I try to found answer for this stupid question, but didn't find it. I am having the error CSSMERR_TP_NOT_TRUSTED and I am trying to fix it.
My question is: What difference make put a "Certificates" in "Login" or in "System" in the "KeyChains" tab of "KeyChains Access" program? Is a good idea copy and paste all certificates in this 2 places?
Say things like: Certificates in Login is for use in login, and in system for system isn't the answer. :)
The System keychain is for System wide items. So if you were to have an identity for you laptop, that would be in your System keychain. Every user has access to it as well, so it's a good place for things like SSL certificates. It also takes admin credentials modify it.
On the flip side, you are the only person who can access your login keychain. It's actually locked with your account password. This is where your Apple Developer certificates should go. They are specific to you and identify a person, not a machine. Another big plus is that applications can request access to it without having admin credentials.
Related
I am migrating a few apps to App Signing, and to Android App Bundle. But since I'm not an account owner or account admin I can't do it.
In order to do it, you need to:
Upload the signing key (and optionally the upload key)
Accept the terms
The problem is that I am the developer, an admin only of my specific app. The terms have to be accepted by the account owner/admin. The account owner does not have the signing key, and shouldn't. So not sure how to proceed, as neither of us has all prerequisites for completing the process.
Q: Can the account owner somehow just accept the "Play App Signing Terms of Service", without having to upload a key?
P.S. There's the option to ask the account owner to make me account admin, which allows me to accept these specific terms (I'm currently only app admin). However, the account owner is not comfortable with giving me such high privileges, as they also have other apps on the same account. Not a solution.
Yes.
Ask Owner to go to Google Play Console, from left menu select Setup > App integrity
Click on Create release button
Then click on change app signing key
Choose use Google-generated key
Accept license agreement
And voila, now you can use it without admin privileges.
Note: This is tested many times before.
Can anyone help me with the following error message?
I have seen a few of these messages in Xcode (and on Stackoverflow) but not exactly this one. I have an admin role (but I am not the account holder). Does anyone know why Xcode has problems with the creation of the Developer ID Application certificate?
In Xcode I signed in with the admin account but still no success. Any help is highly appreciated!
The documentation on this is pretty clear from this chart (see https://developer.apple.com/support/roles/):
You are not the account holder so you do not have the ability to create Developer ID certificates. The Account Holder must create them. The certificate belongs to the team as a whole so you will be able to use it.
In my work we have users who access a Web based tool called Microstrategy that serves different reports from different projects. Users are added to various groups in the Developer tool by importing them from the selected domain they are on into a specific group that gives them access to only the project > report they require. Most users come from one main central domain, some others are still on old domains.
I am currently involved with admin on this system and I am experiencing a problem I cannot get to the bottom of. I think they problem lies in no man's land, I don't know if it is a problem with network, domain, or something else?
Most users will be set up with authenticated login, meaning that when they click on the respective link for their report they are logged straight in using their windows credentials.
In this particular case however the user does not seem to be able to login, but can get in by manually typing their username in (username and password) to access.
I'm not sure what the problem is, why it won't authenticate automatically like most of the others do? I don't know if this makes any difference but when I RDP into the machine I cannot see the C drive due to 'admin restrictions on effect on this pc'.
I don't know what this restriction is and if it is a symptom or related to the login problem. Is there a way of fault finding this?
Thanks
Andrew
The answer to this partly depends on the version of MicroStrategy you are using.
Forget about RDP to the server, you won't need that.
Assuming you have access to edit and change users with the Developer tool, open Developer.
In the tree on the left,
open the "project source" (the top level of the tree)
then Administration
then User Manager
then find the user, most likely within one of the groups you have set up
right click on the user and choose Edit
go to the Authentication section
There's a few relevant things here.
Is the user linked to a windows user? (they should be for the access you want)
Is the tickbox ticked "user cannot use standard authentication to logon"
You probably don't want to allow that if the standard at your workplace is auto login
I logged in keychain on my MacBook Pro El Capitan and click to show password but I get it encrypted like image below or XML like the other image. I can't figure out where the problem is. My password is correct and keychain is unlocked with it. So why it gives me the protected password or XML!
It's because it's not a password you typed but an application-made credential. The contents of a keychain item is not always a password you typed, and often in the case of Apple and other Cloud systems it's a token or OAuth ID that simply represents the fact that at some point you logged in somewhere and allowed a computer or app to access your account. From that point forward the app or computer you authorised uses a special key or token to act on your behalf.
The reason this is done is twofold:
Security: your password isn't stored and therefore can't really be 'stolen'. Since the token can be revoked from the other side (i.e. from your Apple ID or Google account) and usually is only valid for a specific computer it's not something you can 'steal' and use elsewhere as-is. It is still sensitive information that can be used to impersonate the trust between your account and the computer.
Ease of use (or, automation): if the application or computer you authorised needs to act on your behalf, it would be annoying to retype your password all the time. Using a special kind of authentication allows the computer or app to do certain things on your behalf, but not every possible action as there usually are limits to how many things it's allowed to do in your name before you have to re-authorise the ID with your password. So while your Apple ID can be used to receive iMessages once you are logged in, that same token won't allow some other app to 'read' your stored credit card information or change your email address.
Long story short: it's not a password (it's a token), it's not for you (it's for computers), it's a 'special ID' and it's for the apps that added it to the keychain to function in your name.
My application name is "Secret Photos". In my application I need store the photos secretly. I have done this part. Now I need to authenticate the user to view the photos. First time while opening the app I will get the password from the user. Now where can I save this password ?
In Library/Containers Folder or in Keychain ? If I store this password in Containers folder anyone can easily view my password.
I have seen similar applications in app store. I can't able to find where those applications are saving their passwords. I have fully checked the containers folder. They are not storing the passwords containers folder. Where those applications are saving their passwords ?
EDIT 1:
If I save passwords in Keychain means users can able to see the password(If they know the mac password). Moreover If the user launches the app it prompts for "Secret Photos wants to access your confidential information .... " I don't want this kind of message. I have seen apps that is storing the passwords somewhere else not in containers folder and in keychain.
You can see this app. This is a free app.
https://itunes.apple.com/us/app/secret-files-x/id740356582?mt=12
Keychain is the best place to store passwords. That way a user can sync it to iCloud and between Macs. He also can look it up in the keychain if he has forgotten the password. The documentation by Apple explains a lot more on using it: Apple documentation