Can’t load /root/.rnd into RNG
Try removing or commenting RANDFILE = $ENV::HOME/.rnd line in /etc/ssl/openssl.cnf
client-certificates
Using Client certificates for Windows RT (windows 8.1/windows phone 8.1)
The problem could be related to the validity of the certificate that you are using it. By default .Net refuses to establish https connection with invalid or not trusted certificate. Usually the certificate is invalid because it is generate by a non-trusted authority (self signed certificate) or because the address of the site is not … Read more
Forget which client certificate is used by Chrome for an URL
Restarting the browser will help and ask you again. Looking forward to see better solutions.
HTTP error 403.16 – client certificate trust issue
Windows 2012 introduced stricter certificate store validations. According to KB 2795828: Lync Server 2013 Front-End service cannot start in Windows Server 2012, the Trusted Root Certification Authorities (i.e. Root) store can only have certificates that are self-signed. If that store contains non-self-signed certificates, client certificate authentication under IIS returns with a 403.16 error code. To … Read more
How to use a client certificate to authenticate and authorize in a Web API
Tracing helped me find what the problem was (Thank you Fabian for that suggestion). I found with further testing that I could get the client certificate to work on another server (Windows Server 2012). I was testing this on my development machine (Window 7) so I could debug this process. So by comparing the trace … Read more
IIS 7 Error “A specified logon session does not exist. It may already have been terminated.” when using https
I ran across this same issue, but fixed it a different way. I believe the account I was using changed from the time I initially attempted to set up the certificate to the time where I returned to finish the work, thus creating the issue. What the issue is, I don’t know, but I suspect … Read more
How to debug SSL handshake using cURL?
I have used this command to troubleshoot client certificate negotiation: openssl s_client -connect www.test.com:443 -prexit The output will probably contain “Acceptable client certificate CA names” and a list of CA certificates from the server, or possibly “No client certificate CA names sent”, if the server doesn’t always require client certificates.
RESTful web service – how to authenticate requests from other services?
After reading your question, I would say, generate special token to do request required. This token will live in specific time (lets say in one day). Here is an example from to generate authentication token: (day * 10) + (month * 100) + (year (last 2 digits) * 1000) for example: 3 June 2011 (3 … Read more
Java HTTPS client certificate authentication
Finally managed to solve all the issues, so I’ll answer my own question. These are the settings/files I’ve used to manage to get my particular problem(s) solved; The client’s keystore is a PKCS#12 format file containing The client’s public certificate (in this instance signed by a self-signed CA) The client’s private key To generate it … Read more