A Certification Authority(CA) is a trusted third party which asserts the identity of a remote website.
References
Questions tagged [ca]
696 questions
271
votes
4 answers
How do you sign a Certificate Signing Request with your Certification Authority?
During my search, I found several ways of signing a SSL Certificate Signing Request:
Using the x509 module:
openssl x509 -req -days 360 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt
Using the ca module:
openssl ca -cert…
Bernard Rosset
- 4,523
- 6
- 27
- 29
210
votes
12 answers
HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK
I am using XAMPP for development. Recently I upgraded my installation of xampp from an old version to 1.7.3.
Now when I curl HTTPS enabled sites I get the following exception
Fatal error: Uncaught exception 'RequestCore_Exception' with message
…
Josnidhin
- 12,469
- 9
- 42
- 61
170
votes
13 answers
accepting HTTPS connections with self-signed certificates
I'm trying to make HTTPS connections, using HttpClient lib, but the problem is that, since the certificate isn't signed by a recognized Certificate Authority (CA) like Verisign,GlobalSIgn, etc., listed on the set of Android Trusted Certificates, I…
Morten
- 4,507
- 7
- 29
- 31
137
votes
4 answers
Does Java support Let's Encrypt certificates?
I am developing a Java application that queries a REST API on a remote server over HTTP. For security reasons this communication should be switched to HTTPS.
Now that Let's Encrypt started their public beta, I'd like to know if Java currently works…
Hexaholic
- 3,299
- 7
- 30
- 39
93
votes
2 answers
npm add root CA
I am looking for a way to add a custom CA to NPM so I can download from a location using said certificate (an internal git-server) without having to nuke all CA-checking with
npm config set strict-ssl false
Is there any way of achieving this or…
FrankyBoy
- 1,865
- 2
- 18
- 32
90
votes
6 answers
How to add Certificate Authority file in CentOS 7
I am trying to add certificate Authority (CA) file name - ca.crt to /etc/ssl/certs, for that I followed this article.
I copied my ca.crt file to /etc/pki/ca-trust/source/anchors/ and run the command below;
update-ca-trust extract
After that I…
Yogesh Jilhawar
- 5,605
- 8
- 44
- 59
78
votes
4 answers
why doesn't java send the client certificate during SSL handshake?
I'm trying to connect to a secure webservice.
I was getting a handshake failure even though my keystore and truststore have been set correctly.
After several days of frustration, endless googling and asking everyone around I found out that the only…
Jakub Hlavatý
- 1,097
- 2
- 9
- 17
52
votes
8 answers
Self-signed SSL Cert or CA?
I would like to have the authentication and registration parts of my website encrypted (for obvious reason). This site is currently and older site which some friends and I started in middle school and still use today. I may or may not register it…
Jim Keener
- 9,255
- 4
- 24
- 24
41
votes
4 answers
How does a ROOT CA verify a signature?
Say when using https, browser makes a request to the server and server returns its certificate including public key and the CA signature.
At this point, browser will ask its CA to verify if the given public key really belongs to the server or not?…
Sesh
- 5,993
- 4
- 30
- 39
30
votes
3 answers
Can I install self-signed drivers on 64-bit Windows without test mode if the self-signed CA root certificate is imported to the machine store?
Here is a great SO answer which covers the creation of self-signed CA and then signing executables with the obtained certificates: How do I create a self-signed certificate for code signing on Windows?.
I have read a lot of discussions online on how…
user130496
- 349
- 1
- 3
- 7
24
votes
2 answers
Programmatically add a certificate authority while keeping Android system SSL certificates
There are lots of questions about this topic on StackOverflow, but I do not seem to find one related to my problem.
I have an Android application that needs to communicate with HTTPS servers: some signed with a CA registered in the Android system…
Vincent Hiribarren
- 5,254
- 2
- 41
- 65
24
votes
1 answer
Using SSLContext with just a CA certificate and no keystore
I need to setup a javax.net.ssl.SSLContext for use in a Jersey-Client application. All I want to do is the context to accept a custom root ca certificate. Is is really true that there is no way around of generating a keystore file and importing the…
sudoremo
- 2,274
- 2
- 22
- 39
23
votes
6 answers
Git Clone Fails: Server Certificate Verification Failed
I've been unable to git clone just about any github repo because of this error
fatal: unable to access 'github_url': server certificate verification failed. CAfile: /home/ubuntu/.ssh/rel3_dodroot_2048.crt CRLFile: none
I've noticed a few other…
Msquared
- 842
- 1
- 6
- 13
22
votes
3 answers
Using node.js to verify a X509 certificate with CA cert
I am looking for a node.js way to verify a client certificate in X509 format with a CA certificate which was given to me (none of those are created/managed by me, my software only has to verify what is beeing sent to it).
I have found several…
user826955
- 3,137
- 2
- 30
- 71
20
votes
3 answers
Check in the onReceivedSslError() method of a WebViewClient if a certificate is signed from a specific self-signed CA
I would like to override the onReceivedSslError() of a WebViewClient. Here I want to check if the error.getCertificate() certificate is signed from a self-signed CA and, only in this case, call the handler.proceed(). In pseudo-code:
@Override
public…
Dev
- 7,027
- 6
- 37
- 65