/* Makecert.exe-n "cn = microshaoft X509 test-a"-sky exchange-pe-sv. PVK a.cerpvk2pfx.exe-pvk. PVK-spc. cer-pfx. pfx-F-po 123makecert.exe-n "cn = microshaoft X509 test-B"-sky exchange-pe-sv B. PVK B .cerpvk2pfx.exe-pvk B. PVK-spc B. cer-pfx B. pfx-F-po ABC */namespace consoleapplication {using system; using system. io; using system. text; using system. threading; using system. security. cryptography; using
It is mainly used for outputting certificate information , can also sign certificate request file, self-signed, convert certificate format , etc.The OpenSSL x509 tool does not use the settings in the OpenSSL configuration file, but is completely self-setting or uses the default value of the pseudo-command, which is like a complete small CA toolbox .[-caserial filename] [-text] [-MD2|-MD5|-SHA1|-MDC2] [-extfile filename] [-extensions section]There are
certificate is typically requested from the CA center, the encryption certificate and the RSA encryption private key are returned as a file in PFX format.Below, for these three types of certificate files, using OpenSSL to decode, get the corresponding X509 struct pointer. Note that the contents of the certificate file in the sample code refer to binary data, and
/or issuer name may be used repeatedly after a period of time, the x509-2 (X509) Certificate consists of two keys, usually called key pair, public key encryption, private Key decryption. Today, I want to give an in-depth introduction and understanding of X509, because X509 C
Research on creating an X509 Certificate and obtaining the certificate key
Author: Xiao Bo
Personal blog: http://blog.csdn.net/eaglet; http://www.cnblogs.com/eaglet
2007/7 Nanjing
Background
The format of the server SSL digital certificate and the client unit digital certificate complies with the X.509 standard. X.509 is a digital certificate standard developed by the ITU (ITU-T. In order to provide public network user directory information services,
In the previous article, "CSP: Using CryptoAPI to decode X509 certificate content," describes how to use CryptoAPI to decode the certificate file to get the pccert_context method of the certificate context handle. Let's go on to get the desired certificate entry through the certificate context handle. This article first describes how to get the base entry for a certificate, and later an article explains how to obtain an extension of the certificate.Th
unsecured network to prevent hackers from eavesdropping and attacking.
SSL (Secure Sockets Layer) can be used to encrypt the flow of data between the Web server and the client.
SSL encrypts data using asymmetric cryptographic techniques. The encryption process uses two keys: a public key and a corresponding private key. Data encrypted with the public key can only be decrypted with the corresponding private key, and the data encr
Please pay attention to the previous series of articlesDecode X509 certificate content using CryptoAPIParsing X509 Certificate Primitives using CryptoAPIThrough the previous article, we can use CryptoAPI to decode the X509 certificate file and parse the basic key of the certificate, this time we try to get the hash value of the certificate through CryptoAPI . The
X509 Certificate IntroductionThe digital certificate standard developed by the International Telecommunication Union (ITU-T), which I believe is well known, is now available in three versions, as far as I know, the. NET uses the concept of the X.509-2,x.509-2 version to introduce the principal and issuer unique identifiers to resolve the subject and/ or the issuer name may be reused after a certain period of time, the
background:
In the deployment of fabric, three local virtual machine nodes, a remote server node, the corresponding login user name has been cleaned up, the certificate error at startup:
gds@gds-virtualbox:~/goworkspace/fabric_deploy/xingye_test/vp1$./startpeer.sh 2017/08/02 09:49:56 setting number of Procs To-1, was 1 09:49:57.340675 [main] main-> INFO 001 User defined config file path:/home/gds/goworkspace/fabric_ deploy/xingye_test/vp1/09:49:57.343540 [Nodecmd] serve-> INFO 002 Security enab
Read into a CER file, CertCreateCertificateContext generate Cert_context. Cert_context there is a cert_info,cert_info in this data structure that has a subjectpublickeyinfo, Subjectpublickeyinfo is a data segment of the Publickey_info type , which holds the ID of the algorithm and the DER encoded public key. With this der Code, we can use other tools (such as OpenSSL) to parse the parameters of the public key. Unfortunately, the interfaces defined by CryptoAPI cannot handle DER encoding directly
The original is in http://bbs.pediy.com/archive/index.php?t-97663.html, but I think this article is very good, I copied down to make my notes withI. Analysis of X509 certificate 1. Read the certificate data from the certificate file on diskunsigned char* pbx509data; Certificate dataunsigned long Ulx509datalen; Certificate Data length 2. Get CertcontextPccert_context Pcertcontext = CertCreateCertificateContext (x509_asn_encoding, Pbx509data, UlX509Data
How WCF uses X509 certificatesHow to create a certificate:MAKECERT.EXE-SR localmachine-ss my-a sha1-n Cn=jiangserver-sky exchange-pe (service-side certificate)MAKECERT.EXE-SR localmachine-ss my-a sha1-n Cn=jiangclient-sky exchange-pe (client certificate)MAKECERT-SR localmachine-ss my-n cn=WCF server machine name -sky exchange-pe–rIntroduction to various parametersProperties parsing-srSpecifies the registry location in the certificate store. CURRENTUSE
: See MSDN.After the certificate is created successfully! —The configuration of the server config is very important, as follows:Binding= "mexHttpBinding"contract= "IMetadataExchange"address= "Mex"/> In this way, the basic simple X509 authentication method is configured and published to IIS. Run as follows:Error after--------------------------------------------------------------------------------------------------------
X.509 digital certificate is the most convenient authentication method in the Internet environment.
1. Create a digital certificate
X509 certificates can be used by the Certificate Authority (such as Verisign inc.exe to buy or use the makecert.exe tool to create temporary certificates used during development). Create a certificate. Make a certificate: makecert-Sr localmachine-SS my-N Cn = ejiyuan-sky exchange-pe-R.Reference: http://msdn.microsoft.
Use. NetAndX509Certificate Security Overview
Mainly for the currentXxxData Exchange Platform Design for secure data exchange;This solution is approvedPKITechnical implementation of message encryption,Signing and certificate management to achieve functional requirements for data exchange security. Introduction to PKI technology
PKIYes"Public Key Infrastructure"Stands"Public Key Infrastructure"Is an asymmetric password.AlgorithmUniversal security infra
In Internet-based WCF services, security is a very important part. There are many security modes in WCF. This time, we will consider using a limited server environment (such as a virtual host) to configure the message security mode for X509 Certificate authentication. Generally, in this extreme environment, it is difficult to implement SSL-based transmission security. Therefore, we consider deploying message security and
directory, CD to the directory, the following all the current path of the command is the directory1. Generate the private key key
1
openssl genrsa -des3 -out server.key 2048
After this step is completed, the Server.key file is generated under the Cert directory2. Generate a certificate request file CSR
1
openssl req -new -key server.key -out server.csr
This command first enters interactive mode, allowing you to fill in a bunch of t
the lantern in my hand is the enemy of the Dark Road before me .
Program.cs Code:
Class program
{
static void Main (string[] args)
{
Console.WriteLine ("X509 certificate Utility");
Console.WriteLine ("--------------------------");
Console.WriteLine ();
Console.WriteLine ("Please enter the path to the certificate (. cer) file:");
String location = Console.ReadLine ();
Appium when the environment is set up, run the first script again with this problem:Errors occurred during the build.Errors running builder ' Android Package builder ' on Project ' Myandroid1 '.Sun/security/x509/x500nameLooked up, said that the need to install Sun's JDK, but after the release of the installation version of the jdk1.7,jdk1.8, but also in Project's Java build path to specify the updated JDK, but still did not solve. will continue to tra
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.