Software Engineering Stack Exchange
Software Engineering Stack Exchange

Questions tagged [certificate]

An electronic document used in cryptography.

In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document which uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.

(from certificate tag wiki at Stack Overflow)

24 questions
21
votes
2 answers

Has anyone ever claimed a warranty on an SSL certificate?

SSL certificates often advertise varying amounts of warranties or guarantees, for example $500,000 or $1m. My question is, in the history of SSL, has anyone ever actually successfully claimed one of these warranties? Has there ever been a case? If…
Tom
  • 681
5
votes
1 answer

How can I obtain a CA certificate for my application if I do not own a business/company?

I have developed an application which I intend to sell. I set up a website with information and download links, advertising, payments, everything is ready to go - except the digital signature. I want to sign my application so that Windows and…
Justin8051
  • 333
5
votes
1 answer

Implementing Digitally signed data in a Web Application

I understand PKI well from a conceptual point of view - i.e. private keys/public keys - the math behind them, use of hash & encryption to sign a certificate, Digital Signing of Transactions or Documents etc. I have also worked on projects where…
user93353
  • 431
5
votes
1 answer

Java solution for mutual authentication with smart card

I need to develop a Java solution for mutual authentication between Tomcat 6 (server) and SmartCard "IDGo 300" (client). In order to do this I thought of the following scheme: 1.Tomcat (server) send to SmartCard (client) the request of his digital…
xfocus
  • 51
3
votes
1 answer

What is the best practice(-s) for managing many certificates?

Situation: In our system there are a lot of certificates. Some of them are used to secure HTTPS endpoints. Many more of them are used as a means of authenticating our system to an external system (we integrate with over a dozen of other systems).…
Vilx-
  • 5,420
3
votes
1 answer

Is is ok to sign SSL by an authority while developing a web application?

I am currently working on a web application page, my boss sees the changes online while i still make the changes, sometimes the page is shown to some clients in order to get feedback while it's still on development.. At this point i have added a…
Oscar Reyes
  • 153
3
votes
2 answers

Pem certificate in mobile app

I am developing a cross platform app that can handle payments, the online payment service issued a certificate for my use, thus I have a .pem certificate and within it there is 2 actual certificates and my private key. The problem is that I can't…
NicolasZ
  • 133
3
votes
2 answers

Committing https certificates to Github...is there ever a good reason for this?

If a server certificate is published to Github, a la: -----BEGIN CERTIFICATE----- is that necessarily a bad thing? Is there ever a legitimate reason to do this? I ask because of a recent wave of attention Github has gotten since allowing users to…
yurisich
  • 1,391
  • 1
  • 11
  • 17
2
votes
3 answers

iOS App Signing and Certificates

In order to sign an application for the Apple App Store, we need to create a certificate by saving a certificate request file from keychain and then upload it to the Apple store. I was wondering, what does this certificate request file…
Abcd Efg
  • 123
2
votes
2 answers

Programming certificates

Possible Duplicate: Are certifications worth it? I'd be glad to hear your opinions on which programming certificates are the most widely recongnized in the industry and how useful are they actually. I've googled a lot this question but I've never…
user43051
  • 121
1
vote
1 answer

Where to include a pfx certificate in a http request?

I would like to understand what happens in a request which includes a .pfx certificate to authenticate to client to the server. I know how to implement this in python or use it in postman, but I don't understand what happens in the background. In…
user3933039
  • 11
1
vote
1 answer

Is there a best practice for storing certificates (e.g. x509), which include private keys, used in unit tests?

In a software library, I wrote, large parts of the code use x509 certificates for various purposes like signing documents digitally. Is there a best practice for storing test certificates used for the unit tests? Should they be stored in git/the…
Bahaa
  • 137
1
vote
1 answer

Secure Admin-pages-only login without HTTPS

I'm adding admin dashboard to a website that doesn't use HTTPS. For now only that (admin) section requires user authentication. If I use encrypted + salted password and check the client IP address to allow only couple of IP-s to be logged in, will…
sny
  • 113
1
vote
0 answers

iOS Push Notifications Certificate Sync Cert to Servers

I'm not sure if this is the correct form to be posting this on Stack Exchange. If not I apologize in advance and hope someone can point me in the right direction of where to post. I have a AWS Load Balancer with multiple EC2 instances all handling…
Charlie Fish
  • 177
1
vote
1 answer

Problem : Certificate for multi Clients of WCF

If My WCF service have big number of clients through the Internet,then whether should all of them share the same Client Certificate(X509)? And if their certificates should be unique , what should I do on the WCF to identify all the…
Andrew Carl
  • 125
  • 4
1
2