w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
how to import public certificate for tomcat
Are you trying to use your webapp as a client to a service based on https? If so you´re webapp should be able to trust that service. If the service is created with a self-signed certificate you need to add that cert´s CA root certificate to your cacerts as trusted. That can be done with a keytool which comes with the jre/jdk. keytool.exe -import -alias AliasForYourTrustedCert -file File.cer -trustcacerts -keystore %JAVA_HOME%libsecuritycacerts

Categories : Ssl

How to import a client certificate into Chrome on Google TV?
Unfortunately this is not something supported by the current generation of Google TVs. It is an edge case that would expose too much risk to the user and be a possible security hole if abused. Trust certificates can be installed by OEMs so it may be worth while to contact one of them.

Categories : Google Chrome

Why is my certificate not valid unless I put the Sub CA certificate in the trusted root certificate authorities?
To elaborate on Erik's comment, trusting the Root CA certificate means that you will trust what the Root CA directly signs. If you have an intermediate Sub CA in the middle, its certificate is signed by the Root CA, and the Sub CA signs your certificate directly. Root CA ---signs/verifies---> Sub CA ---signs/verifies---> End user certificate As Erik said, if you do not have the Sub CA certificate present, then there is no way to link the Root CA to the End user certificate. The Root can verify the Sub CA certificate, and the Sub CA can verify the End user certificate, but there is no way for the Root to skip over the Sub CA and verify the End user certificate because the root did not sign the End user certificate. 2 ways to resolve this are: include the Sub CA cert in your tru

Categories : C#

The certificate chain received contained a V3 CA certificate which key usage constraints indicate its key cannot be used to sign certificates
The issue turned out to be the certificate itself, just as the error said! My mistake was assuming the issue was with our systems. The certificate showed as being correct in the browser but weblogic's authentication libraries appear to be stricter. The service owner has since issued a correctly signed certificate.

Categories : Security

Certificate Verification: Error (20): unable to get local issuer certificate - Chrome on Apple OSX
you have sslverifyclient optional, which means that clients may present a client-cert to the webserver, to authenticate themselves. maybe your user has such a cert. i'm myself new to this, and i think these two items a) sslcertificate of the server and b) client authentication are not dependent from each other... also im not sure if you may give apache two SSLCertificateChainFile directives. i hope that helpes a bit.

Categories : Osx

Why won't CloudFormation execute my command?
Your commands block should be nested inside the config block, at the moment it is at the same level in the hierarchy. "AWS::CloudFormation::Init" : { "config" : { "files" : { "c:\Packages\WebDeploy_amd64_en-US.msi" : { "source" : "http://download.microsoft.com/download/1/B/3/1B3F8377-CFE1-4B40-8402-AE1FC6A0A8C3/WebDeploy_amd64_en-US.msi" } }, "commands" : { "1-installwebdeploy" : { "command" : "msiexec.exe /i c:\Packages\WebDeploy_amd64_en-US.msi ADDLOCAL=ALL /qn /norestart" } } }, }

Categories : Amazon

show entire certificate chain for a local certificate file
If you want to verify the chain and purpose, your openssl command is correct. The "OK" indicates the chain verifies. The error indicates there is an issue with that certificate being used for an sslserver purpose. It looks like your certificate is a CA cert, not a leaf cert. What kind of chain info are you trying to display? You could look at the subject and issuer fields to show chaining. The verify command you used above proves that the one cert signed the other cert.

Categories : Ssl

Paypal Access - SSL certificate: unable to get local issuer certificate
SSL certificate problem: unable to get local issuer certificate Means that cUrl doesn't trust Verisign, the certificate authority that vouches for PayPal. As Marc B comments, cUrl no longer ships with trust for any certificate authority. You can bypass the certificate chain validation with the option: CURLOPT_SSL_VERIFYPEER => 0 To read how to configure cUrl so that it trusts Verisign, read the cUrl documentation.

Categories : PHP

Correctly creating a new certificate with an intermediate certificate using bouny castle
Something looks wrong with the way you're creating the PEM files. You're using a method called, generateSelfSignedPemX509Certificate, but you don't really want a self-signed certificate, you want an end certificate signed by the intermediate private key, and you want an intermediate certificate signed by the CA private key. Also, you need basic constraints and key usage extensions on your certificates. For creating certificates signed by other entities (non-self-signed), I use these methods from Bouncy Castle to create an "end" certificate. ASN1Sequence seq= (ASN1Sequence) new ASN1InputStream(parentPubKey.getEncoded()).readObject(); SubjectPublicKeyInfo parentPubKeyInfo = new SubjectPublicKeyInfo(seq); ContentSigner signer = new JcaContentSignerBuilder(algorithm).build(pa

Categories : Java

Why won't my CloudFormation script download a file?
Jonathon, I tried your template and the file downloaded successfully for me. You can check the cfn logs on the instance. They are in c:cfnlog. My cfn-init.log shows: 2013-07-19 21:30:18,269 [DEBUG] Parent directory c: est does not exist, creating 2013-07-19 21:30:18,269 [DEBUG] Writing content to c: estgoogle-logo.png 2013-07-19 21:30:18,269 [DEBUG] Retrieving contents from http://www.google.com/images/srpr/logo4w.png 2013-07-19 21:30:18,316 [DEBUG] No mode specified for c: estgoogle-logo.png 2013-07-19 21:30:18,316 [WARNING] Unsupported OS for setting owner/group: nt And my cfn-wire.log shows: 2013-07-19 21:30:18,269 [DEBUG] Request: GET http://www.google.com/images/srpr/logo4w.png [headers: {'Accept-Encoding': 'identity, deflate, compress, gzip', 'Accept': '*/*', 'User-Agent': 'pyth

Categories : Amazon

AWS - Automatic deployment (.NET) to CloudFormation stack
cloud-init is used with windows too. See the documentation for bootstrapping Windows stacks.

Categories : Amazon

Retrieve PEM cert: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
you can disable certificate verification for a given instance of Net::HTTP: stock.verify_mode = OpenSSL::SSL::VERIFY_NONE or you can disable SSL verification globally in your process using: OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE Note: Ruby interpreter will give you warning that constant is already initialized. Sometimes you might get hard error. if that's the case you can unassign constant and initialize it again using following code: OpenSSL::SSL.send(:remove_const, :VERIFY_PEER) OpenSSL::SSL.const_set(:VERIFY_PEER, OpenSSL::SSL::VERIFY_NONE) This is not a perfect solution for your problem, but if security is not a big cocern, you can use above methods to bypass SSL Cert verification. You will still have encrypted secure connection to server.

Categories : Ruby On Rails

Puppet ssl errors " SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"
Tried puppetdb-ssl-setup -f that took care of the cert missmatch. more details in https://groups.google.com/forum/#!topic/puppet-users/VqpGAxw7-Fo Thanks Ken for helping

Categories : Ruby

perl ssl certificate verify failed on cacert certificate
Install CACertOrg::CA or set the SSL_ca_path to the Debian certificate directory.

Categories : Perl

Download certificate using openssl and setting certificate to libCURL
Never download a root certificate from the server. The whole point of the infrastructure is that you already have a set of trusted root certificates. If someone signed (directly or indirectly) with this root certificate, then you can trust the certificate. If you download the root certificate from the server you are basically dropping the whole idea of certificates and could as well use HTTP. There is an alternative, however, if you are working with your own certificates (self-signed): You can either maintain your own CA and create a special cacert.pem for this purpose or you disable certificate checking (the latter is not recommended as it makes your application less secure!). If you are doing some advanced stuff, i.e. not having a certificate signed by a CA included in standard bundles

Categories : C++

Trigger an event when a new certificate is added to certificate store
Found an alternative. MY cert store certificates are written in C:UsersusernameAppDataRoamingMicrosoftSystemCertificatesMyCertificates Now using a directory event watcher to view newly installed certificates.

Categories : Windows

How to programmatically get server's certificate and add to the truestore, and check the certificate
I haven't tried it but this looks promising: https://github.com/cesarferreira/Android-Self-Signed-SSL-certificate-example

Categories : Android

Is it possible to create a SNS subscription with CloudFormation without creating a topic?
As you already discovered, AWS CloudFormation doesn't provide the expected AWS::SNS::Subscription resource (yet) and I'm not aware of this being possible by any other means, unfortunately - guess the rationale is that both are either managed within a template or externally, but your use case is sound and I can see no fundamental reason why this shouldn't be available (maybe they'll add it at some point, AWS is usually expanding their APIs over time to address such inconsistencies/missings).

Categories : Amazon

Pydev tags import as "unresolved import" but code using this import works fine.
So, what you're seeing here is their distribution model. Usually a module will have one root import that everything stems from, but that's not necessarily the case. They're providing a package with (what I assume) is many modules that don't interact with each other; or they can all stand alone. instead of importing each package individually, you could use the 'from' keyword: from ROOTFOL.PACKAGE import * which will grab everything inside that sub-module. You could e-mail the developer and ask why they deployed it this way...or you could add your own __init__.py to the root folder and, from ROOTFOL import * which will walk the tree. Good luck!

Categories : Python

Installing Windows applications/extensions with Amazon CloudFormation
For your example of WebDeploy, you could add this: "C:\Webdeploy\WebDeploy_amd64_en-US.msi" : { "source" : "http://download.microsoft.com/download/1/B/3/1B3F8377-CFE1-4B40-8402-AE1FC6A0A8C3/WebDeploy_amd64_en-US.msi" } as a element of this section of the template "WindowsServer": { "Type" : "AWS::EC2::Instance", "Metadata" : { "AWS::CloudFormation::Init" : { "config" : { "files" : { You could then add this command: "1-installwebdeploy" : { "command" : "msiexec.exe /i C:\Webdeploy\WebDeploy_amd64_en-US.msi ADDLOCAL=ALL /qn /norestart" } to the list of commands.

Categories : Amazon

Python strange import behavior: import x.y works, from x import y doesn't
Works for me: danielallan@MacBook:~$mkdir myproject danielallan@MacBook:~$cd myproject/ danielallan@MacBook:myproject$mkdir lib danielallan@MacBook:myproject$cd lib danielallan@MacBook:lib$touch __init__.py danielallan@MacBook:lib$touch view.py danielallan@MacBook:lib$touch common_lib.py danielallan@MacBook:lib$cd .. In [1]: from lib import view In [2]: view Out[2]: <module 'lib.view' from 'lib/view.pyc'> What happens when you try that on your machine? Are you sitting in the wrong directory, or is your path not configured to find these files?

Categories : Python

WSO2 API Manager - How does mobile app connect to API Manager?
You can use 'User Access Token'. That is the recommended approach for mobile apps. Refer to this WSO2AM doc for more info. The following blog posts also has some detailed explanation. http://charithaka.blogspot.com/2013/07/oauth-20-grant-types-with-wso2-api_16.html http://lalajisureshika.blogspot.com/2012/11/generate-application-tokens-user-tokens.html

Categories : Wso2

How to manager Fragment like ActivityGroup manager Activity
The feasibility of this answer will depend on what you want to accomplish with the different activities. I had a similar problem and I solved it by using Fragments. Imagine that you have one Activity for your task which has different facets. Then you can easily use the Activity to gather and persist data that you will need in each Fragment or to feed your business logic and your Fragments can each cater to different facets of the task. I would highly recommend this as Fragmentand FragmentManagerare supposed to replace the deprecated ActivityGroup. Here is some documentation on the matter: FragmentManager Fragment Now, using Fragments is a bit different from using Activity but not to much. Basically, you declare your Fragmentlike any other object. To show your Fragment you will use: F

Categories : Android

Generating subnet CIDR blocks programmatically in CloudFormation templates (or adding integers together)
My solution for these kinds of issues was to use a legitimate programming language to compile a template into a CloudFormation JSON document. I used PHP 5.4, Twig and Symfony Console, but YMMV. Essentially, you do the math ahead of time in the programming language, then use that data as you write-out your JSON document.

Categories : Amazon

Self signing an SSL certificate - does CN need to be where the certificate is going to be located (the URL of my app)?
Self-signed certificates are handled differently by different clients. I don't think there's a general rule. For example, if you connect Firefox to a site using your self-signed certificate, you can add an exception that will be tied to that particular host name. It's the same exception you can use for certificate that is trusted via a known CA, but for a different website. Effectively, the Firefox exception mechanism does both at once: each exception will be for a combination of target host name and specific certificate. This is certainly not the case for all "exception" mechanisms you'd use to handle a self-signed certificate. For example, adding a certificate to your truststore in Java might make it trusted, but your Java application would still verify the hostname (if it's implemente

Categories : Asp Net Mvc

Heroku SSL - No certificate given is a domain name certificate
Seems like your certs and your bundle are not resolving properly, i.e. either the trust chain is broken (not all certs exist in bundle for domain -> intermediate CA -> root CA) or alternatively your cert is not valid for the domain that Heroku is expecting. Make sure the fully qualified domain name in your cert matches the domain you are using.

Categories : Ssl

WCF - Using more than one service certificate (due to certificate change)
I beleive you can only have one service certificate. If you cannot make the change between client and server at the same time try to set up 2 difference services, one with old cert and one with new. Then gradually migrate clients to work with the new service url/cert. If you cannot change client url but just cert you could build a server proxy that knows to route the request to the rigth server based on the certificate but try to avoid it.

Categories : C#

Adding certificate chain to p12(pfx) certificate
Own answer. I figured out how to do this with OpenSSL: openssl pkcs12 -in certificate.p12 -out clientcert.pem -nodes -clcerts openssl x509 -in trusted_ca.cer -inform DER -out trusted_ca.pem openssl x509 -in root_ca.cer -inform DER -out root_ca.pem cat clientcert.pem trusted_ca.pem root_ca.pem >> clientcertchain.pem openssl pkcs12 -export -in clientcertchain.pem -out clientcertchain.pfx

Categories : Java

SSL Certificate - What is the use of the private key in a root certificate?
The root certificate's private key is (normally) only used to sign the intermediate certificates. Compromising it allows you to create new intermediate certificates, and by extension, certificates for any domain.

Categories : Ssl

Issue with SSL certificate: "No peer certificate"
There seems to be some problem with the way the certificates are returned from the server OR may be android system keystore does not have the relevant root certs to validate and complete the handshake. Looking at the certificate chain information for the site mentioned in the question, it seems to me that the chain is not correctly sorted. You can try the answer here

Categories : Android

OpenSSL + Self Signed Cert = OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
Extracted from here So basically all you have to do is this ENV['SSL_CERT_FILE'] = "your certificate path" and I guess all will work You might find this Reference useful : http://mislav.uniqpath.com/2013/07/ruby-openssl/ Who reads the value of ENV['SSL_CERT_FILE']? Hope this help

Categories : Ruby On Rails

Display Android SDK Manager, Android Virtual Device manager buttons in eclipse?
Try this: window->customize perspective->command groups availability->andriod and avd managers (CHECK this option) and then Tool bar visibility->andriod and avd managers(CHECK this option) Hope it helps..:)

Categories : Android

how to construct a string of physical subnet ids to create db subnet group on the fly in a cloudformation script?
I run into the same issue, after working with AWS support I understood that List of String does not mean what we initially thought. Also, if you want to place the DB inside a VPC you must not use AWS::RDS::DBSecurityGroup objects. Here is a full sample, it took me a while to get it working: "dbSubnetGroup" : { "Type" : "AWS::RDS::DBSubnetGroup", "Properties" : { "DBSubnetGroupDescription" : "Availability Zones for RDS DB", "SubnetIds" : [ { "Ref" : "subnetPrivate1" }, { "Ref" : "subnetPrivate2" } ] } }, "dbInstance" : { "Type" : "AWS::RDS::DBInstance", "Properties" : { "DBInstanceIdentifier" : { "Fn::Join" : [ "", [ { "Ref" : "AWS::St

Categories : Amazon

Android 2.2: javax.net.ssl.SSLException: Not trusted server certificate - Android 2.3: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
W/System.err(1201): javax.net.ssl.SSLPeerUnverifiedException: No peer certificate What cipher suites are you using? Anonymous Diffie-Hellman (ADH) will cause the server to not send a certificate. W/System.err(22569): Caused by: java.security.cert.CertPathValidatorException: TrustAnchor for CertPath not found. It sounds like you did not trust a CA's root certificate required to validate the chain. Has it been loaded? Is it the correct root to trust? Certificate chain 0 s:/C=LU/postalCode=2130/ST=NA/L=Luxembourg/streetAddress=Boulevard Charle Marx 23/O=Dellmont Sarl/OU=Comodo InstantSSL/CN=77.72.173.130 i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Asurance Secure Server CA [Repeated three times] This looks malformed in practice. There

Categories : Android

Import from child directory in ghci session (import modules from tests in yesod)
Ok, so the answer is this: add all missing modules inside your cabal file from build-depends of your test-suite into build-depends of your app on top. run cabal-dev ghci inside app's root and do :set -itests You should then be able to do something like :load tests/EntriesTest.hs fine.

Categories : Haskell

The import javax.inject cannot be resolved while import Guava source
You can get the javax.inject jar here. You don't need to use maven, just download the binary.

Categories : Eclipse

Python sh import causing Unresolved Import error in PyDev
Try using the subprocess module to call console commands. For example: from subprocess import call dir_name = '/foo/bar/' call('mkdir %s'%dir_name, shell=True)

Categories : Python

Import into python interpreter main namespace from an import
If I understand you correctly, you're just looking for the from … import … statement. For example: lotsostuff.py: import json def foo(): pass Now: $ python3.3 >>> from lotsostuff import * >>> json <module 'json' from '/usr/local/lib/python3.3/json/__init__.py'> >>> foo <function lotsostuff.foo> However, you might want to consider a different alternative. If you're just trying to control the startup of your interpreter session, you can do this: $ PYTHONSTARTUP=lotsostuff.py $ python3.3 >>> json <module 'json' from '/usr/local/lib/python3.3/json/__init__.py'> >>> foo <function __main__.foo> Notice the difference in the last line. You're now running lotsostuff in the __main__ namespace, rather than running i

Categories : Python

Does import __foo__ import from the __init__ file of the foo package?
I cannot actually make ompclib/m_compile.py work. ompc/m_compile.py is almost the same file, but is actually used by the ompc codebase. My conclusion is that that file and probably the whole ompclib directory is a left-over from an earlier development stage and the author simply has forgotten to clean it up. The import __ompc__ import is otherwise nothing more but a broken import. It does not magically transform into importing the ompc package. ompc/m_compile.py does work, and uses import ompc instead.

Categories : Python

Get 'import' error when trying to import .rake file in ruby
I think you're probably going about this the wrong way. Why is that functionality in a Rakefile? Rake is Ruby's equivalent of make - it's designed to handle software tasks with dependencies, like building an app, or packaging an releasing a Rubygem. Even Wikipedia has a pretty good description of what it's for, or see this answer for a link dump. What you've described sounds like it's normal Rails stuff - take web input, act on it, interface with database. I'd seriously consider rewriting your Rake tasks inside Rails.

Categories : Ruby On Rails



© Copyright 2017 w3hello.com Publishing Limited. All rights reserved.