Free Code Signing website

Dear all,
I found a free Code Signing website (http://www.ascertia.com/OnlineCA/codesign.aspx?linkID=40) and I followed their guide (How does object signing work with Ascertia Code Signing Digital IDs). In the step 4 in their guide, I met blow error message.
C:> keytool �import �alias MyCert �file TestNew.cer
keytool error: java.lang.Exception: Failed to establish chain from reply
If someone available could you visit their website and test their free code signing service? I�m not sure about where is the source of this error, my side or their side. If someone success the code sign their site, can you explain your steps? I will appreciate your reply.
Thank you,

Hi,
what file format did you use when you exported the certificates? I used p7b and when it asked to browse for the file , i used the same file (certficate) that was generated by ascertia site. am i doing the right thing?? after i exported all the certificates, i used the import command to import my certificate which is the p7b file, and i got the error message public keys in reply and keystore dont match.
according to their instructions, it mentions that I should submit the CSR that i get after i execute certreq command , then save the CSR as .cer then execute the import command. I got the error message, failed to establish chain from reply.
so i followed your instructions about the p7b file, and it didnt work for me. i might be doing something wrong when i export the certificates.
could you please give me instructions on how to do that.
I appreciate your help.
Thanks
M

Similar Messages

  • Code Signing the binaries in WebSite Project

    Hi,
    To do code signing automatically when building the project, Post-build
    event is used. Command-line will be given in post-build event and signing,timestamping will be done on successful build. Post-build event option is available for Windows Application,Web Application. But for WebSite Projects, there are
    no post-build events.
    Kindly let me know is there are any alternate option for automatically signing
    the Website Project after publishing the project. Please let us know if there is any option
    through IDE.
    Shankar S

    Well, a few weeks ago this site used a .dmg as an example, but since have changed the example to be for .app:
    http://www.digicert.com/code-signing/mac-os-codesign-tool.htm
    And I misunderstood the development team I support.  I thought they were signing their .dmg with a self-signed test certificate during development but it turns out they were not. 
    Can someone from Apple Support please list the file types that codesign in OS 10.6.7 will sign?

  • Which type of code sign should I buy? simple of EV one?

    Hi,
    I have a desktop application which I need to publish to windows store. I have signed for developer account but now I need to sign my desktop app and for this I need to buy code sign certificate. I have decided to buy digicert one, but my question is which type
    of code sign will I require? There is two types, one simple and one EV code sign. 
    Will simple code sign serve my purpose of submitting my current desktop app to windows store?
    Also can I use the same simple code sign certificate (not EV code sign) to sign my metro style apps created by me later?
    Thanks.

    Some will say none. That they have never used a screen protector and never will. Others always use them. I'm one of the latter. I have a Zagg screen protector on my iPad. They are expensive but they come with a lifetime warranty, so if it gets damaged protecting your device they exchange it for free.
    I have found that you get what you pay for with screen protectors. Buy a cheap thing off amazon, you'll get a cheap thing that probably won't stay on your device.

  • No binaries found for Verification issue in MPR Code Signing Test case

    Hi,
    We are trying to certify our WebSite Application as Gold Certified and to become Gold Certified Partner. We have run a MPR Test and while verifying the Code Signing test case, it shows that
    "No binaries found for verification". But the test case result is
    passed. Below I have placed screen shot for the same. We have signed all our Application related DLL's(Page related DLL's. Please let us know about this issue.
    Shankar S

    Hi Shankar,
    To the MPR Tool, it does not appear that you have installed any binaries.
    As you mention that your website contains DLLs, these have either not been installed via your MSI package or have already been installed before the test began.
    The tool will prompt when to Install, when to perform Primary Functionality, and when to Uninstall.
    If your website was already installed prior to beginnign test, you must retest.
    As you are applying for Gold level, assure you are testing on Server Core.
    Hope this helps,
    -Logo

  • Code signing and Timestamp Server Error

    Warning: I’ve got exactly 2 days experience with AIR
    but a client wants to add file IO capabilites to a
    touchscreen/Flash application we developed and AIR seems to be our
    only choice.
    From CS4 I can publish an AIR 1.5 application with a self
    signed code certificate but I get the error “Could not
    connect to timestamp server”, I can then disable the
    timestamp and get the warning: “If the AIR application is not
    timestamped, it will fail to install when the digital certificate
    expires. Are you sure you want to disable timestamping?” I
    can proceed without the timestamp and everything seems to work.
    So I’m wondering, when does my certificate expire? I
    think I might have read 5 years. What do my clients do if they have
    to reinstall the application after 5 years? Make them pay for
    another copy ;-) Lastly, how do I avoid the timestamp error? Sign
    up with a CA like VeriSign at $500/yr, not gonna happen for just
    one client.
    Sorry to sound a little testy but I could have written
    exactly the same application in Director and not had to worry about
    this code signing business.

    You need to have a network connection for timestamping to
    work. If that network connection uses a proxy server, you may also
    need to set up the JRE to use that proxy (See
    http://www.java.com/en/download/help/5000020600.xml).
    When the certificate expires, the AIR file can't be used
    anymore if there is no timestamp.
    A timestamp verifies that the certificate was valid when the
    AIR file was signed, so the AIR app can be installed even after the
    cert expires when a timestamp is present.
    Timestamps do not require a Verisign, or any other commercial
    certificate. The service is free.

  • Code Signing Certificate Options

    Hi Guys,
    Have just finished and Air application and need to sign it before distribution.  Anyone got any good advice on the pros and cons of the various Code Signing options for Adobe Air out there?
    Richard

    I have just created a self-signed code-signing certificate, I used XCA to generate it which is a front-end for openssl. Obviously being generated from a self-signed rootCA it is not going to be trusted by the outside world but it is good enough for an internal Profile Manager setup since the enrollment process will automatically trust your own self-signed rootCA.
    Anyway, when trying to install it I did come across a gotcha which might help you and others here. I found that if I imported the certificate in to Keychain Access e.g. by double-clicking on it, then Server.app did not list it as an available certificate for Profile Manager code-signing. However if instead I used the option in Server.app under Profile Manager to import the code-signing certificate it was accepted.
    In theory importing via Keychain Access should work as well but it did not, so if you have been doing it that way try importing via Server.app instead.
    If you have already imported it via Keychain Access just delete it from your Keychain and try again.
    With regards to the suggestion from ajm_from_WA for buying one from www.ssls.com I could not find any code-signing certificates listed on their website. These are different to ordinary website certificates.

  • How do I edit the GlobalSign Root CA so that it will enable Code Signing?

    I'm trying to install Thayer's Birds of North America Software, Version 5.5. The Error 1330 arose, and Thayer's website's instructions are for Internet Explorer. Error 1330 pertains to the digital certificate, according to Thayer's instructions. The instructions say to check the box for "Code Signing" under the "Enable only the following purposes" radio button. I can't find a way to edit the these properties. I'm using Windows 7, 64-bit.

    I would assume that software makers is the Firefox equivalent for code signing.
    Is this a problem with accessing a website or is this something else?
    Can you post a link or attach a screenshot to clarify this?
    *http://en.wikipedia.org/wiki/Screenshot
    *https://support.mozilla.org/kb/how-do-i-create-screenshot-my-problem
    Use a compressed image type like PNG or JPG to save the screenshot.

  • AIR application code signing?

    I have a code signing certificate from StartSSL.com.
    After validation I only get a yellow question mark in the application installer.
    That is already better than the red exclamation mark with a self-signed certificate.
    Can someone give me an example of an AIR application out there that has ALL GREEN in the install dialog?
    What certification authority do I need to sign up with to get an ALL GREEN installation dialog?
    Thanks,
    David

    Hy David, this is an answer I got from StartSSL.
    Have you tried to install your application using the Adobe AIR 2.0 Runtime? It would be interesting to know, how your install dialog looks there.
    Hi Beat,
    On 05/10/2010 08:22 PM, From Beat Besmer:
    Dear Sir or Madam
    I have a rather simple question: Will I be able to sign an Adobe AIR Application with the “Start SSL Verified” Object Sign Feature? I have not found any information on this on your Website or the FAQs.
    It depends what the basis for the trust anchor is, but I suspect since Adobe doesn't support the StartCom root yet, there will be probably a warning for this type of application.
    So far Windows, Apple and Mozilla applications and extensions are supported.
    Regards
    Signer:
    Eddy Nigg, COO/CTO
    StartCom Ltd.
    Twitter:
    Follow StartSSL™
    XMPP:
    [email protected]
    Phone:
    +1.213.341.0390

  • Managing Windows Phone's and Symantec Code Signing certificate

    Hi,
    We need to renew the code signing certificate from Symantec. However, we only use it to manage the Windows Phone devices and don't publish apps. Do we still need to spend $300 on renewing this cert? Can't I manage them for free like our iOS and Android devices?

    You REQUIRE the Symantec Code Signing Certificate to manage Windows Phones via Windows Intune. This is a requirement of the device rather than the management solution.
    You CAN manage Windows Phones without this cert using only Exchange active sync management in Intune. However this management is very basic and has no advanced features (basically the features provided by Exchange rather than Intune).
    Gerry Hampson | Blog:
    www.gerryhampsoncm.blogspot.ie | LinkedIn:
    Gerry Hampson | Twitter:
    @gerryhampson

  • Code-signing Certificate Provider for Mavericks Server?

    Our Digicert Code Signing Certificate [which worked fine in Mountain Lion Server but doesn't work in Mavericks Server no matter what I try] is about to expire, and I'm wondering if anyone could recommend a vendor whose code-signing certificates definitely work with Mavericks Server?

    I have just created a self-signed code-signing certificate, I used XCA to generate it which is a front-end for openssl. Obviously being generated from a self-signed rootCA it is not going to be trusted by the outside world but it is good enough for an internal Profile Manager setup since the enrollment process will automatically trust your own self-signed rootCA.
    Anyway, when trying to install it I did come across a gotcha which might help you and others here. I found that if I imported the certificate in to Keychain Access e.g. by double-clicking on it, then Server.app did not list it as an available certificate for Profile Manager code-signing. However if instead I used the option in Server.app under Profile Manager to import the code-signing certificate it was accepted.
    In theory importing via Keychain Access should work as well but it did not, so if you have been doing it that way try importing via Server.app instead.
    If you have already imported it via Keychain Access just delete it from your Keychain and try again.
    With regards to the suggestion from ajm_from_WA for buying one from www.ssls.com I could not find any code-signing certificates listed on their website. These are different to ordinary website certificates.

  • SSL/Code Signing Certs. Vanished!?!?

    ever since i have upgrade to OS X 10.10 and OS X Server 4 i have been experiencing random problems. 2 Days ago my server alerted me saying there were no valid certificates, and its falling back to a fallback SSL certificate. I have no idea what happened. I went to my keychain access and i have all certificates listed. I am not to familiar with OS X Server, I've only had it since June 2014. I have tried to create certificates and Server tells me it fails. Also since the upgrade i have felt my Open Directory has been acting up. I say this because network users are not showing up on any computers anymore. I can't turn on Profile Manager anymore. I have no code signing certificates either. Also ever since the upgrade i haven't been able to access websites outside of my network. I also couldn't add them to the access. Some services are only available at .local, some are available at my ISP IP, and some are available at my FQDN...I don't understand what has happened since the upgrade as i felt everything went fine. oh and also since the upgrade, it doesn't look like my server has been backing up which really ****** me off! Any help will be most helpful.

    Unfortunately, I don't exactly have an answer, but for what it's worth: This happened to me as well after I removed an existing OD Master from my Server after I upgraded to Server v4 and OD was behaving badly. After I destroyed the OD, suddenly the certificate was just deleted from /etc/certificates as well as the System keychain – although it was configured to secure all other services as well!
    I wasn't able to import the files from a Time Machine backup either, since I didn't export them to .pk12 before. You might have luck with reimporting your certificates from a Backup (path/to/tm-backup-HDD-root/etc/certificates/your-server-hostname.longstringgib berish.pem-or-key) using the command in this thread: http://superuser.com/a/846313 (original answer: http://stackoverflow.com/questions/8874164/export-public-key-from-keychain-acces s/11979625#11979625)
    BUT: They only talk about importing certs you previously exported with Keychain, so I don't know if it'll work with the files from /etc/certificates.
    So a piece of advice for the future: Before upgrading/updating your Server, export your SSL certificates to .pk12 so you can re-import them to the System keychain. I ended up restoring the Server from a backup from 2 hours before the certs vanished – which produced a whole lot of other problems. Upgrading to Server v4 seems as buggy as previous upgrades …
    /EDIT
    I just re-read your post, and if the certs are still showing up in your System keychain (not the login!), this might do the trick already: OS X Server: Access Controls might prevent a certificate identity from working with Server services - Apple Support

  • How to use Java code signing certificate in oracle 11i

    Hello,
    I am try to configure java code signing certificate in 11.5.10.2 application. we got java sign certificate from verisgin. SA's imported the certificate and created alias XXX_XXX with password and passphrase.
    I am able to see the my certificate. keytool -list -v -keystore xxx_xxxx.jks -storepass Password.
    how do I use it. I am using Enhance Jar Signing for EBS DOC ID 1591073.1.
    could you please give me some advice on it?
    Thanks
    Prince

    Hussien,
    I find out apps keystore keypassword and storepassword, I imported the java code sign certificate. I generated Jar files through adadmin, but I am getting  warning error
    adogif() unable to generate Jar Filers under JAVA_TOP.
    executing /usr/jdk/jdk1.6.0_45/bin/java sun.security.tools.JarSigner keysotre **** -sigfile CUST Signer /apps/......
    Error JarSigner subcommand Exited With status 1.
    No standard output from jarsigner JarSigner error output: Exception in thread "main" java.lang.NoClassDefFoundError: sun/security/tools/JarSigner Caused by: java.lang.ClassNotFoundException: sun.security.tools.JarSigner         at java.net.URLClassLoader$1.run(URLClassLoader.java:202)         at java.security.AccessController.doPrivileged(Native Method)         at java.net.URLClassLoader.findClass(URLClassLoader.java:190)         at java.lang.ClassLoader.loadClass(ClassLoader.java:306)         at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)         at java.lang.ClassLoader.loadClass(ClassLoader.java:247) Could not find the main class: sun.security.tools.JarSigner.  Program will exit. WARNING: The following path(s), defined in /apps2/property/product/tst/appl/cz/11.5.0/java/make/czjar.dep as elements of the output:   oracle/apps/cz/runtime/tag WARNING: Copying cztag.lst from the old fndlist.jar ...   About to Analyze flmkbn.jar : Fri Nov 22 2013 10:45:51
    Please let me know if you have any idea. Thanks Prince

  • Third party CA and SCUP code signing

    All of the documentation I have seen out there regarding using a code signing certificate with SCUP assumes you are using AD CS. My institution uses a 3rd party CA and I requested a code signing certificate from them (the file had no file name extension,
    FWIW). I imported it into the local computer certificate store (on SCUP server/CAS) and see four entries:
    The blocked out item is our company name.
    Here is what I have done:
    I have exported the one with our company name as as the .cer file for clients, and placed it in the Trusted Publishers and Trusted Root Certificate Authorities stores on the SCUP server/CAS.
    I have exported various combinations of the 4 to generate the *.pfx file and imported it into SCUP but it always gives me an error when I try to publish an update. I initially exported all 4 certificates to get my .pfx, then tried just the ones with the
    purpose of "code signing." In both cases I get an error stating "Signature verification exception during publish, verify the WSUS certificates and advanced timestamp setting are properly configured."
    I am not getting an option to export the private key no matter what combo I choose. This is the biggest red flag I am seeing.
    Does anyone have any experience in this scenario? I am at a loss at this point. The server is 2008 R2 and I know I could use a self-signed one but I thought I would do it the "right" way since it is no longer supported.

    It turns out that after the code signing certificate was downloaded, the private key was somehow lost or damaged or not associated with it in the first place. That is why I was not seeing the option to export the key. We needed to use certutil to repair
    the key association.
    I suspect this is because the request was made from a web form and handled by the 3rd party CA as opposed to being done with certreq. Am I off base?
    Anyway, running this command on the code signed certificate allowed me to export it as needed for SCUP:
    certutil -repairstore my "SerialNumberofCert"
    There are some how tos here:
    http://support.microsoft.com/kb/889651
    http://blogs.msmvps.com/ivansanders/2011/07/26/restoring-a-certificates-private-key-without-the-certreq/

  • Adobe AIR 3 Performance Issues and Code Signing Certificate Problem

    I recently updated to Adobe AIR 3.0 SDK (and runtime) doing HTML/Javascript development using Dreamweaver CS5.5 in a Windows 7 Home Premium (64 bit).
    The AIR app I'm developing runs well from within Dreamweaver. But when I create/package the AIR app and install it on my machine:
    1. The app literally CRAWLS running it in my Windows 7 12G RAM machine (especially when I use the mouse to mouse over a 19-by-21 set of hyperlinks on a grid) --- IT IS THAT SLOOOOWWWW...
    2. The app runs fine in my Mac OS X 10.6.8 with 4G RAM, also using the Adobe AIR 3 runtime.
    About the Code Signing Certificate problem:
    When I try to package the AIR app with ADT using AIR's temporary certificate feature, I get the error message "Could not generate timestamp: handshake alert: unrecognized_name".
    I found some discussions on this problem in an Adobe AIR Google Groups forum, but no one has yet offered any resolution to the issue. Someone said Adobe is using the Geotrust timestamping service --- located at https://timestamp.geotrust.com/tsa --- but going to this page produces a "404 --- Page not found" error.
    The Google Groups Adobe AIR page is here:
    http://groups.google.com/group/air-tight/browse_thread/thread/17cd38d71a385587
    Any ideas about these issues?
    Thanks!
    Oscar

    I recently updated to Adobe AIR 3.0 SDK (and runtime) doing HTML/Javascript development using Dreamweaver CS5.5 in a Windows 7 Home Premium (64 bit).
    The AIR app I'm developing runs well from within Dreamweaver. But when I create/package the AIR app and install it on my machine:
    1. The app literally CRAWLS running it in my Windows 7 12G RAM machine (especially when I use the mouse to mouse over a 19-by-21 set of hyperlinks on a grid) --- IT IS THAT SLOOOOWWWW...
    2. The app runs fine in my Mac OS X 10.6.8 with 4G RAM, also using the Adobe AIR 3 runtime.
    About the Code Signing Certificate problem:
    When I try to package the AIR app with ADT using AIR's temporary certificate feature, I get the error message "Could not generate timestamp: handshake alert: unrecognized_name".
    I found some discussions on this problem in an Adobe AIR Google Groups forum, but no one has yet offered any resolution to the issue. Someone said Adobe is using the Geotrust timestamping service --- located at https://timestamp.geotrust.com/tsa --- but going to this page produces a "404 --- Page not found" error.
    The Google Groups Adobe AIR page is here:
    http://groups.google.com/group/air-tight/browse_thread/thread/17cd38d71a385587
    Any ideas about these issues?
    Thanks!
    Oscar

  • Code-signing

    We are having some issues with our C Sharp .NET 4 Application
    We are using Visual Studio 2010 to build a Click Once Installation
    In addition, we use our code-signing certificate (.pfx) to sign the package
    However when attempting to install the application it is blocked by
    Windows 8 Smart Screen with an “unknown Publisher” message.
    We sign our package twice once on the actual files and afterward
    The manifest is resigned.

    Hi Rene,
    >>“unknown Publisher” .
    Please check whether you sign file in the correct directory.
    Reference:
    http://stackoverflow.com/questions/10392201/clickonce-de-signs-our-executable-and-says-unknown-publisher?rq=1
    A document shared us the detailed steps for "Certificate Expiration in ClickOnce Deployment".
    http://msdn.microsoft.com/en-us/library/ff369721.aspx
    In addition, since this issue is related to the Clickonce, I suggest you post a new case in this forum:
    http://social.msdn.microsoft.com/Forums/windows/en-US/home?forum=winformssetup , and there you would get dedicated support.
    Best Regards,
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place. <br/> Click <a
    href="http://support.microsoft.com/common/survey.aspx?showpage=1&scid=sw%3Ben%3B3559&theme=tech"> HERE</a> to participate the survey.

Maybe you are looking for

  • Custom field type - get column name in code

    All, I have a custom field type. In the code, I would like to get the column name that the user input. For example, user creates a new column called "Customer" with my custom field type. How can I get the name "Customer" that the user has just input?

  • How to REBROADCAST the web cam?

    Hi... I am currently doing the web cam broadcast on web page. As i got suggestions from few expereiced experts in this forum, i've created the stream retransmitter to transmit all the received stream to clients. Now, the point is, how the retransmitt

  • Problem reentering task flow in dynamic region

    Hi All, I have problem with reentering task flow in dynamic region. JDeveloper/ADF 11.1.2.3.0 Use Case: Application contains bussines modules(implemented as bounded task flows) displayed in dynamic region. In some modules, default activity is Method

  • Syslog analysis tool for ASA.

    Hi, What tools do you guys use to analize your ASA logs? I had tested Splunk a few months ago... but it was crushing often, so I couldn't really put into the production. Any recommendations? thanks, lf

  • Accessing the main timeline

    Hello, I have multiple instances of a movieclip (a1) within the main timeline.  These instances move around via tweening within the main timeline.  The instances also appear (are added) and disappear (are removed) while the main timeline is playing.