In our code we are trying to import certificates from source code to user's system who tries to install our application.Our application is windows application.
To import certificate they have used key tool command where path is wrong.
<Command name="User">
<![CDATA[keytool -keystore "%USERPROFILE%\Application Data\Sun\Java\Deployment\security\trusted.certs"
-import -v -noprompt
-file "C:\Program Files\American Express\DesktopPhone\AppletWeb\cert\NIVRApplet.cert"
-alias nap -storepass ""]]>
</Command>
Even though path C:\Program Files\American Express\DesktopPhone\AppletWeb\cert\NIVRApplet.cert is not available still certificate is getting imported into user system in the location %USERPROFILE%\Application Data\Sun\Java\Deployment\security\trusted.certs when they install our application.
When I try executing the above command in command prompt directly it says import is unsuccessful but it works fine through application without any error with certificate getting imported.
I am not sure how it is happening?
Can anybody help me on this?
When I try executing the above command in command prompt directly it
says import is unsuccessful but it works fine through application
without any error with certificate getting imported.
Probably the account you logged in does not have necessary permission on the keystore you are trying to import. What error you are getting ?
Related
In order to request a User ceritificate I'm using the script provided by the Powershell gallery https://www.powershellgallery.com/packages/Request-Certificate/1.5.0/Content/Request-Certificate.ps1
To execute this script I'm using the following command:
. "C:\Certificates\RequestCertificate.ps1" -CN "User Common Name" -TemplateName "User" -CAName "domain\CAserver" -Export
However when I run this command here is the output:
After this output I get a popup message with the following information:
Machine context template conflicts with user context.
If I click ok, the request is concludes successfully. However I'm trying to automate this process. Is there a way to ignore the popup window?
I already looked at the question How to suppress a popup window while using certreq to request a certificate from an enterprise CA? (How to suppress a popup window while using certreq to request a certificate from an enterprise CA?). However the solution for the problem described was to run the script as Admin or System because the certificate generated was for the Machine and not for the User.
Does anyone know why this is happening?
Thank you in advance
So this is my first time having this problem last time my code signing certificate was installed correct and without problems this time however the private key flag is missing from my certificate and after searching for about an hour I found certutil -repairstore my "CertSerialNumber"
This is working if the certificate is installed to the local machine but then signtool is unable to find the certificate, by default it installed to CurrentUser so how do I run certutil -repairstore on a certificate on current user, i have tried adding -sr currentuser and -user and it complains they are invalid parameters (WIN32: 87 ERROR_INVALID_PARAMETER).
Finally fount the answer typical it's within mins of posting this question so for anyone else,
make sure the param's are ordered correctly, the certutil is a little bit of a pain with order of parameters,
certutil -user -repairstore my "CertSerialNumber"
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/certutil
C:\Users\rajmo>-alias androiddebugkey -keystore %USERPROFILE%.android\debug.keystore
'-alias' is not recognized as an internal or external command,
operable program or batch file.
try this command from cmd or flutter terminal . go to C:/your profile/ project name/android and then type gradlew signingReport . it will give all SHA-1 and all other certificates.
In my case it look like this -
C:\ronan\facebook\android>gradlew signingReport
i am a unity game developer. i am trying to get .pem file from keystore through command prompt in order to enable app signing and commmand is
C:\Users\admin19>java -jar C:\Users\admin19\Desktop\pepk.jar --keystore= F:\Key
Store\abc.keystore --alias=abc --output=C:\Users\admin
19\Desktop\output\key.pem --encryptionkey=eb10fe8f7c7c94656756df715022017b00c6471f8ba8170b13049a11e6c0
9ffe3056a104a3bbe4ac5a955f4ba4fe93fc8fghhjkcef2kk7558a3eb9d2a529a2092761fb833b656cd48b9d
e6a
i press enter after typing this to cmd.
it ask for keystore passward !!! i enter.... then it ask for alias passward !! i enter which is same as keystore passward.. but it is giving error : no key for alias : [aliasname]..what should i do.. plz help
You may follow the suggestions in this thread.
To get the Key Alias: I copied the keytool.exe and my keystore file into C:\Program Files\Java\jdk1.7.0_71\bin folder. Then from command prompt I wrote: keytool -list -v -keystore <name>.keystore It will also ask for keystore password then. Then it will show you the key alias and Certificate fingerprints and other info.
It was also mentioned that if you have the keystore password, keytool might be able to list the aliases.
When I try to sign my exe using a p12 keystore I get the following error:
codesigning.p12 does not contain the complete certificate chain
However, I can sign it without problem using the windows signTool.exe by executing:
signtool sign /f codesigning.p12 /p $keyStorePassword myprogram.exe
Any ideas how to get this working in install4j?
signtool can access intermediate certificates in the Windows keystore, something that install4j does not do.
Other than creating a self-contained certificate (see Adding an intermediate certificates to a pkcs12 file), you can use the "Executable processing" step of the media wizard and call
C:\Path\To\signtool sign /f codesigning.p12 /p $keyStorePassword $EXECUTABLE
to perform external signing of all executables.