windows,ssl,certificate , How SignedXml.CheckSignature verify the certificate


How SignedXml.CheckSignature verify the certificate

Question:

Tag: windows,ssl,certificate

Here I have a question about the principle of SignedXml.CheckSignature.

As we know, if we call the function with verifySignatureOnly = false, it can verify the certificate.

[ComVisibleAttribute(false)]
public bool CheckSignature(
    X509Certificate2 certificate,
    bool verifySignatureOnly
)

But how can it verify? According to my understanding, certificate should be a public key encrypted by CA private key. so CheckSignature can get the CA public key, then decrypt the certificate? I want to know how it works. Hope some one can help.


Answer:

It uses windows certificate store to build a certificate chain up to trusted root authority. When it is building the chain the method also verifies revocation status of the certificates (usually from CRLs of all authorities in the chain) to check if any of the certificates in the chain are still valid.

If there are links to OCSP in the certificates then the method could prefer to check OCSP status of these certificates but it depends on OS you are using (I think Win Xp didn't use OCSP but win 7+ does it by default).

If any of the checks the method performs fails, i.e. CRL not available or chain could not be built to a trusted root authority or certificate is revoked, then method returns false.


Related:


How does DNS server know the IP address of an SSL's URL?


ssl,https,dns
The SSL/TLS (https) protocol encrypts both of the web page url and its content. So I'm wondering how could the DNS server know the ip address of the requested url if it is encrypted? Any documented reference or idea?

Would using Vagrant be overkill? [on hold]


python,windows,ubuntu,vagrant,virtualbox
I'm a developer-hobbyist running Windows 8.1 on a Yoga 2 Pro. I mostly do Python/Django work but I think I'm gonna pick up Ruby soon. The thing is, Windows always seems to be the limiting factor for any project I want to pick up. Last time I tried to install...

How to make a website work only with https [duplicate]


asp.net,ssl,https
This question already has an answer here: How to force HTTPS using a web.config file 3 answers How do I make a website to work only with https? Is there any method to make my website work only if the protocol is https? For example let me say http://www.mywebsite.com,...

Batch - Comparing two txt files


windows,batch-file,text,comparison
I have some difficulties comparing two txt files with batch. I used the "findstr" function with many option matchings but none works (for example FINDSTR /I /V /B /G:file1.txt file2.txt). I have a first txt file as following: File1.txt Object 1 Argument 50 Object 2 Argument 10 Object 3 Argument...

Parsing the text file line-by-line using batch script (batch file)


windows,batch-file,scripting,cmd
So, I am programming in the batch script and I came across this issue. The following code will take yourwords.txt file and parse it. The existedWord variable will have the last word of the text file. So, everytime when I run this program it will only compare the user's input...

How to set the classpath in Windows Command Line correctly


java,windows,command-line,classnotfoundexception
I have made many attempts to enter a command to run a JAR file correctly from the terminal, and I am 100% sure that all the JAR files and such are in the given paths, but I keep getting a ClassDefNotFoundException. Does it have anything to do with the way...

How do you unblock the 993 port if your firewall settings is blocking it?


php,email,ssl
I am trying to retrieve my emails from Gmail using php. for writing the host name, this is my code: $hostname = '{imap.gmail.com:993/imap/ssl}INBOX'; I am getting this error: Warning: imap_open(): Couldn't open stream {imap.gmail.com:993/imap/ssl}INBOX in /home1/mtc/public_html/mtcerp/emailparser/email.php on line 10 Cannot connect to Gmail: Can not authenticate to IMAP server: [CLOSED]...

How to send Ctrl+S through SendKeys.Send() method to save a file(save as dialog)


c#,.net,windows,sendkeys
I need to save a file which is in an External application using SendKeys.Send() method. The keys needed to be sent are Ctrl+S. I wrote the below code, but its not working: SendKeys.SendWait("^%s?"); // to get the Save As dialog Thread.Sleep(5000); SetForegroundWindow(FindWindow(null, "Save As")); Thread.Sleep(5000); SendKeys.SendWait("xyz"); // Sending FileName ...

Recording the time of the start of a screen touch in PsychoPy on Windows


python,windows,touchscreen,psychopy
I'm helping to implement an experiment using PsychoPy on a Windows 8 tablet. It doesn't seem to be possible to get direct access to touch events through either PsychoPy, or the pyglet or PyGame interfaces. Most other sources I've found have referred to using mouse move events in place of...

Batch script ends after for loop


windows,batch-file
I've got a batch file that executes a program along with sequential (numbered) macros and calls another batch file that monitors when it is finished before it begins the next iteration. I can't use Start /wait or other "ordering" commands when launching the program because it is started with a...

Override .gitattributes text=auto in Windows


windows,git,gitattributes,core.autocrlf
This is pretty unintuitive: C:\python-tdl\examples\termbox>git config core.autocrlf false C:\python-tdl\examples\termbox>git commit termbox.py warning: LF will be replaced by CRLF in examples/termbox/termbox.py. The file will have its original line endings in your working directory. warning: LF will be replaced by CRLF in examples/termbox/termbox.py. The file will have its original line endings in...

PHP parse int wrong in XAMPP windows


php,windows,xampp,parseint
demo $code = '40001042901'; echo (int)$code; //intval($code) //same I test on linux (Ubuntu) that result is 40001042901 but on windows result is 2147483647, what wrong with that? XAMPP 1.8.3, PHP 5.5.15, Apache 2.4.10 (Win32)...

Why doesn't “go get gopkg.in/…” work while “go get github.com/…” OK?


windows,git,powershell,github,go
I try to use go get gopkg.in/fatih/pool.v2 to install pool according to Readme.md, but can't success: C:\Users\xiaona\Documents\GitHub> go get -v gopkg.in/fatih/pool.v2 Fetching https://gopkg.in/fatih/pool.v2?go-get=1 https fetch failed. Fetching http://gopkg.in/fatih/pool.v2?go-get=1 import "gopkg.in/fatih/pool.v2": http/https fetch: Get http://gopkg.in/fatih/poo l.v2?go-get=1: dial tcp 107.178.216.236:80: ConnectEx tcp: A connection attempt failed because the connected party did not...

How to create a private certificate for connecting to a website


apache,ssl,privatekey,digital-certificate,self-signed
My apologies if this is a duplicate, I may just not be using the correct terminology in my queries to find what I am looking for. I have a vendor that sent me a certificate to install in my browser so that we can access their website. We cannot get...

Wildcard SSL - Which to chose and what is the key differences?


ssl,https,certificate,ssl-certificate
I have been left in confusion for quite some time in deciding which CA should i approach to obtain a SSL certificate. Much comparison has been made from different CA but I do not see what is the key differences that sets each other apart except the price they offer....

Error when adding VideosLibrary capability in app's manifest file


c#,windows,windows-phone,windows-10,windows-10-mobile
According to the documentation, capabilities must be declared when an application requires programmatic access to certain user resources such as the Videos Library. This page of the documentation also states: All Windows Phone capabilities are not available for apps being developed specifically for Windows 10 Insider Preview. I am building...

NPM Error: self signed certificate in certificate chain


ssl,npm,tsd
I am following the Angular 2 quick start guide and I'm stuck right at the beginning of it. My company is filtering our network connections and modifying SSL negociation. In a man in the middle style they assign a self signed certificate as the CA of the destination's certificate. Therefore...

Java read bytes from Socket on Linux


linux,windows,sockets,network-programming,raspberry-pi
I'm trying to send a file from my Windows machine to my Raspberry-Pi 2, and I have a client and a server. The client should be able to send a zip file over the network to my server on my linux machine. I know my client and server work on...

Application is missing required files


c#,.net,windows,winforms,sharpdevelop
Pic of Error: http://s23.postimg.org/7uj6qcxtn/9708083373e57a9ec91e4296e302f88e.png Cannot Download the Application. The Application is missing required Files. Contact Application Vendor For Assistance. So I'm building a windows form application using SharpDevelop 5.2 and I'm trying to make a standalone/version someone else would be able to use on another machine. In sharpdevelop (and visual...

Should I use different WSAOVERLAPPED struct for WSASend and WSARecv?


windows,sockets,winsock,winsock2
I'm developing a server-client application using WinSock. Does using the same WSAOVERLAPPED with both WSASend and WSARecv works well? Should I use different WSAOVERLAPPED struct for WSASend and WSARecv?...

Listing directories by content size using C# [closed]


c#,.net,windows,linq
I'm trying to list all folders of my c drive excluding the document folder which i do not seem to have access to. This first seemed rather simple to me but i found myself still struggling with it despite the seemingly rich .net library. I can't post any code as...

How to disable common name check in SSLContext in java?


java,ssl,jersey,jax-rs,ssl-certificate
I am using SSLContext so set up Jersey client, and need to disable the common name check in order to avoid unnecessary issues. However, I can find no documentation as to how we can do it correctly. So is the common name check disabled by default in SSLContext (assuming using...

What is the max length of a share path in windows?


c#,windows
As I read in the MSDN site, for example, the maximum path on drive D is "D:\some 256-character path string" where "" represents the invisible terminating null character for the current system codepage. But when I was created a share with a long path (more than 100 symbols) they trim...

ffmpeg: wmv files generated on Mac can't be played in Windows


windows,osx,ffmpeg,file-conversion,wmv
On Mac OS X 10.6.8, I converted a animated gif to a video file in wmv (a requested file format) by using ffmpeg -i File.gif -s 400x400 NewFile.wmv The video file played fine using VLC on Mac. The file can't be played on a Windows 7 machine using the Windows...

String manipulation with batch scripting


windows,string,batch-file,space
I need to save the variable in %%c temporarily which comes from a for loop. But when I try to do that, the content changes unexpectedly. Some space characters appear at the end of the string. The content of %%c is a.jpg by the way. echo %%ca REM prints a.jpga...

sys.argv in a windows environment


python,windows,python-3.x
I'm attempting to learn python using the book 'a byte of python'. The code: import sys print('the command line arguments are:') for i in sys.argv: print(i) print('\n\nThe PYTHONPATH is', sys.path, '\n') outputs: the command line arguments are: C:/Users/user/PycharmProjects/helloWorld/module_using_sys.py The PYTHONPATH is ['C:\\Users\\user\\PycharmProjects\\helloWorld', 'C:\\Users\\user\\PycharmProjects\\helloWorld', 'C:\\Python34\\python34.zip', 'C:\\Python34\\DLLs', 'C:\\Python34\\lib', 'C:\\Python34', 'C:\\Python34\\lib\\site-packages']...

Programmatically close Windows console application c++


c++,windows,mutex,handle
I need my windows console application to be run only in one instance (i.e. Only one instance of the application can be run at a time). Here's what I have: int _tmain(int argc, _TCHAR* argv[]) { PCTSTR Name = TEXT("AnyName"); HANDLE h = CreateMutex(NULL, FALSE, Name); if (GetLastError() == ERROR_ALREADY_EXISTS)...

Execute a batch file before executing in a shortcut (.lnk)


windows,batch-file,lnk
I have multiple versions of a program called Siemens NX. NX uses environmental variables for configuration. I need NX 10.0 to use a different set of environmental variables than my NX 7.5 which uses the system environmental variables. Therefore, I have written a batch file that setups the environmental variables...

Run server in cmd in Windows


php,windows,wamp
I created a simple client server codes in PHP and I run it through Wamp server localhost in browser. It works but when I run it in cmd, the output looks like this : c:\wamp\www\Converter>php testserver.php PHP Fatal error: Call to undefined function socket_create() in C:\wamp\www\Converter\testserver.php on line 15 PHP...

Suppressing system command called from awk script


windows,awk,system
I am currently running this script in Windows 7. So, I have a program that is meant to color-code output from another command (mkmk) and tally up varying numbers of errors and other notable stats, etc. So right now, it starts as a batch file which Turns off echo Sets...

How can i get Certificate issuer information in python?


python,ssl,certificate
I want the 'issued to' information from certificate in python. I try to use the SSL and SSLSocket library but did not happen. ...

ArgumentError - unknown SSL method `TLSv1_2'


ssl,amazon-s3,carrierwave,fog
I am trying to move my AWS integration over TLS instead of SSLv3, but I'm receiving an error when trying to set the config.fog_credentials as another SO post has suggested, but I am receiving the ArgumentError above (unknown SSL method 'TLSv1_2'. I am open to a different solution to move...

serving GAE applications over http


java,google-app-engine,ssl
I have implemented an application on GAE which can be accessible through https://<my_app_id>.appspot.com. Now I have a custom domain registered with Register.com. As described in GAE documentation I have mapped my custom domain to https://<my_app_id>.appspot.com and I see my application getting served from my custom domain. But I see requests...

I cannot use the msg command in cmd (or batch for that matter). How can I fix this?


windows,batch-file
While in cmd or making a batch file, I cannot use the command msg. When I try to use it, it returns the error msg is not recognized as an internal or external command, operable program or batch file." I'm pretty sure the error is that im missing a msg.exe...

Increment Serial Number using EXIF


windows,powershell,command-line,exif,exiftool
I am using ExifTool to change the camera body serial number to be a unique serial number for each image in a group of images numbering several hundred. The camera body serial number is being used as a second place, in addition to where the serial number for the image...

bat file script to check if string contains other string


windows,batch-file,cmd
I need to write a batch file that will check if a variable contains specific value. I tried to do the following: If "%%a"=="%%a:%pattern%" ( echo Yes ) else ( echo No ) input example: %%a="bob binson" %patern%="binson" I never get Yes printed! can anyone please tell what i missed...

String parsing with batch scripting


windows,string,parsing,batch-file,xml-parsing
I have a file called pictures.xml and it contains some pictures information like: <ResourcePicture Name="a.jpg"> <GeneratedPicture Name="b.jpg"/> <GeneratedPicture Name="c.jpg"/> </ResourcePicture> <ResourcePicture Name="z1.jpg"> <GeneratedPicture Name="z2.jpg"/> <GeneratedPicture Name="z3.jpg"/> <GeneratedPicture Name="z4.jpg"/> </ResourcePicture> What I want do do is to get each line in for loop and print the names of the pictures. Sample...

Now that SSLSocketFactory is deprecated on Android, what would be the best way to handle Client Certificate Authentication?


android,ssl,okhttp,pkcs#12
I am working on an Android app that requires Client Certificate Authentication (with PKCS 12 files). Following the deprecation of all that's apache.http.*, we have started a pretty big work of refactoring on our network layer, and we have decided to go with OkHttp as a replacement, and so far...

Why does Windows Server 2008 think Italy should be in W. European Time?


java,windows,timezone
Why does MS Windows (specifically server 2008 here) consider Italy to be in W. European Time when (I think) it should be in Central European Time according to every other source I can find? TZUtil /g gives: W. Europe Standard Time The control panel shows: (UTC+01:00) Amsterdam, Berlin, Bern, Rome,...

SSL/TLS: Why will the server be the only one to be able to decrypt the encrypted number if it's a public key?


ssl,encryption
Wouldn't anyone else be able to decrypt it too using the public key? Or is it saying that it will be decrypted with a private key. If that's the case how could something be encrypted with one key and decrypted with another? This is in reference to this wikipedia article....

Unable to edit netbeans.conf


java,windows,netbeans
I am trying to modify 'netbeans.conf' located at following path: C:\Program Files\NetBeans 8.0.2\etc When i modify the file; add -J-Dfile.encoding=UTF-8 In Notepad, it is not allowing me to save the original file. In Notepad++, it says 'please echeck if this file is opened in another program'. Netbeans is installed in...

Apache - finding configuration file path


windows,apache,server
I have to migrate another apache instance from 2.2 to 2.4 but I have one problem. In Apache monitor I see multiple services running but I don't really know where apache .conf files are stored. In previous migrations from 2.2 to 2.4 I had them somewhere within conf folder. Apache...

Rails, DNSimple, Heroku and SSL - do I need a certificate?


ruby-on-rails,ssl,heroku,dnsimple
So I'm currently deploying my app via Heroku. I noticed that in my-app-name.herokuapp.com has HTTPS, so if I do config.force_ssl = true in my environments/production.rb it seems like I have wildcare SSL, right? Now I'm using DNSimple to get my actual name - call it my-app-name.com. Which currently resolves to...

Automate MySQL backup @localhost with mysqldump in Windows 8


mysql,windows,operating-system,scheduled-tasks,mysqldump
I'm trying to set up a task in Windows 8 to automate my localhost db dump. I've created the task to run daily with the following command line: C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqldump.exe and parameters: --user=root --password=donttellya --result-file=dumped.sql mydb It works but doesn't terminate (running in the tasks list). Also, I'd...

Starting a tls communication with python asyncio


python,ssl
I have some python code snippet that uses asyncio and initiates a "plain" connection: loop = asyncio.get_event_loop() coro = loop.create_connection(lambda: MyCustomClassProtocol(loop), sock=client_socket) loop.run_until_complete(coro) The point is my plain connection switches to a tls one once some exchanges have happened. In the traditional way one would do this: ssl_sock = ssl.wrap_socket(client_socket,...

How to execute four queries once and then check success or failure?


vb.net,windows,visual-studio-2010,ms-access
I need to execute four queries and then if there is success must return true otherwise false. The queries affect the database but the function returns false Private Function save_to_data() Dim success As Boolean = False Dim conn As OleDbConnection = GetDbConnection() Dim total_due As Decimal = sanitize(txt_total_due.Text) Dim amount_paid...

Wildfly mysql with SSL


mysql,ssl,wildfly
I have a web app using a mysql database as its data store. It is currently running in Glassfish and talking to that mysql database with SSL. I am thinking about migrating to Wildfly but I can't seem to create a Wildfly datasource that will talk to the mysql database...

ssl certificate with and without www


apache,ssl
I have a website that installed a ssl certificate for the name of www.example.com. It works fine for https://www.example.com. But it doesn't work for https://example.com. The browser gave me Error code: ssl_error_bad_cert_domain. I am using Apache 2. I tried to rewrite the url to add www in httpd-ssl.conf, see the...

Subject Alternative Name not present in certificate


ssl,openssl,ssl-certificate
I have generated a CSR that includes the field subject alt names: openssl req -out mycsr.pem -new -key mykey.pem -days 365 When I inspect this it looks as expected with a new field present: X509v3 Subject Alternative Name: DNS: my.alt.dns However when I use this to sign a certificate that...

UAC error while installing Xampp 1.8.35 on windows 8


windows,xampp,localhost
I am trying to install xampp but before installation it gives me the following error: I have disabled UAC and it gives me this error.When I press ok and install the thing anyway it still won't let start apache and my sql up. Also installation was done in Program file...