I have a winJS project that uses windows runtime component, for this I have enabled WinRT Access to all.
My app works fine on public network.
My client uses some type of private network and my app did not have permission for private network access.
For fixing this I enabled Private Networks (Client & Server) in Capabilities in package.appxmanifest file.
Now the app works fine in private networks too.
But then I had to put this app to windows store and when I carry out the windows certification kit test it fails with the following error:
FAILED App manifest Error Found: The app manifest test detected the
following errors: The Application cannot include an
ApplicationContentUriRule with 'all' or 'allowForWebOnly'
WindowsRuntimeAccess while any of the following capabilities are
enabled: enterpriseAuthentication, sharedUserCertificates,
musicLibrary, picturesLibrary, videosLibrary, removableStorage,
documentLibrary, internetClientServer, privateNetworkClientServer.
Can anyone provide me some workaround ?
Thanks!
As per my knowledge and research, if you define 'ApplicationContentUriRule' with runtime access of 'ALL', the app fails while validating to windows store. This is because Microsoft considers that kind of configuration as a security risk.
Please refer this https://social.msdn.microsoft.com/Forums/en-US/fd28bcd5-b3a8-4307-be93-29fc4c5aaacd/uwpwork-around-for-application-content-uri-rule-windows-runtime-access?forum=wpdevelop , I think this will help you as well.
Related
I have a spring boot based microservice in which I am using Microsoft Azure Computer Vision API to read data from a PDF file. After containerizing the microservice, the container works fine and I am able to send/receive data to/from Computer Vision API on my machine. But, when I run this container on an Azure based Linux Virtual Machine, the container cannot communicate with the Computer Vision API and throws exception java.lang.RuntimeException: javax.net.ssl.SSLKeyException: RSA premaster secret error. Also, the spring-boot jar is able to communicate with Azure on VM and throws no such exception.
Do you think I need to pass any self-signed certificate to the container for it to be able to communicate smoothly?
I think the biggest advantage of using these containers is that it makes the code platform independent. So, why is this error thrown only on Azure VM and runs completely fine on my machine? Please advise.
java.lang.RuntimeException: javax.net.ssl.SSLKeyException: RSA premaster secret error
On local computer was working fine but when run the container on Azure Linux VM it is not working so there might be compatibility issue between Linux VM and Java JRE’s.
Based on above error the solution is Just remove the updated java version from your server Classpath and try to install the old java version
Please refer this link had the same discussion over here related to above error : https://community.oracle.com/tech/developers/discussion/1533888/another-rsa-premaster-secret-error
Second, try to set the SSL/TLS parameters in the java panel because An SSL certificate is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured website, the SSL certificate enables an encrypted connection. It's kind of like sealing a letter in an envelope before sending it through the mail.
Supported SSL/TLS versions by JDK version
I was able to find out what the error was. There was nothing wrong with the JDK/JRE setup. The issue arose due to the version of docker engine installed on the Azure VM.
Azure based computer vision APIs required server to be TLS1.2 compliant, whereas the version of the docker engine installed on my machine was older and did not support TLS1.2. I was able to fix it after upgrading the docker engine to the latest version.
I am an qt app developer which uses https to connect to rest api. I deploy ssl dll libraries together with application (the same version as the qt was built with) but sometimes on windows it happens, that users report to me that the internet connection within my app is not working. While debugging, I find out that qsslSocket::supportsSsl returns false and openssl version in use is empty string. When this happen? The user can use his internet browser and send me email. What can be the issue?
I am working on some projects with Hyperledger Fabric, currently using the IBM VS Code Extension. The chaincode is written in Go, as is the client application which provides a RESTful API, using the Go Fabric SDK. However, I am having trouble connecting the client application to the chaincode. Most of the tutorials and examples I have seen use Node.js as the client and it seems the Node SDK needs less configuration.
As far as I understand it, the steps should be similar to the following but more detailed information seems to be a little bit lacking when it comes to the Golang Fabric SDK.
The client application needs the following information to be able to communicate with the blockchain network:
The enroll ID and secret of the application identity (used to generate a cert and private key), or the certificate and private key directly
The connection profile
The smart contract name
The name of the channel the smart contract was instantiated on
Use the certificate and private key of the application identity, along with CA endpoint information inside your connection profile
In the VSCode plugin
Register an 'application' identity in the 'Fabric Wallets' section
Export the connection profile from the 'Fabric Gateway' section
Export the application identity's wallet
Update code to point to the exported connection profile
Update code to point to the exported wallet
As far as I can tell, the connection profile and other steps needed to connect the SDK to the VS Code Network should be pretty 'standard' so I wonder if someone knows of a working example?
Thanks for the collective help!
Unfortunately you are going to struggle with this at the moment. Wallets are not compatible with the Go SDK currently. Also the Go SDK doesn't quite conform (or at least it didn't the last time I tried it) to the connection profile specification so the connection profile from the VS Code extension won't work without some minor modification and didn't work with a CA not using TLS (IIRC I patched the Go SDK to make it work).
There is work underway to bring the Gateway/Wallet programming model to the Go SDK which will then make working with the VS Code extension a lot easier, but I don't know when a version of the Go SDK with a working implementation will be available.
Our windows store app allows user to manage (create or dial) VPN profiles.
For this functionality we use
RAS Api (create and dial VPN profile)
RAS Api
Wlan Api (listen to wifi networks) - will be changed to classes with Windows.Networking.Connectivity in windows8
Wlan Api
We face following troubles for Windows Store application:
RAS API functions don't work properly under windows store application template (as example RasEnumDevices return error code 5 - Access Denied).
However it works good from desktop application launched on windows 8.
Question: how we could get RAS API to work under window store applications? If that is absolutely impossible - is there any other way to create VPN connection in app developed for Windows Store?
All user's VPN profiles stored by Windows OS in "..\Microsoft\Network\Connections\Pbk\rasphone.pbk", file could be found on file system manually, but we don't have access to this file via API, either we can't access it directrly. Current workarround uses own created PBK file located in users profile folder.
Question: how we could get access to system VPN connections stored in OS.
Thanks.
Hotspot Shield VPN for Windows offers private browsing to ensure the privacy of your web session.
Check it out here: http://www.anchorfree.com/hotspot-shield-VPN-download-windows.php
We have an existing certificate (global sign) that works fine when a Windows Mobile application (.NET 3.5) tried to consume the web service (also written in .NET 3.5) that is hosted on IIS.
However the when we make the re-issued certificate (global sign) live, the Windows Mobile application is failing to connect to the web service, the error we are getting is "Could not establish trust relationship with remote server". Ive tried searching for this on Google many times and have not found a suitable fix.
We have also tried to copy (and install) the ROOT and intermediate certificate in the chain to the device, but this still does not work.
When we test the new certificate with a PC web browser (IE, Firefox, Opera), a Desktop application that consumes the web service (.NET 3.5), and even Internet Explorer on the Windows Mobile device the .NET web service definitions/documentation page is show without problems (no warnings, or errors), it seems to only be an issue on the windows mobile device when using a compact framework (3.5) application is trying to consume the web service.
We have validated that the certificate is installed correctly on the SSL shopper site, and after our google searches we came across and implemented (as a test) a "trust all" ICertificatePolicy handler, this has resolved the problem, however i was hoping that this problem could be addressed by configuration/setup change rather than a code change and a re-deployment of over 150 windows mobile based devices.
The ICertificatePolicy hander did show up the error that was being returned when trying to validate the certificate: the problem parameter was set to: -2146762481 (0x800B010F in HEX), which i believe is the "CN No MATCH" error, however Ive searched for this in both its numeric, hex and name form and have yet to find a resolution other than the "Trust all" code change.
I thought I would post the answer here in case anyone else runs in to this problem. I've not found a 100% rock solid explanation, but we have managed to make it work and this has made me come up with a hypothesis as to the problem:
It appears that the compact framework seems to be taking the first Common Name (CN) off the "Subject Name Alternative" field of the SSL certificate and only evaluating the certificate against that whilst the full framework, IE and IE on the mobile device seemed to be using both. My reasoning for believing this is below:
The PDA application was accessing the url:
https://AMobileWebService.com/Webservice.asmx
Our old SSL certificate that worked had the following in the "Subject Alternative Name":
DNS Name=AMobileWebService.com
DNS Name=www.AMobileWebService.com
And the new certificate that did not work was contained the following in the same field:
DNS Name=www.AMobileWebService.com
DNS Name=AMobileWebService.com
When we changed the application to use https://www.AMobileSebService.com/Webservice.asmx, the old certificate (that was previously working) failed to establish a trusted relationship, and the new certificate worked (but previously did not).
As I mentioned earlier this leads me to believe that the .NET CF is only retrieving the first name in the SSL certificate and then evaluating the url host name against that, rather than doing it against both as in the full .NET Framework.
We came to this conclusion by implementing a "trust all certificates" work around that we found on stackoverflow:
https://stackoverflow.com/questions/6552598/system-net-webexception-thrown-when-consuming-a-web-service-over-https
The problem parameter on the workaround was returning the value -2146762481. Searching on hex representation of the value (0x800B010F) pointed me to the following information: https://blogs.technet.microsoft.com/rrasblog/2007/09/26/how-to-debug-sstp-specific-connection-failures/
The error turned out to be the constant : CERT_E_CN_NO_MATCH