl-not valid) and therefore I need to install this root-certificate in the docker-container or somehow use the root-certificate in the .net-core application. How can this be done? Is there a best practice to handle this situation? Will .net-core access the right keystore on the

Trusted Root Certificates in DotNet Core on Linux (RHEL 7.1)

妖精的绣舞 提交于 2019-11-26 23:30:26
问题 I'm currently deploying a .net-core web-api to an docker container on rhel 7.1. Everything works as expected, but from my application I need to call other services via https and those hosts use certificates signed by self-maintained root certificates. In this constellation I get ssl-errors while calling this services (ssl-not valid) and therefore I need to install this root-certificate in the docker-container or somehow use the root-certificate in the .net-core application. How can this be