what is the password to be used for generating an APNS certificate in ios. I tried using the password which i have given for authenticating while generating the APNS certioficate. But still I am getting an error saying that 'invalid password'.
If you are referring to the password you have to enter when exporting the push certificate to a p12 file, you should give the password of the logged in user on the computer you are using. After you enter that password, you get to choose a password for the p12 file itself.
Related
I am developing a Moodle website using SSO. I have configured auth_saml2 moodle plugin and I have tested with test login. I am getting error
Exception: Failure Signing Data: error: 06065064: digital envelope routines: EVP_DecryptFinal_ex: bad decrypt - SHA256
I have tried SHA384, SHA512 algorith but still am getting same error.
Error screenshot.
The error message has been reported on Github in a couple of tickets.
https://github.com/catalyst/moodle-auth_saml2/issues/387
https://github.com/catalyst/moodle-auth_saml2/issues/380
Looks like the certificate might need to be regenerated?
Also a post on Moodle, they switched to OpenID
https://moodle.org/mod/forum/discuss.php?d=397317
The certificate needs to be regenerated, from the saml settings click the 'Regenerate certificate' button, or go here:
http://moodle.example/auth/saml2/regenerate.php
and resave the certificate. You will need to re-import the SP metadata again with your IdP.
I have created a Xero partner app and I have been asked to renew my Entrust Certificate. When I POST to oauth/RequestToken, I get this error:
oauth_problem=signature_invalid&oauth_problem_advice=Failed%20to%20validate%20signature
Here are the steps that I took:
I downloaded the P12 Entrust Certificate from Xero.
In certmgr, I imported the P12 certificate into my personal certificate store.
I right clicked the certificate. I clicked all tasks and export.
I said do not export the private key.
I exported the file as a CER.
I logged into developer.xero.com and I clicked apps.
I uploaded the CER in the form and clicked save.
Are there any additional steps I must take?
I think where you went wrong is at stage 5.
The entrust cert isn't supposed to be uploaded into the developer portal.
The .cer file you upload into the developer portal conatins your public key and is used to decode the signature you provide on your API calls. This signature is signed by your application using the private key associated with it. If the certs are mismatched (which they will be now that the API is trying to decode with the wrong public key), you will recieve the "Failed to validate signature" error you are seeing.
You will want to either
Re-upload the previous .cer public key file you used for your application originally, as it will match the private key you are currently signing with (unless you changed this also)
Regenerate a new public/private key pair as described here: https://developer.xero.com/documentation/advanced-docs/public-private-keypair, upload the new .cer public key into the developer portal, and use the new private key in your application
I am using Exchange Web Services (EWS) to read emails and their attachments. I was successful until I started receiving some emails that were digitally signed. I found this link EWS: Retrieving attachments from signed emails where the solution starts off by saying "... Assuming your security context has access to the key. " which is exactly where it seems I have problem. How can I make sure my security context has access to the key? How do I achieve that? The code in the above link gives me an error: ASN1 bad tag value met
Are the messages signed or Encrypted (or both) ? To decrypt an encrypted message you would need to have the Private Key (eg for SMIME these should have been exchanged) the EnvelopedCms will search current user (security context) and computer certificate store for this certificate information. However in Exchange in addition to being stored locally the certificate that could be used to decrypt the message could be stored as an attachment on a Personal Contact or in Active Directory http://blogs.technet.com/b/exchange/archive/2008/04/23/3405402.aspx.
I want to create a helpdesk project following this great tutorial : http://blog.jetbrains.com/youtrack/2014/02/using-youtrack-as-a-help-desk/
I want to set the parameters of my mailbox using a Gmail adress but I don't know how to obtain a SSL key from Gmail.
Without it, I have "Connection timed out" error. I know where to add the SSL key in Youtrack, but I need a file (JKS or PKCS12 format).
My settings:
Protocol:IMAPS
Host:imap.gmail.com
Port:993
Login:mylogin
Password:mypassword
Select SSL key: nothing
Connection timeout:60
Socket timeout:60
Please help :)
Here how to obtain Gmail trusted root keys (from Google PKI FAQ):
Google may decide to have its intermediate signed by another root at any point in time, so you should have an update mechanism in place for the trusted roots you ship with your product. If you are developing code intended to connect to a Google property, we recommend you include a wide set of trustworthy roots. We made an example available as a PEM file here.
PEM file provided can be manually converted to PKCS12 with, for instance, OpenSSL tool.
I suspect, however, that installing a cert won't solve the issue. "Select SSL key" likely stands for client (i.e. YouTrack) certificate, which is not required by Gmail. Please check the following:
If IMAP is enabled in your GMail account
this recipe to make sure Gmail is not blocking new client application explicitly
I get the following kind of error or warning when I create a certificate. How can I fix it?
A valid signing identity matching this profile could not be found in your keychain
Select your particular device (UDID of the device you are using) when creating your provisioning profile.