Certificate error when loading an url to an image source - image

I got an image, and I assign the source property like this:
image.source = "https://www.company.com/imageName.jpg";
This works ok in some PC's, but in others I got an error, I debuggde the error with Fiddler Web Debugger and it says something like this:
"The remote server presented a certificate that did not validate due to RemoteCertificateNameMismatch, RemoteCertificateChainErrors".
Do you know what could it be?, and why it works from some computers but not from others?.

The image is located on a secure website, I believe this because you used https in your example. The error is about that certificate provided by the website you're trying to get the image from. Clearly it's not a trusted certificate.
Are you using the same pdf reader software on all the pc's? Some pdf reader might be more strict then others in regards to certificates.

You did not specify what PC are working fine so it will be hard to answer correctly. It might be important to know what OS is installed on the PCs (working and not working), what version of PDF reader is installed and if all PCs are in same network environment.
I have no experience with actionscript or swf, but the questions I would be asking are:
who does certificate validation in this case? Is it windows or PDF reader?
And where are certificates of trusted root authorities kept? Does all the PCs have this in common?
I believe that if you find answers to these questions, you will solve your problem easily.

Related

GitLab - Secure Connection Failed error on firefox

Recently i have re-installed my GitLab application on my Linux system. When i tried to access my GitLab application link (https://gitlab.domain.com) on Windows system's Firefox browser i am getting below error.
Since the certificate generated freshly it was conflicting with existing/previous certificate, So i have followed this Link workaround. However even after system reboot also same error occurring, I can't access my GitLab application on Firefox browser.
I'm able to access it on Chrome browser without any problem.
Please let me know still where i need to clear the old certificate to make it work on firefox?
That seems to be the same error as in issue 435013 reported 13 years ago (and still open), where Firefox has an issue with routers and NSS (Network Security Services) (error -8054)
As I understand it, and from the discussion on #312732 which is the underlying issue, the problem is that the crypto uses the cert ID as a unique key in a database.
When a dupe is encountered, you can't have two primary keys in a database, so it just dies with a fatal error, hence FireFox gives up connecting to the site and passes on the fatal error to be presented.
This is not a "fundamental NSS design issue", it's a political issue, Firefox is ACTIVELY refusing to let people access their network equipment.
Check also the firmware of your router:
It seems to me that it is VERY EASY for the server-side products that
generate these certificates to more-or-less fix the problem in updated
firmware with very little effort. Even simply randomizing the serial numbers
in the certs, they would nearly completely eliminate the problem, AFAICT. In
fact, it is worth making sure that the affected server-side hardware has
up-to-date firmware, because some vendors might have already fixed it on
their end already.
Possible workaround (which would work even after FF restart)
This is hardly any fix, but I installed a new Mozilla from scratch on a VM under Virtualbox.
I than browsed to all my local systems I was getting this error. On connecting from the new Window3s sytem running on VM to each local IP, I received the warning, and created the exception.
I than went in to Preferences>Advanced, and Exported all the certificates to a share on one of my NAS units.
I proceeded back to the broken Mozilla running on my Mac OS X 10.11.1, and I Imported all the certificates.
I then restarted FF, and connected to each device I was getting the error on, and I received the "This is an untrusted connection, Get me out of here, or would you like to create an exception." YES!!
I created the exception, and finally I could get to my firewalls, and all other local devices.
Other workaround:
Run: firefox --no-remote --ProfileManager
Create a new profile there.
Open a new instance of Firefox using the new profile. To run Firefox with the profile you can use the command from 1. or: firefox --no-remote -P profile_name
Do the actions there as if it was a separate installation of Firefox

PostgreSQL Stack Builder Installation Certificate verification problem on Windows

I have downloaded and installed PostgreSQL 12 (64 bit) on a developer machine running Windows 10 Pro Education (64 bit).
When the installation came to the Stack Builder download application list step, an error occurred as follows:
A certification verification problem was encountered whilst accessing https://www.postgresql.org/applications-v2.xml schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline. This means that the source download cannot be verified. It is recommended that you do not continue with the download as it may be coming from a site that is pretending to be the intended download site and may contain viruses or malware.
Do you wish to continue?
I have tried to use Proxy servers referring to this answer. https://serverfault.com/questions/555125/postgresql-stack-builder-installation-proxy-setting-on-windows
I have also tried both solutions from that question. Still, I can not get the application list downloaded.
I want to install PostGIS. It seems the stack builder is safe and easy to use. What should I do to get the PostGIS installed?
Looks like https://www.postgresql.org/applications-v2.html link has some strong security. And it blocks some traffic. As #ay__ya has mentioned, in his case he made it work though VPN access. And in my case I was already behind the VPN and it was not working. So disabling VPN worked for me.
Go to https://www.postgresql.org/applications-v2.html and save as a *.CER file the certificate of the the webpage.
Using "certmgr.msc" import the *.CER file into your local certificates repository to the Trusted People store or/and Enterprise Trust store.
Rerun Stack builder and retry download application list step.
Should works now.

How can I get a digital trust certificate for an Access executable file in Windows 10?

In previous posts, I mentioned that I split my Access database project (Access 2016) in a front-end (Access) and back-end (MS-SQL). It was recommended that I save my front-end as an executable file, which I did. However, since it has macros and vba code, I always get a security warning.
I need a digital trust certificate, right? The problem is that, since I have Windows 10, I can't use the Office 2010/2013 tutorials about making a self-certificate for VBA. Can I buy one? I am confused, and would like to resolve this quickly because I intend to install the front-end exe file onto several computers at work.
Thank you very much for your time and help!

My published application is a virus?

I have recently created a small VB application for a friend of mine, I am using the publish feature included within Visual studio (it's the easiest way of updating it and having the updated version downloaded automatically) but when I download it, it downloads "setup.exe"
Chrome and AV's seem to think this is a virus, why is this? I have made it a full trust application and signed it with a certificate and a key, but it still think's it's a virus, any ideas?
Answer 1 Copied and pasted from http://productforums.google.com/forum/#!topic/chrome/r-9JQIboUmc
I was able to get around it without a code signing certificate, just by using SSL (which uses a less expensive certificate, and I already had one to secure access to my website), but as your experience shows it seems SSL isn't the only way...
Based on my experience and what I've read of others here, my theory of how Chrome validates downloads is that it goes through a checklist like this:
Is the host site known and trusted? (i.e. large established sites are OK)
Can the identity of the host site be verified? (i.e. via SSL certificate)
Can the the identity of the file's publisher be verified? (i.e. via code signing certificate)
Is the file known and trusted? (I had a file up for a while that was unsigned and accessed without SSL - Chrome was fine with it until I changed the binary after the security update... I'm assuming it takes some time to reach this status.)
If one of these criteria passes, the download is not flagged as malware, and if they all fail, it is.
Answer 2: Copied from http://blog.chromium.org/2012/01/all-about-safe-browsing.html
Malicious downloads are especially tricky to detect since they’re often posted on rapidly changing URLs and are even “re-packed” to fool anti-virus programs. Chrome helps counter this behavior by checking executable downloads against a list of known good files and publishers. If a file isn’t from a known source, Chrome sends the URL and IP of the host and other meta data, such as the file’s hash and binary size, to Google. The file is automatically classified using machine learning analysis and the reputation and trustworthiness of files previously seen from the same publisher and website. Google then sends the results back to Chrome, which warns you if you’re at risk.

Mac os help browser fails requiring internet connection

I am developing an application for Mac OS X (I am new to that kind of things) and I want to include online help. The help is generated using doxygen and the help index generated using Help Indexer. I changed the Info.plist to point to the documentation, but when I try to access it, I get the following error:
Internet connection required.
The help topic you’re opening requires an Internet connection.
Choose Apple > System Preferences, and
then click Network to check your
network settings and, if necessary,
connect to the Internet.
Obviously, the computer I develop on has internet access that works, but more importantly, I would like to know why I need Internet while the help is on the drive (there are some links to internet in the help though). And also, why doesn't the browser see the existing internet connection?
I ran into this problem recently. I had some temporary links which went to pages I hadn't yet created. The problem was that Apple Help Viewer couldn't find a local copy of the linked pages. The Error message went away after I created the pages. IIRC my actual problem was an img tag for an image I had not yet created.

Resources