w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Why is my certificate not valid unless I put the Sub CA certificate in the trusted root certificate authorities?
To elaborate on Erik's comment, trusting the Root CA certificate means that you will trust what the Root CA directly signs. If you have an intermediate Sub CA in the middle, its certificate is signed by the Root CA, and the Sub CA signs your certificate directly. Root CA ---signs/verifies---> Sub CA ---signs/verifies---> End user certificate As Erik said, if you do not have the Sub CA certificate present, then there is no way to link the Root CA to the End user certificate. The Root can verify the Sub CA certificate, and the Sub CA can verify the End user certificate, but there is no way for the Root to skip over the Sub CA and verify the End user certificate because the root did not sign the End user certificate. 2 ways to resolve this are: include the Sub CA cert in your tru

Categories : C#

Bootstrap renewal
Bootstrap uses a major.minor.patch versioning system. A jump from version 2.x.x to version 3.x.x represents a break in backwards compatibility. A jump from 2.1.x to 2.2.x represents new features and enhancements. A jump from version 2.2.1 to 2.2.2 represents fixes to bugs and errors. That's not a direct answer to your question, but hopefully gives you the information you need to make an educated decision on whether or not to upgrade.

Categories : Wordpress

Sandbox renewal of subscription
If you're using IPN, PayPal sends an IPN post when a subscription is created, a payment is made, and when it expires. You can use that IPN post to trigger a script to send your buyers an e-mail. That e-mail can include a link to your site where the button is located or a link the buyers can click to be redirected to PayPal and resubscribe from there. There isn't a guaranteed way to have buyers return to your site after their subscription expires. Sending them an e-mail with their different options and an explanation that their subscription has expired is a fair way of handling the situation.

Categories : Paypal

Access Token Infinite Renewal
If you want to generate new accessToken automatically means Let the application open the first screen where user gives access to Application. Then it will generate new accessToken. If accessToken is Expired get it in OAuthException and redirect to front screen.

Categories : Facebook

in-app purchase for auto-renewal subscriptions notifications
Answering question 1, you can verify subscription receipts in the same way as other IAP, but you'll need to check it periodically to see if the subscription has expired (the verification will tell you if it's expired). There is more info on the Apple docs here: http://developer.apple.com/library/mac/#documentation/NetworkingInternet/Conceptual/StoreKitGuide/RenewableSubscriptions/RenewableSubscriptions.html

Categories : IOS

In GoogleCloudMessaging API, how to handle the renewal or expiration of registration ID?
I am giving a way as What I implemented in my application @Override protected void onRegistered(Context context, String registrationId) { Log.i(TAG, "Device registered: regId = " + registrationId); //displayMessage(context, getString(R.string.gcm_registered)); //ServerUtilities.register(context, registrationId); //1. Store this id to application Prefs on each request of device registration //2. Clear this id from app prefs on each request of device un-registration //3. Now add an if check for new registartion id to server, you can write a method on server side to check if this reg-id matching for this device or not (and you need an unique identification of device to be stored on server) //4. That method will clear that if id is matching it meanse this

Categories : Java

How to detect and verify a renewal for an auto-renewable subscription?
My experience. Let's assume, we always send initial receipt to Apple's server. In any case, you'll get JSON with at least two fields: status (no comments) and receipt (information about receipt that you've send). Additionally to that: 1) If the subscription is still active, you'll additionally get latest_receipt (base64-encoded string) and latest_receipt_info (information about that receipt). 2) If the subscription is already expired, you'll additionally get latest_expired_receipt_info (information about last renewing receipt). Yes, you get only information about it, no base64-encoded string. And yes, AFAIK, that's not documented anywhere. Hope that helps.

Categories : IOS

Does Apple try to renew an IOS subscription past the renewal date?
If a subscriber of your App has opted for auto renewal then Apple will keep renewing his/her a/c till the time the subscriber doesn't opt out from it. Also till the time the billing method which the subscriber has provided the information is valid. Regards Rajeev

Categories : IOS

Is it possible to start Fancybox on page load with a youtube video automatic and close at end automatic?
Yes, it's possible. Take the example at the fancybox website (tips & tricks No.15), and tweak it to your needs. First, you would need to load the youtube player API (apart from the jQuery and fancybox js and css files of course) <script src="http://www.youtube.com/player_api"></script> Then built the onYouTubePlayerAPIReady() function with the fancybox custom script inside of it to launch the video. Then, inside the fancybox beforeShow callback, set a listener for the end of the video and close fancybox using the method $.fancybox.close() like : function onYouTubePlayerAPIReady() { $(document).ready(function () { $.fancybox({ href: "http://www.youtube.com/embed/L9szn1QQfas?enablejsapi=1&wmode=opaque&autoplay=1", type: "ifra

Categories : Jquery

Parse with Facebook Login: Server refused renewal request with error code: 190
Your error sub code points to this static const int FBSDKSystemPasswordErrorSubcode = 65001; case FBSDKSystemPasswordErrorSubcode: case FBAuthSubcodePasswordChanged: if (subcode == FBSDKSystemPasswordErrorSubcode || [FBErrorUtility fberrorIsErrorFromSystemSession:error]) { userMessageKey = @"FBE:PasswordChangedDevice"; userMessageDefault = @"Your Facebook password has changed. To confirm your password, open Settings > Facebook and tap your name."; shouldNotifyUser = YES; } else { userMessageKey = @"FBE:PasswordChanged"; userMessageDefault = @"Your Facebook password has changed. Please log into this app again to reconnect y

Categories : IOS

Certificate Verification: Error (20): unable to get local issuer certificate - Chrome on Apple OSX
you have sslverifyclient optional, which means that clients may present a client-cert to the webserver, to authenticate themselves. maybe your user has such a cert. i'm myself new to this, and i think these two items a) sslcertificate of the server and b) client authentication are not dependent from each other... also im not sure if you may give apache two SSLCertificateChainFile directives. i hope that helpes a bit.

Categories : Osx

The certificate chain received contained a V3 CA certificate which key usage constraints indicate its key cannot be used to sign certificates
The issue turned out to be the certificate itself, just as the error said! My mistake was assuming the issue was with our systems. The certificate showed as being correct in the browser but weblogic's authentication libraries appear to be stricter. The service owner has since issued a correctly signed certificate.

Categories : Security

Paypal Access - SSL certificate: unable to get local issuer certificate
SSL certificate problem: unable to get local issuer certificate Means that cUrl doesn't trust Verisign, the certificate authority that vouches for PayPal. As Marc B comments, cUrl no longer ships with trust for any certificate authority. You can bypass the certificate chain validation with the option: CURLOPT_SSL_VERIFYPEER => 0 To read how to configure cUrl so that it trusts Verisign, read the cUrl documentation.

Categories : PHP

Correctly creating a new certificate with an intermediate certificate using bouny castle
Something looks wrong with the way you're creating the PEM files. You're using a method called, generateSelfSignedPemX509Certificate, but you don't really want a self-signed certificate, you want an end certificate signed by the intermediate private key, and you want an intermediate certificate signed by the CA private key. Also, you need basic constraints and key usage extensions on your certificates. For creating certificates signed by other entities (non-self-signed), I use these methods from Bouncy Castle to create an "end" certificate. ASN1Sequence seq= (ASN1Sequence) new ASN1InputStream(parentPubKey.getEncoded()).readObject(); SubjectPublicKeyInfo parentPubKeyInfo = new SubjectPublicKeyInfo(seq); ContentSigner signer = new JcaContentSignerBuilder(algorithm).build(pa

Categories : Java

show entire certificate chain for a local certificate file
If you want to verify the chain and purpose, your openssl command is correct. The "OK" indicates the chain verifies. The error indicates there is an issue with that certificate being used for an sslserver purpose. It looks like your certificate is a CA cert, not a leaf cert. What kind of chain info are you trying to display? You could look at the subject and issuer fields to show chaining. The verify command you used above proves that the one cert signed the other cert.

Categories : Ssl

Puppet ssl errors " SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"
Tried puppetdb-ssl-setup -f that took care of the cert missmatch. more details in https://groups.google.com/forum/#!topic/puppet-users/VqpGAxw7-Fo Thanks Ken for helping

Categories : Ruby

Retrieve PEM cert: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
you can disable certificate verification for a given instance of Net::HTTP: stock.verify_mode = OpenSSL::SSL::VERIFY_NONE or you can disable SSL verification globally in your process using: OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE Note: Ruby interpreter will give you warning that constant is already initialized. Sometimes you might get hard error. if that's the case you can unassign constant and initialize it again using following code: OpenSSL::SSL.send(:remove_const, :VERIFY_PEER) OpenSSL::SSL.const_set(:VERIFY_PEER, OpenSSL::SSL::VERIFY_NONE) This is not a perfect solution for your problem, but if security is not a big cocern, you can use above methods to bypass SSL Cert verification. You will still have encrypted secure connection to server.

Categories : Ruby On Rails

How to programmatically get server's certificate and add to the truestore, and check the certificate
I haven't tried it but this looks promising: https://github.com/cesarferreira/Android-Self-Signed-SSL-certificate-example

Categories : Android

Download certificate using openssl and setting certificate to libCURL
Never download a root certificate from the server. The whole point of the infrastructure is that you already have a set of trusted root certificates. If someone signed (directly or indirectly) with this root certificate, then you can trust the certificate. If you download the root certificate from the server you are basically dropping the whole idea of certificates and could as well use HTTP. There is an alternative, however, if you are working with your own certificates (self-signed): You can either maintain your own CA and create a special cacert.pem for this purpose or you disable certificate checking (the latter is not recommended as it makes your application less secure!). If you are doing some advanced stuff, i.e. not having a certificate signed by a CA included in standard bundles

Categories : C++

Trigger an event when a new certificate is added to certificate store
Found an alternative. MY cert store certificates are written in C:UsersusernameAppDataRoamingMicrosoftSystemCertificatesMyCertificates Now using a directory event watcher to view newly installed certificates.

Categories : Windows

perl ssl certificate verify failed on cacert certificate
Install CACertOrg::CA or set the SSL_ca_path to the Debian certificate directory.

Categories : Perl

WCF - Using more than one service certificate (due to certificate change)
I beleive you can only have one service certificate. If you cannot make the change between client and server at the same time try to set up 2 difference services, one with old cert and one with new. Then gradually migrate clients to work with the new service url/cert. If you cannot change client url but just cert you could build a server proxy that knows to route the request to the rigth server based on the certificate but try to avoid it.

Categories : C#

SSL Certificate - What is the use of the private key in a root certificate?
The root certificate's private key is (normally) only used to sign the intermediate certificates. Compromising it allows you to create new intermediate certificates, and by extension, certificates for any domain.

Categories : Ssl

Adding certificate chain to p12(pfx) certificate
Own answer. I figured out how to do this with OpenSSL: openssl pkcs12 -in certificate.p12 -out clientcert.pem -nodes -clcerts openssl x509 -in trusted_ca.cer -inform DER -out trusted_ca.pem openssl x509 -in root_ca.cer -inform DER -out root_ca.pem cat clientcert.pem trusted_ca.pem root_ca.pem >> clientcertchain.pem openssl pkcs12 -export -in clientcertchain.pem -out clientcertchain.pfx

Categories : Java

Self signing an SSL certificate - does CN need to be where the certificate is going to be located (the URL of my app)?
Self-signed certificates are handled differently by different clients. I don't think there's a general rule. For example, if you connect Firefox to a site using your self-signed certificate, you can add an exception that will be tied to that particular host name. It's the same exception you can use for certificate that is trusted via a known CA, but for a different website. Effectively, the Firefox exception mechanism does both at once: each exception will be for a combination of target host name and specific certificate. This is certainly not the case for all "exception" mechanisms you'd use to handle a self-signed certificate. For example, adding a certificate to your truststore in Java might make it trusted, but your Java application would still verify the hostname (if it's implemente

Categories : Asp Net Mvc

Heroku SSL - No certificate given is a domain name certificate
Seems like your certs and your bundle are not resolving properly, i.e. either the trust chain is broken (not all certs exist in bundle for domain -> intermediate CA -> root CA) or alternatively your cert is not valid for the domain that Heroku is expecting. Make sure the fully qualified domain name in your cert matches the domain you are using.

Categories : Ssl

Issue with SSL certificate: "No peer certificate"
There seems to be some problem with the way the certificates are returned from the server OR may be android system keystore does not have the relevant root certs to validate and complete the handshake. Looking at the certificate chain information for the site mentioned in the question, it seems to me that the chain is not correctly sorted. You can try the answer here

Categories : Android

OpenSSL + Self Signed Cert = OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
Extracted from here So basically all you have to do is this ENV['SSL_CERT_FILE'] = "your certificate path" and I guess all will work You might find this Reference useful : http://mislav.uniqpath.com/2013/07/ruby-openssl/ Who reads the value of ENV['SSL_CERT_FILE']? Hope this help

Categories : Ruby On Rails

Android 2.2: javax.net.ssl.SSLException: Not trusted server certificate - Android 2.3: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
W/System.err(1201): javax.net.ssl.SSLPeerUnverifiedException: No peer certificate What cipher suites are you using? Anonymous Diffie-Hellman (ADH) will cause the server to not send a certificate. W/System.err(22569): Caused by: java.security.cert.CertPathValidatorException: TrustAnchor for CertPath not found. It sounds like you did not trust a CA's root certificate required to validate the chain. Has it been loaded? Is it the correct root to trust? Certificate chain 0 s:/C=LU/postalCode=2130/ST=NA/L=Luxembourg/streetAddress=Boulevard Charle Marx 23/O=Dellmont Sarl/OU=Comodo InstantSSL/CN=77.72.173.130 i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Asurance Secure Server CA [Repeated three times] This looks malformed in practice. There

Categories : Android

Always automatic log in WiX
MsiLogging property is your solution here. According to the documentation: The MsiLogging property sets the default logging mode for the Windows Installer package. If this optional property is present in the Property table, the installer generates a log file named MSI*.LOG. The full path to the log file is given by the value of the MsiLogFileLocation property.

Categories : Wix

Automatic Progress Bar
I think the main culprit is the setTimeout built-in which loses the connection to the local this. I replaced it with qx.event.Timer.once and it works like a charm. See the code in this Playground sample. Press the "Log" button of the Playground to see the log messages.

Categories : Javascript

DIV width automatic with CSS?
You can use the same class style for them and set a common size for them if you want like this: <div id="container> <div id="left" class="outerdivs"></div> <div id="mid"></div> <div id="right" class="outerdivs"></div> </div>

Categories : CSS

Div is not automatic height as specified
You need to clear your floats or set overflow: auto to your parent container: #Mid_Container { width:1048px; height:auto; min-height:1100px; margin:0 auto; margin-top:15px; padding:0; position:relative; border:1px solid #a9a9a9; background-color:#f7f7f7; overflow: auto; /* cause this block to enclose floated child elements */ } Modified jsfiddle: http://jsfiddle.net/audetwebdesign/JRd9z/1/

Categories : HTML

Why is constexpr not automatic?
This is only my evaluation, but I believe your (b) reason is correct (that it forms part of the interface that the compiler can enforce). The interface requirement serves both for the writer of the code and the client of the code. The writer may intend something to be usable in a compile-time context, but not actually use it in this way. If the writer violates the rules for constexpr, they might not find out until after publication when clients who try to use it constexpr fail. Or, more realistically, the library might use the code in a constexpr sense in version 1, refactor this usage out in version 2, and break constexpr compatibility in version 3 without realizing it. By checking constexpr-compliance, the breakage in version 3 will be caught before deployment. The interface for th

Categories : C++

Automatic Uploader
Please note that cronjobs , POST/GET and REST are 3 different things and they do 3 different things . A simple approach would be to use Inotify to monitor the upload folder. When a new file is added its sends a trigger to a php file that uploads the files to your server.This way the file is uploaded as soon as they are created or modified.

Categories : PHP

Automatic log out in Devise
You could override the after_signup_path_for(resource) method as shown in this SO answer: http://stackoverflow.com/a/5466245/367869. In that method you could make a call to something like sign_out current_user However, I do agree with user136060's comment to your question - if all you're doing is a mailing list, Devise is probably overkill.

Categories : Ruby On Rails

Vim automatic scroll buffer
In general, vim events fire in response to user input. They don't just run continuously in the background. This post details some tricks you could repurpose to write some customization code to reload your "tail -f" buffer and scroll to the bottom periodically. Rather than trying to do this all in vim, here is a different proposal that would achieve a similar effect using GNU Screen (one terminal area with vim editing a file file1, another running tail -f against a different file file2): download/install GNU Screen (perhaps apt-get install screen) run screen run vim file1 type Ctrl-A S to split the terminal down the middle horizontally (or, in recent versions of screen, Ctrl-A | to split it down the middle vertically) type Ctrl-A Tab to switch to the other side of the split type Ctrl-A

Categories : Vim

Automatic properties with null value
You don't do anything with the object that's created in the form constructor - it just goes out of scope and will be collected. Are you expecting the values to persist across ALL instances of ADClassNew? If so then use static properties: public static string SearchedObjClass { get; set; } public static string SearchedProp { get; set; } public static string SearchedPropValue { get; set; } public static string LdapPath { get; set; } then set them in your initialization using theclass name instead of an instance: ADClassNew.LdapPath = "LDAP://MyDomain"; ADClassNew.SearchedObjClass = "User"; ADClassNew.SearchedProp = "Displayname"; ADClassNew.SearchedPropValue = "administrator"; Alternatively you can make the object a property of the form to re-use it: public partial class Form1 : For

Categories : C#

How can I avoid automatic deallocate in C++?
You are defining a local variable ca which hides the parameter ca you're passing in. Although this is not the only problem here, the code above almost certainly doesn't do what you expect it to do. EDIT: As you've now disambiguated the local variable from the parameter: None of the parameters to CollectCertificatesInfo is used - is this intentional? As others have pointed out already, instances of CertificateInfo are being copied around a lot here, and its copy construction might be broken, but it's impossible to say that with certainty as you didn't give us any code for that class.

Categories : C++

Automatic Email Mechanism
try this: HttpContext.Current.Cache.Add(CacheItemKey, "Test", null, DateTime.Now.AddHours(24), System.Web.Caching.Cache.NoSlidingExpiration, CacheItemPriority.Normal, new CacheIRemovedCallback(CacheIRemovedCallback)); Syntax as in MSDN: public Object Add( string key, Object value, CacheDependency dependencies, DateTime absoluteExpiration, TimeSpan slidingExpiration, CacheItemPriority priority, CacheItemRemovedCallback onRemoveCallback ) Items are guaranteed to remain in cache for minimum 10 minutes, this is a default setting. So email sent every 10 minutes means that setting expiration time is not successful. You may change it with absoluteExpiration and slidingExpiration parameters. I suspect however that problem

Categories : C#



© Copyright 2017 w3hello.com Publishing Limited. All rights reserved.