Open souce OSCP Server - ocsp

I'm looking for an opensource, freeware OCSP (Online Certificate Status Protocol) for installing in a linux OS.
I'm having a hard time finding a good one.
Can anyone give some insights about some good options?
Thanks,
Raul

Related

Which type of certificate should I use for code-signing a Windows desktop application?

I am looking for a certifier for my Windows app, and I am wondering which certificate type I should choose for the application of my startup. I saw that there are mainly two types - so-called OV and EV certificates. A quick summary from SSL.com (for code-signing a desktop application)
An EV code signing certificate offers an immediate reputation with Microsoft SmartScreen, so your users will never have to click through a SmartScreen warning in Windows.
With an OV certificate, SmartScreen reputation must be built organically, as users download and install your files. SmartScreen warnings may occur until enough software proves sufficiently popular with Windows users for SmartScreen to view it as “well known.”
I understand the differences, and most articles refer to them in the use-case of Web SSL certificates. But would you recommend an EV certificate for a desktop application from a startup? Or is it not worth the money? Any help is highly appreciated!
The real answer here is that you need to be able to cover the cost of the cert, only you know whether you will make enough money from your app for it. The increase in downloads between the two is unlikely to be very big.
Taking SSL.com as an example, OV certificates are offered for 2 years at $232 but EV is $598. If you think that the fairly small percentage increase in downloads will cover this then go for it. It will look more professional that way. After all, $366 to a popular app is peanuts. But if you think your app will not be popular or won't make money, don't waste your cash.

Getting verification to use Google APIs via identity.lanchWebAuthFlow() for a Firefox addon

I'm currently having a lot of trouble with the google API support team and was wondering if anyone had figured out their process. I'm developing an extension that uses identity.launchWebAuthFlow() to authenticate with google for google drive access. Since July 2017, google has started requiring "Verification" for oauth. As I don't own my extension's domain {random}.extensions.allizom.org, I have no idea how to pass their verification requirements.
You can read about that process here: https://developers.google.com/apps-script/guides/client-verification
They've rejected me once saying my client id is deleted or invalid or does not need verification - I verified that the client exists, is still servicing requests, and still produces the unverified warning screen detailed in the link above.
When I reached out specifically to webstore support, the response said:
Dear Brandon,
Thank you for contacting Chrome Web Store Developer Support! I understand that you're having an issue regarding developing a web extension for both Chrome and Firefox using Google Drive API. As much as I'd love to assist you, unfortunately, our team cannot offer much support on this matter. My best advice is to ask the community on Stackoverflow, or create a bug report directly to the Chrome Browser/Extension experts using the Chromium Public Issue Tracker. The engineers are actively working on the reported problems on this list, so I'm sure that you'll be able to get the information that you're looking for.
I appreciate your understanding and cooperation. Please let me know if there's anything else I can do for you, I'm happy to assist. :)
Warm Regards,
[Redacted]
Chrome Web Store Developer Support
Again the major problem here is that I cannot prove ownership of the identity.getRedirectUri() for my extension as the requirements state. I know other addons use google APIs, but I don't know if this verification process is a way to ban firefox developers from the google api ecosystem.
As a bit of question justification, I can find no documentation anywhere from July 18 2017 or later where developers have run into this, and I think this question will provide significant value to any Firefox addon developers who seek to use any of Google's APIs.

Migrate an adobe account (Certificates to build)

Im having this issue today, we developed some apps years ago, with an adobe id from one of our developers. The person who own the account doesnt work with us anymore, so we are trying to migrate the account, just for the certificates we have there (apple and google) , cause i dont think we have the source files of those certificates.
Anyone had this issue in the past? Any idea how can we resolve this?
Thanks!!
This is a tricky one - I'd recommend creating a "company" Adobe account going forward so that you don't run into this again.
Beyond contacting that user for access, perhaps log a support request with Adobe.
Even with that option though, there's no way to download the keys/certs from PG Build, so your best bet is to obtain them from the source - your Apple Developer and Google Play Developer accounts.

Interwoven Teamsite Download and Installation links

I need to install interwoven Teamsite Content Center Professional on my system, I can't find any web address online where I can download the exe. I even tried logging in it online at
http://teamsite.partners.org/
But the link does not work. Please if anyone has solution to this, please answer asap.
Thanks
Aysha
If you are talking about downloading it without procurement then there is no direct link to Teamsite on your local system as it is not open source. You would have to contact Autonomy who will provide you assistence with procuring the software.
If you have alerady purchased the software,please go to the below mentioned link if you aleardy have purchased the software.
https://support.interwoven.com/supportloginau.asp
teamsite interwoven
All what You need, You can find on the Interwoven support page. You will find there all necessary files and pdf's with installation guides and other important things. HP have also very good community link. So if You will have any problems with installation I'm pretty sure they will help You.

What is the easiest way to test/debug Symbian applications on the phone?

I am currently experimenting with programming for my Nokia 5800 XpressMusic (running Symbian 9.4). Setting up the development environment (Carbide C++) was already a huge pain, but now that I am actually able to build something the pain doesn't stop! It seems there is an incredible overhead involved when you actually want to test an application on the phone. But I really hope somebody more experienced than me knows some easy way to do it.
If I understood right every application has to be signed. I can sign applications myself, so this is not a problem and it seems to work fairly well. But then it seems not all capabilities are available if I do this, and the one I need is amongst them. So now I have the option to buy a publisher ID to get a developer certificate (current cost: 200$ - no thanks) or I have to upload the application every time to symbiansigned! Every time I change the code and want to test on the phone I have to upload the thing using a stupid web form!
But now I was excited to find that you can do some remote debugging stuff with a thing called TRK (maybe this spares me the signing?). I hoped that I could use this to connect Carbide and my phone. But this doesn't quite work. My phone doesn't show the application required for this connection although it installed properly. I had a look at the supported Symbian version number and it seems to be 9.2, so not mine :( Stuck again?
And the emulator is no option because it doesn't support sensors and cameras :(
So what am I doing wrong (and sure there must be something)? Is the only way to test my app on the phone to actually upload it every time, wait for it to getting signed, download it again, install it and test - just to see it didn't work and that I have to repeat this process over and over again?? PLEASE no...
follow the instructions here http://www.forum.nokia.com/Distribute/Packaging_and_signing.xhtml to get yourself a free certificate for 5 testing devices, then you can use this certificate to sign your applications directly without using open sign.
When you use TRK, your application is still installed on the phone (in background, with so called silent installation API - by the way, you can use it too, but it's offtopic), because the only eligible way for a binary to get into the phone is the Installer Service. So you still need some certificate. All three options to get certificate mentioned here are ok, though the last, free one (from Mahdi Hijazi), I suppose, is the preferred. :)
Please go to
http://www.opda.net.cn/register.php
then apply for a OPDA Developer Certificate and download signer tool from the site and use it to sign your symbian applications.

Resources