Stack Overflow
Stack Overflow

Questions tagged [root-certificate]

In cryptography and computer security, a root certificate is either an unsigned public key certificate or a self-signed certificate that identifies the Root Certificate Authority (CA). A root certificate is part of a public key infrastructure scheme.

65 questions
19
votes
4 answers

How to make GitLab Runner in Docker see a custom CA Root certificate

I have installed and configured: an on-premises GitLab Omnibus on ServerA running on HTTPS an on-premises GitLab-Runner installed as Docker Service in ServerB ServerA certificate is generated by a custom CA Root The Configuration I've have put…
Andrea Ligios
  • 49,480
  • 26
  • 114
  • 243
17
votes
3 answers

How to point OpenSSL to the root certificates on an Android device?

I've managed to cross-compile OpenSSL for ARMv6 for use with the Android NDK and get it to run within my application. However, when attempting to establish an HTTPS connection to a well-known host (such as https://google.com), I always receive the…
Nathan Osman
  • 71,149
  • 71
  • 256
  • 361
13
votes
1 answer

how do I update root certificates of certifi?

I am using certifi python module to verify ssl connections. I looked at the root certificates included in certifi (python2.7/site-packages/certifi/cacert.pem) and some of those certificates have expired. How do I update those certificates? I tried…
vishal
  • 1,081
  • 2
  • 10
  • 27
12
votes
2 answers

How to force older debian to forget about DST Root CA X3 Expiration and use ISRG Root X1 - SSL certificate problem: certificate has expired

This relates to DST Root CA X3 Expiration (September 2021) When searching online for a fix to apply on an older server (Debian 8 in my case) that does call to sites encrypted with letsencrypt with curl, they now seem to fail with the following…
GabLeRoux
  • 16,715
  • 16
  • 63
  • 81
12
votes
2 answers

Programmatically read root CA certificates in iOS

The following code reads out the root certificates in macOS. I just wonder what are the equivalent code in iOS? https://github.com/HaxeFoundation/hxcpp/blob/7bd5ff3/src/hx/libs/ssl/SSL.cpp#L455-L491 CFMutableDictionaryRef search; CFArrayRef…
KevinResoL
  • 982
  • 8
  • 19
11
votes
1 answer

Trusted Root Certificates in DotNet Core on Linux (RHEL 7.1)

I'm currently deploying a .net-core web-api to an docker container on rhel 7.1. Everything works as expected, but from my application I need to call other services via https and those hosts use certificates signed by self-maintained root…
MADMap
  • 3,132
  • 3
  • 25
  • 31
10
votes
2 answers

Load CA root certificate at runtime in Java

tl;dr: Using custom CA without adding it to persistent keystore. I am writing a Java application that should connect to a remote server using HTTPS. The code for the connection is ready, however the SSL certificate of the server was signed by…
Hexaholic
  • 3,299
  • 7
  • 30
  • 39
8
votes
2 answers

SSL Socket connection iOS

I am trying to setup a secure connection to a java run SSLServerSocket. I have created my own root CA, and have signed the certificate that the Java SSLServerSocket using this certificate. I want to add this root certificate to my app so that any…
ABC
  • 718
  • 8
  • 23
3
votes
1 answer

Retrieve and use Root-CA list of Microsoft or Mozilla and use it in Java?

The list of included root-CA certificates in OpenJDK for Windows is quite impressive but there are a lot of root-CA certificates that are trusted by common browsers like Firefox that are not trusted by Java. Both Microsoft and Mozilla publish their…
Robert
  • 39,162
  • 17
  • 99
  • 152
3
votes
0 answers

What privileges do "Microsoft Internet Authority" & "Google Internet Authority" certificates have?

Most of Microsoft's and Google's web sites use certificates signed by an intermediate authority such as "Microsoft Internet Authority" or "Google Internet Authority" which is subsequently signed by a trusted root authority. I've seen multi-domain…
Monstieur
  • 7,992
  • 10
  • 51
  • 77
2
votes
0 answers

How to accept a valid private CA root certificate for a WCF service in a .NET Core client?

I have a .NET Core 3 web service that consumes a third-party WCF service. The service is hosted on a server that's using a private root certificate which I need to trust, but only if it's valid otherwise (not expired and has valid signatures). I am…
JustAMartin
  • 13,165
  • 18
  • 99
  • 183
2
votes
2 answers

Preparing for renewal of AWS RDS public certificate in 2020 (Postgres)

I have a question related to the expiration of the Amazon rds-ca-2015-root certificate for Postgres databases which is scheduled to expire Mar 5 of 2020. I would like to prepare my java client software components so they have minimal downtime when…
Locutus
  • 444
  • 4
  • 12
2
votes
1 answer

Chaincode container can't connect to the local peer due to certificate signed by unknown authority

First of all I'd like to mention, that my setup works like a charm when there's no TLS enabled. It works even in Docker Swarm on AWS. The problem starts when I enable TLS. When I deploy my .bna file via Composer, my newly created chaincode container…
Messi Of DevOps
  • 43
  • 7
1
vote
0 answers

Where to find trusted root certificates on every OS to satisfy mbedtls?

I'm writing a cross platform websocket client using mbedtls. Now I'm left with the burden of feeding a suitable pack of trustet root certificates to the mbedtls API which looks like this: /* Structure to load trusted root certs into.…
glades
  • 3,778
  • 1
  • 12
  • 34
1
vote
0 answers

Https connection - using public key approach for secure connections

I'm using public pinning key approach for secure connection in app (android and iOS). As of now we're using public key approach where public key used in app having leaf certificate's key, you can refer to…
Pankaj
  • 833
  • 12
  • 35
1
2 3 4 5