Is anyone using digital certificates in project ?I have created a digital certificate using Microsoft certificate services.I have installed this certificate on my website.When I access website over https I get digital certificate error in browser.Most common cause for this error is incorrect date/time settings on client machine. This is not the issue in my case.
View 1 RepliesI am fairly new to web development and have never used Digital Certificates before. I assume using a digital certificate on a silverlight web page is the same as using one on any other web page, but i thought i should check. There are a few example of digitally signing the .xap file on the internet, would it then be a case of simply buying the certificate (from verisign or somewhere similar) and distributing it to customers?
View 1 RepliesI would like to do login to the website using certificates.
I want to have a secure login.
How to create certificates for login?
How certification process?
Is it possible to read the certificate(s) in a clients browser through code? The situation I have is, someone is going to access my website with a certificate installed. In that certificate, there will be specific information related to my application. I will be pulling that specific peice of info out, and then doing what I need to with it.
I can already read certificates from my local machine (using the X509Certificate2 class), and using string manipulation, traverse out the information needed. The only part I can't do, is pull certificates from the browser.
I have tried using the '.IsPresent' function on an HttpClientCertificate object, but that always returns false (even though I have four certificates installed on my machine).
I am trying to decrypt using an X509 certificate private key. I am using the following function:
[Code]....
I was wondering if it is possible to call a webservice or send a SOAP request using a provided certificate to encrypt my password (my identity) and use another to encrypt/sign a timestamp, service header, & soap body? Does anyone have any material or sample code where I can test encryption and security too? It doesn't have to be my own certificates, I just want to see it work and then I can possibly tailor it to my needs. After the SOAP request, there will be a provided response which I assume I will have to decrypt.
I found this thread, but it doesn't seem to use signatures or an SSL connection. Does VS 2010 have some extra features to help out on this? I believe the SOAP should look like this.
<soap:Envelope>
<soap:Header>
<svchdr:ServiceHeader>
<svchdr:StaticRegion>...</svchdr:StaticRegion>
<svchdr:DynamicRegion>...</svchdr:DynamicRegion>
</svchdr:ServiceHeader>
<wsse:Security>
(Signature Info)
</wsse:Security>
<soap:Body>
...
</soap:Body>
</soap:Envelope>
I am new to digital signature. I have a web application developed in asp.net 3.5. In one of the module of this application I am generating pdf file and storing it on the server. The users must be able to choose a pdf file and digitally sign it with a certificate stored locally (either on their machine or in a smartcard). I do not know whether I should pass pdf file to client place to sign it or I should send Certificate object to the server.
View 1 RepliesI have problem to create digital signature. I created console application and it works there but when I want to run it at server there is exception. It looks like I have problem with reference to the file.
View 6 RepliesI posted this previously but it ended up in Languages/C# rather than here. I'm not sure if I chose the wrong forum or the admin moved it. I wanted it in here so I'm re-posting it:
I have an APK file (android application archive, same as JAR file format) that I need to determine whether or not is signed, and if so, extract the certificate info.
The JDK provides a command line tool to do this:
jarsigner -verbose -certs -verify file.apk
I'm trying to determine if there's a way using the Security classes to accomplish the same thing in C# code.
I have never write code like this... so I am trying to explian what problem I meet here..
assuming I have 2 web service
one named WS1 another named WS2
WS1 (send data to WS2) → WS2 then WS2 (receive data from WS1 and do something then return result to WS1)→WS1
if I want to add digital signature between WS1 and WS2 so that WS1 connecting to WS2 , WS2 will recognize who is connecting by digital signature
what do I need if I want to do that? and how to do?
I have a website that needs me to use ActiveX. and there is a security policy in my office that needs me to DIGITALLY SIGNING the ActiveX ?[URL]but still couldnt understand what is the actual step that i should do. plus , the link is broken. does anyone know how to do it ?
View 1 RepliesI want to create a digital signature, for my product, for creating the digital sigmature i want digital certificate. I came to know there are lot of third party available for creating digital signature. If any one know can tell some of third party for this.
View 1 RepliesI am doing a project on digital watermarking. This is the process. The user will choose his image file to upload, chooses his image key(either from the visual studio gallery-folder name is Image Key, or he chooses his own from the directory).
He enters a password, and this password will be embedded into the image uploaded.
Next, there is an option to digitally watermark the image (This is where I am having problems - stuck with the codes)
Here is the work so far, and I couldn't get any further.
FileUpload UI + code behind
[Code]....
[Code]....
WatermarkController (Business Logic)
[Code]....
I have an apliccattion Web, but now I will need get the digital certificate in specific form.Is possible show the dialog box (by code) wiht digital certificate list for the user choice digital certificate and then continue wiht my process ???
View 1 RepliesI am currently having trouble with verifying the digital signature in a excel file. The digital signature is used to sign the Macro so that it is possible to authenticate and ensure that no one has tamper with the Macro.
Currently, I am able to check that the excel file is digitally signed. However, I can't seem to be able to verify and ensure that the digital signature is authentic. I'm using asp.net 3.5 with vb.net.
I have asp.net page running under MOSS2007 and there is Access Denied error at signing (signedXml.ComputeSignature()). The code works as normal .net web application but it does not work under MOSS.
Access is denied.
I need to validate a digital signature which consists of thumb impression,signature and tokenid which is in pendrive with a columns of a table in sqlserver2008 database. I am using capicom.dll in asp.net 3.5 using c#.
I tried but I am unable to do it.
have a couple a projects in different solutions, one is a front facing site that has a login that will redirect from there to the other project. I have one SQL Membership database that I am using, when I try and login I get that Members.ValidateUser is true, but FormsAuthentication.Authenticate is false. So when I try and login and redirect it does not work. Am I missing something in the web.config? Is that something that I can even do?
View 2 RepliesI am trying to open my homepage with HTTPS in my test server. Is there a way i can create Self signed certifcates and see if https works. some links or any ideas with how to do Its an ASP.Net project and IIS V6.0
View 3 RepliesI've noticed that it is possible SQL Server 2005/2008 to authenticate replication accounts using certificates. Is it possible to authenticate .NET SqlConnection in the same manor?
Ideally, I'd like to do away with password authentication completely and have the aspnet user connect using a certificate stored against its account.
I need it for the test purposes.. (don't want to see „The remote certificate is invalid..." Exception.. )
View 3 RepliesI am not sure whether I posted the question at the right place, But I don know how to start approaching the problem ,
I need to open a .cer cirtificate from the server side. The .cer cirtificate will be stored in the client browser.
I tried locally putting the cirtificate in my hard drive and I could open it and get the info I want using
X509Certificate2 certificate = new X509Certificate2("C:\OCX\abc.cer");
But what will I do when I need it to open it from client browser?
There is an existing classic ASP application that uses CAPICOM to encrypt a file's content using a certificate. A new file is created with the encrypted content and put on a location from where another 3rd party web application picks up the file (with encrypted content). They use the certificate to decrypt the encrypted data .
I am re-writing this piece of the software in ASP.Net and have read a bit about the encryption algos in .Net. But I am unable to come to a solution I am aiming for.
My questions:
a.) CAPICOM and .Net encryption? Any resource that has some sort of method mapping between the two?
b.) How to encrypt the content of a file using a certificate's private key? The reason I'm looking for this is this statement
The Sign method creates a digital signature on the content to be signed. A digital signature consists of a hash of the content to be signed that is encrypted by using the private key of the signer.
Source: [URL] ....
Background: From a desktop application, users will navigate to an SSL-encrypted web portal where they will have to enter a username / password if it's their first time logging in. I want to be able to securely persist their user session. I was thinking of using encrypted cookies, storing their username and a unique session token / key, but was wondering what benefits client certificates offered in terms of security.
The way I see understand it currently:
Encrypted cookies:
Saved on the user's machine just like any other cookie Since the entire site is SSL, the contents of the cookie cnnot be tampered withEasily implementableWhen a user logs in again, invalidate the token / key and issue a new one
Problems:
Anyone attempting to access the web portal on the computer with a saved session will be able to, but this is a problem with any persisted session, right?
How do I know that computer A is computer A and not just computer B that copied computer A's cookie?
Client Certificates:
A pain in the ass to install Will uniquely identify that person's computer (or can it be restricted to the user account) to the web portal If the client certificate is stolen, then the account is compromised
Question: For persisting user sessions with the utmost security, would encrypted cookies be sufficient or would I need to install client certificates? How do they differ?
I write a ocx file and package into cab file.I execute some commands as below:
cabarc -s 6144 N my.cab ./MyActiveX.ocx
makecert -sv mytest.pvk -ss testCertStore mytest.cercert2spc mytest.cer mytest.spc
pvk2pfx -pvk mytest.pvk -pi "mypassword" -spc mytest.spc -pfx mytest.pfx -f
signtool sign /n "myactivex" /du http://localhost /f mytest.pfx /p "mypassword" -t http://timestamp.verisign.com/scripts/timstamp.dll my.cab
The error message appears as below when I use signtool:
SignTool Error: No certificates were found that met all the given criteria.
Number of errors: 1