I'm facing an issue with self-signed certificate in Windows Phone 8 app. I have installed the certificate (.p7b) manually and it works fine when I browse through the site in IEMobile.
But when I visit the same, using the WebBrowser control in my hybrid app, The certificate error still shows and can't be ignored, even after tapping Continue. Isn't the Certificate installed System-wide or is it just for IE?
I have referred many links regarding this but in vain. Any help would be jighly appreciated. Thank you.
I had the same issue, and it turned out to be a hostname mismatch between what the certificate contained and the address I was using to connect to the server. If those match, and you install the P7B file on the Windows Phone device, then you should no longer see certificate warnings.
For the full details of my issues and solution, see this thread on MSDN.
Related
For some reason, Firefox today started issuing warnings about the SSL certificates on our web applications, but supplies very little information. Everything works fine in IE/Edge and Chrome. The application is at https://ps.ecco.com
How can I find out more about what's going wrong with the certificates and how do I solve the issue?
For some years we used a Comodo SHA-1 code signing certificate to sign the .cat file of our Windows printer driver. The built signed driver installed fine on XP up to Windows 10. On systems that have never seen the driver before we get the expected warning dialog asking if the user trusts us, the author of the driver.
So everything's been fine up til now.
Unfortunately, that certificate just expired, and since SHA-1 certificates are deprecated, the supplied replacement certificate is SHA-2.
The only thing that has changed in our build is the certificate. The build still produces a signed driver, and that driver behaves the same as before, i.e. absolutely fine, on Windows 8 and up. But on Windows 7, even after installing the Windows patch to make it understand SHA-2, at driver-install time we now get the scary red warning dialog saying the driver is unsigned.
My question is - is there anything I can do get the driver to install without the scary warning on Windows 7 with the Windows SHA-2 patch installed?
Once I'd added the comodo-supplied cross certificate to the Intermediate Certification Authorities store on the build machine I was able to rebuild the driver so that it installed on Win7x64 without any scary red warnings.
We have been using an Authenticode code signing certificate from Globalsign for years to sign our Windows 7 drivers. Since now there is a move towards new "SHA-256" code signing certificates, we got such a new certificate which works fine under Windows 8.1 or 10, but not under Windows 7.
When I install the driver, Windows ask me if I trust the publisher and offers the checkbox "always trust this publisher", i.e., it offers to save this selection for future installations. However, under Windows 7 this no longer works, i.e., I get asked every time I install the driver.
I guess this is a bug in Windows 7. Has anyone else experienced this? Is there any solution?
Yes, I've experienced exactly the same issue, which is not very convenient when you're trying to install a driver package automatically from the command-line, for instance...
And yes, there is a solution which fixed this for me, you can find a hot-fix on the Microsoft support website here.
It is not directly available, but you just have to enter your e-mail address in the form and Microsoft will send it to you.
I have a small LAN with:
A Synology server where I have installed a Comodo Wildcard
Certificate for mydomain.com.
Three wired clients running Windows 8.1 Pro and Windows 10 Pro, and
one wireless client running Mac OSX.
This LAN is connected via an IPSEC VPN to another remote LAN with
more clients.
My issue:
When I try to connect to my Synology box using https:// from a LOCAL client, using Internet Explorer 11 or Google Chrome, everything works fine. The browsers see that the website has a valid SSL Certificate and I get no errors or warnings of any kind.
However, when I use Firefox, the certificate doesn't work at all, with the following symptoms:
For THREE Wired Clients on LAN using Windows 8.1 Pro/Windows 10 Pro and Firefox:
"The Connection is Untrusted" If I click on the little Globe next to the Address bar it says "The website does not supply identity information. Your connection to this website is not encrypted."
For Wireless Client on LAN using OSX and Firefox:
EVERYTHING WORKS FINE. If I click the lock next to the address bar in Firefox it correctly shows that the website is verified by COMODO.
For Wired Client on another LAN running Windows 7 and connecting via VPN and Firefox:
EVERYTHING WORKS FINE.
So in summary: I can connect via HTTPS using Internet Explorer or Chrome from ANYWHERE with no problems. I only have problems with FIREFOX on SPECIFIC MACHINES. It is like they aren't seeing the certificate AT ALL. What is something I could look at here?
Note that on the Windows 10 Pro machine, it is a BRAND NEW FRESH install. There is nothing else on the machine except browsers. This is a brand new fresh install of the latest Windows with the latest Firefox.
I'm going to leave this here in case someone else has the same or similar problem:
I had installed my private key and certificate on the Synology server, but had failed to include the Intermediate Certificates in the package.
Apparently, Firefox maintains a separate Certificate Store from IE and Chrome, which already come with the necessary Comodo Intermediates.
On some machines, Firefox already had the necessary Intermediates, from other sites that had provided them, but on these other machines where Firefox was rarely used, it was basically a blank slate. After installing Intermediates Certificates on the Synology server, everything was fine.
We are developing a WP7 application which is connected to a server using OAuth. It's a low budget project. So, we are only using self signed certificates even on the production server. That worked fine for the android client.
Is there a chance to work with
unsigned certificates on WP7 also?
Is there a way to make the app work
out of the box with this kind of
certs? So, that the user doesn't
need to install the cert manually?
We failed to install the cert on the emulator. Did you have the same kind of problem? How did you solve it?
Does Microsoft allow apps with this kind of certs in their market
How to: Set up an Authenticated Web Service for Windows Phone on MSDN describes how to go about using authenticated services. According to SSL Root Certificates for Windows Phone, the only trusted certificate authorities are:
AOL (USA)
Comodo (USA)
DigiCert (USA)
Entrust (Canada)
GlobalSign (UK)
GoDaddy (USA)
Keynectis (France)
QuoVadis (Bermuda)
So I'd say that a self-signed certificate won't work.
Did you try using the emulator's browser to navigate to the .CER file that represents your self-signed root? That works on the physical hardware, and seems like it might work on the emulator as well. But you absolutely shouldn't expect to ship like this; a Go-Daddy cert is like $15/year.