Fiddler generated certificate has invalid digital signature - fiddler

Fiddler: v5.0.20182.28034 for .NET 4.6.1
Cert Generator: Tried both CertEnroll & MakeCert
Machine: Windows 10
Browser: Chrome
I have tried installing fresh fiddler also but no success. I even installed and reinstalled Fiddler Root Cert.

Related

VSCode remote ssh: Can't install extensions on remote server

I am trying to install an extension (as an example cmake tools) on my remote server (ubuntu Arm 64). I have enabled remote.downloadExtensionsLocally feature). When I try to install the extensions, it seems downloaded locally but can't be installed on the target server.
My Host: Windows 10
My Server: Ubuntu 64 ARM running on a rasp4
Here are my user settings (I have enabled a proxy. no diff with/without proxy):
and here are my remote settings:
and this is my windows trace logs after clicking on install button (As can be seen the extension has downloaded successfully):
and my remote server log:
Please check if your Linux kernel/version is compatible with the doc. I guess that the requirements on your server are not met. Please check them:

Make MariaDB 10.3 on raspberry pi use OpenSSL instead of yaSSL

I have a raspberry pi setup using Raspbian Buster and created an OpenSSL Certificate Authority I intend to use with a mobile app. The root CA signs an intermediate CA that signs the server certificate for a MariaDB MySql server and using a self-made WebAPI, it can sign certificate signing requests for clients to access the DB (clients and the server must both be authenticated).
I can connect to the database over the MariaDB client, using SSL and requiring the client to authenticate its certificate, however if I revoke the client certificate it still allows access. It appears that on the Raspberry Pi, MariaDB runs 10.3 and uses the yaSSL library instead of OpenSSL, even though the OpenSSL library is on the Pi.
Is there a way I can make MariaDB use OpenSSL rather than yaSSL as openSSL supports crl_path, which is required for mariadb to check the revocation list and deny access to revoked certificates as explained here. Another option would be to use MariaDB 10.4 however I believe it must be compiled from source which i tried to no avail, or use another OS which I would not like to do.
I'm attempting to do the same but using 10.5 stable released source. It's currently compiling ...
There is a build configuration switch that cmake needs to make it compile with openssl: cmake -DWITH_SSL=SYSTEM
That will make the make use the OS provided SSL library which in my case on Raspberry Pi4 Raspbian Buster 64 bit is openssl.
After you run cmake you can double check by running cmake -LH which should show openssl in the list.
(Yeah, I've no idea who made the bright decision to disable SSL on mariadb for raspbian buster !)

Filezilla server error - Couldn't load Tls libraries

When i try to open filezilla server i get error like Couldn't load Tls libraries, how can i solve this error. How to install TLS Libraries file win 7 64bit.
https://forum.filezilla-project.org/viewtopic.php?t=39838
According to the forum above, you need to install https://support.microsoft.com/en-us/kb/2533623.

Cannot connect to secure TFS 2015 server with Rad (Eclipse)

Using RAD 8.5.5.2 with the latest TFS plug-in on Windows 7 Professional
I get the following error when I attempt to connect to our secure TFS 2015 server. RAD 8.5.5.2 uses the Eclipse 3.6.3 platform.
Connection Failed
com.ibm.jsse2.util.j: PKD( path building failed:
java.security.cert.CertPathBuilderException: PKD(CertPathBuilderImpl
could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued
by CN=State of Missouri, DC = state, DC = mo, DC=us is not trusted;
internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
RAD is installed in C:\Program Files\IBM\SDP and is running as an
administrator. I have imported the TFS server root certificate in
every carets file in the installation files which are
C:\Program
Files\IBM\SDP\runtimes\updi_v7X_64\uninstall\java\lib\security\cacerts
C:\Program
Files\IBM\SDP\runtimes\updi_v7X_64\java\jre\lib\security\cacerts
C:\Program
Files\IBM\SDP\runtimes\base_v7_stub\java\jre\lib\security\carets
C:\Program Files\IBM\SDP\runtimes\base_v7\java\jre\lib\security\carets
C:\Program Files\IBM\SDP\jdk\jre\lib\security\cacerts
I am trying to connect with no server running and no projects in the
workspace so I think the only file which needs the TFS root certificate
is C:\Program Files\IBM\SDP\jdk\jre\lib\security\cacerts but when that
did not fix the issue I imported the certificate into the other cacerts
files. I also imported the root certificate to my PC.
It looks like your server is using a custom SSL that is not in the certificate chain for Java. You need to add it...
https://docs.oracle.com/javase/tutorial/security/toolsign/rstep2.html
You have to use Keytool to get your companies root certificate into the store.
Do you have a WAS server installed in the workbench? Wondering if this is related to this problem
http://www-01.ibm.com/support/docview.wss?uid=swg1PI41436
If so then delete the WAS server from the Servers view, restart RAD, connect to TFS and then add WAS server again in Servers view.
If I recall correctly, this problem was solved on RAD 9.1.
Hope this helps.
Your Eclipse version 3.6.3 is out of date. To connect TFS 2015, suggest you to update the RAD version and Eclipse version to latest.
For the old Eclipse version, there has some issues with the default proxy detection. Try to go to Window -> Preferences -> General -> Network Connections and set Proxy to anything other than Native. Such as Direct, Or yo Manual and configure your proxy settings manually.

"Key usage violation in certificate" error with Subversion, VisualSVN Server

I'm using Eclipse (Indigo) with subclipse 3.6 in Ubuntu 11.10.
I've connected to the svn with subclipse on other machines before no problem, but with my recently upgraded ubuntu machine (went from 11.04 to 11.10) it won't work.
when I try to connect to my private svn server (VisualSVN Server in Windows), I get the following error:
RA layer request failed
svn: OPTIONS of 'https://76.27.122.123/svn/brock':
SSL handshake failed: SSL error: Key usage violation in certificate has been detected. (https://76.27.122.123)
Key usage violation in certificate
So, googled it, and found this solution: http://andrewbrobinson.com/2011/11/01/fixing-ssl-handshake-failed-ssl-error-key-usage-violation-in-certificate-has-been-detected-error-on-svn-checkout/
Which basically says that because neon is now using GnuTls, and it is being strict and rejecting my invalid certificate (like I said it's a private svn so it is untrusted).
But when I do the mv and symbolic link commands, it then messes up my JavaHL setup, and gives me this error:
Failed to load JavaHL Library.
These are the errors that were encountered:
no libsvnjavahl-1 in java.library.path ...
I undid the mv command and now the JavaHL is working after following instructions I found here http://subclipse.tigris.org/wiki/JavaHL#head-5ccce53a67ca6c3965de863ae91e2642eab537de but still can't get past the key usage certificate error. Any ideas??
During the initial setup VisualSVN Server 2.5 generates a self-signed certificate and adds it to the Trusted Root Certification Authorities store on the local machine. To avoid possible security issues, VisualSVN Server makes this self-signed certificate to be valid for server authentication only (by specifying the 'Key Usage' extension).
Subversion clients built against GnuTLS don't recognize such certificate and the error occurs.
Possible workarounds:
Sign certificate using trusted certification authority (recommended)
Use VisualSVN Server workaround to generate a cerificate without specifying 'Key Usage' extension. See KB56 for detailed instructions.
Configure eclipse to use Neon with OpenSSL instead of GnuTLS
Alternatively you might add
alias svn='LD_PRELOAD=/usr/lib/libneon.so.27 svn'
to your .bashrc, so only the svn command would be affected by the libneon change, and not the other packages. Also be careful that the solution mentioned in your link will break under Ubuntu 12.04 LTS. For that you have to use these steps:
Uninstall the current libneon package:
sudo apt-get remove libneon27
Download the latest libneon package from http://packages.debian.org/squeeze/libneon27 (at the bottom you can choose the right version for your architecture).
Install the required libssl dependency:
sudo apt-get install libssl0.9.8
Install the downloaded libneon package. E.g. for the 64Bit architecture:
dpkg -i libneon27_0.29.3-3_amd64.deb
Add
alias svn='LD_PRELOAD=/usr/lib/libneon.so.27 svn'
to your .bashrc, and relogin.
Source: http://www.yeap.de/blog2.0/archives/260-Subversion-Certificate-Problems-with-Ubuntu-Precise-Pangolin.html