I am using the new ionic 4.0.0-beta.19 framework, trying to use the ionic serve --ssl option.
I have created a new ionic project using the cli, I have run ionic generate ssl, which has created 2 files in /.ionic/ssl
cert.pem
key.pem
When running ionic serve --ssl in chrome I get the message “Your connection is not private”, I’ve had this before doing something similar, to fix this I’ve added the localhost cert file to my keychain access (using Mac) and set the certificate as always trust.
I’ve had this running before on ionic 4, by generating a certificate myself, adding the cert to the angular.json file like below:
"serve": {
"builder": "#angular-devkit/build-angular:dev-server",
"options": {
"browserTarget": "app:build",
"ssl": true,
"sslKey": "./ssl/server.key",
"sslCert": "./ssl/server.crt"
},
"configurations": {
"production": {
"browserTarget": "app:build:production"
}
}
}
With above though I added the crt file and key rather than pem and key, do I need to go add these manually? Or is this done automatically using the generate command?
When viewing the served localhost in the browser, I can see the serial number of the certificate the browser is using, is different to the serial number of the pem file I added to the keychain access, so wasn’t sure if it generates a .crt file in another local, that I need to add?
I faced the same questions about configuring my Ionic-Angular project to be served with SSL.
Actually, I didn't want solely the Ionic app to be served over SSL, but the all stack, including back-ends (.Net, Spring and Keycloak) and I wanted the Android version of my Ionic app to consume those "self-signed" back-ends without problem.
I posted a rather detailed how-to there: How to properly setup my Ionic (Angular) dev machine with self-signed certificate?. This off-course covers the part you're asking for ;)
Related
I am developing a clickonce C sharp project in Visual Studio.
On my main computer, I have generated a self-signed certificate for the clickonce manifest.
This works fine, I can compile, deploy and run.
I also sync this solution to my github account, and regularly pull updates down to a backup computer.
The backup computer is not able to simply compile this solution, as it gives errors in regards to self-signed keys.
I could generate a new one on the backup computer, but then when I deploy to same testbed, it causes issues because the certificate is from a different location.
I want to quickly be able to deploy from the backup computer in the event that there is an issue with the main.
How can I share the main computer's generated certificate with my backup environment without issue?
My apologies if this is straightforward or I am missing something obvious.
Run certmgr.msc (user) or certlm.msc (computer) and look in My Certificates for the certificate. Right click it an check if you can export it with the private key resulting in am PFX file (PKCS#12).
If this is not possible generate a new one with the -ExportPolicy Exportable option.
I am setting up a Firebase Dynamic Links using App Links for a website that is also hosted in Firebase Hosting. I need to upload a .well-known/assetlinks.json to my Firebase Hosting website.
I am working on Mac, and if I try to create the .well-known folder on my Mac's drive it says:
This makes it for me impossible to create, and then of course also upload the assetlinks.json (using the Firebase CLI which is the only tool that allows you to publish files to Firebase Hosting).
How can I install the required .well-known/assetlinks.json on my Firebase Hosting?
I found the following work-around:
(1) Create a well-known/assetlinks.json locally => notice its without the . at the beginning which made it impossible on my Mac to create this folder originally
(2) Update the firebase.json file to add a rewrite rule :
"rewrites": [
...
{
"source": "/.well-known/assetlinks.json",
"destination": "/well-known/assetlinks.json"
},
...
],
(3) Publish to firebase hosting
Its not an ideal solution, but it works...
I have published a basic unsigned windows form application using ClickOnce on Visual Studio. I took the .exe file and .exe.config file and moved it to a folder on my desktop. I signed the .exe file with a legitimate digiCert signing tool, and I created the application manifest and deployment manifest using MageUI and signed it with the same signing tool. I moved all the files to the FTP server that I want the users to download from. When I enter the URL in the browser everything works fine, but it prompts me to Install, and it says that the Publisher is Unknown. After I click install, the app runs as it should.
Also, I have already added my certificate to the Trusted Publisher store, and verified that the issuer of my certificate is in the Intermediate Certification Authority store, and their issuer is in the Root Certification Authority Store.
I have also opened the deployment and application manifest using notepad, and can see my signature on them, and I can see that my .exe file is signed by right clicking on it and selecting properties, then the signature tab.
I have followed the Steps outlined in this site: https://robindotnet.wordpress.com/2013/02/24/windows-8-and-clickonce-the-definitive-answer-2/
I used the : "#1: Signing the application executable post-publish." steps.
So my main question is why is it saying that the publisher is Unknown when I download and run the .application file?
Note: that the SmartScreen filter is not picking up my app as being unsafe
I have (sadly) the same problem.
Microsoft doesn't accept anymore the SHA-1 certificate since 1. january 2016:
Windows Enforcement of Autheticode:
Code Signing Certificates: Windows will no longer trust files with the Mark of the Web attribute that are signed with a SHA-1 code signing certificate and are timestamped after 1/1/2016. With the exception of issuing certificates to developers who intend to develop only applications for Windows Vista, Windows Server 2008, CAs may not issue new SHA-1 code signing certificates after January 1, 2016.
I tried to sign with a SHA256 hash and with a SHA2 timestamp certificate but this is not enough. What I can't understand is why an unsigned exe is threated as more secure as a signed SHA1 exe in smartscreen!
The other answer tells you what's going on, and here's what's working for me. I pivoted another's work for my CI pipeline, but the script can be used in any capacity:
https://github.com/erikest/SignClickOnce
I have installed the Jenkins plugin for the Play! framework: https://wiki.jenkins-ci.org/display/JENKINS/play-plugin
However, I run into a problem configuring that plugin. The Jenkins server doesn't have Play installed, so I tried to configure the auto-install, using the "Install automatically" option. Unfortunately, when I pass the URL to the Typesafe Activator's ZIP archive, I get a handshake failure.
The Jenkins server is a part of the Cloudbees cloud.
Any ideas on what is going wrong and how to deal with it?
EDIT: Changing "https" to "http" resolves the handshake problem. However, Play does not get installed on the Jenkins server. The build does not find the "activator" executable. I suspect this may be an issue with the Play plugin for Jenkins.
it seems your java cacerts is not having correct certificate. you may try following steps.
Step 1 : Get root certificate of https://www.google.com
Open https://www.google.com in a chrome browser.
Select Inspect from context menu(right clicking on page) and navigate to security tab
Click on view certificates
Click on top most certificate on hierarchy and confirm it is tailed with Root CA phrase.
drag and drop that image which you saw written certificate on desktop.
Thats it! you got your root certificate!
Step 2 : install certificate to your java cacerts
please verify you have system variable JAVA_HOME declared and you will perform these steps on that jre cacerts only!
Navigate to cacerts by JAVA_HOME/jre/lib/security/cacerts
Download and install keytool explorer it is available for all platforms
open cacerts in that tool and import cetificate by "import trusted certificate" button.
Save your changes (you may come across issue if it is mac and you do not have write access!)
Step 3 : Restart jenkins
You should not get ssl handshake problem now onwards.
Can anyone help me create a certificate to use with the new version of Remote Desktop Connection Manager v2.7? I see the new version removed the "Store as plain text" option, but added using a certificate to the list.
I was wondering if anyone knew how to create a certificate (self-signed or whatever) that I could install on both computers to allow me to pass the config file between machines. I haven't been able to find anything online!
Thanks in advance.
If you in Remote Desktop Connection Manager click on the Help menu, and Usage, you will see a web page. On the Contents list, click on Encryption Settings (Under Local Options). There you will see how to create a personal certificate that RDCMan can use.
You will first need to get makecert.exe if you don't have it on your computer. You can get it by installing Windows SDK or Visual Studio.