is there any way to export .pfx certificate files to a key vault using ARM Templates. I found on github that we can add secrets and even certificates by adding the content-type property and the base64-encoded representation of the certificate. But in my case I would like upload the pfx file.
Is this possible?
Thanks
No, this isn't exposed to the arm templates yet. You can create secrets, thou. That's about it.
If you base 64 encode the certificate and then insert it as a secret with the content type application/x-pkcs12 it should work.
Related
I exported my azure SQL Managed instance to a Bacpac file using SQLPackage, Now I want to store it on a azure file storage. Before I want to copy the bacpac to the file storage, I want to encrypt it using a Secret from Azure key vault. SQLPackage does not have any encryption functionality, does anyone know a good tool I can use to encrypt the bacpac file before copying to the file storage? Preferably a tool I can call in my ps1 (powershell) script. I want to use the same tool to decrypt the bacpac file again once downloaded from the file storage.
The official approach is to use client-side encryption. However, there is no existing tools. You may write a program to upload the encrypted content and download the decrypted content.
Here are two official client=side encryption samples:
.NET sample: https://github.com/Azure-Samples/storage-dotnet-client-side-encryption
Java sample: https://github.com/Azure-Samples/storage-java-client-side-encryption
I found this question about how to use a self-signed certificate with ActionMailer on stackoverflow.
According to an answer, it can be done with the code below.
config.action_mailer.smtp_setting = {
...
ssl: true
enable_starttls_auto: false,
openssl_verify_mode: OpenSSL::SSL::VERIFY_PEER,
ca_file: "/etc/ssl/certs/ca-certificates.crt",
...
}
As you can see, a ca_file can be specified with this line ca_file: "/etc/ssl/certs/ca-certificates.crt".
Though the answer is really concise and helped me figure out how to send emails with a self-signed certificate using ActionMailer, it still left me the two following questions.
1) Is it possible to set more than one ,in my case three, different self-signed certificates? If the answer is yes, how?
2) Is it possible to use a .der file as a self-signed certificate instead of a .crt file? or Should I always convert a .der file into a .crt file when I use it as a self-signed certificate?
I couldn't find much information regarding this matter, I would appreciate any help!!
1) Is it possible to set more than one ,in my case three, different self-signed certificates? If the answer is yes, how?
The ca_file can contain multiple CA certificates in PEM format. Just put them one after each other into the file, i.e. cat cert1.pem cert2.pem > ca.pem. Make sure that each of the input files has a line end at the end though.
2) Is it possible to use a .der file as a self-signed certificate instead of a .crt file? or Should I always convert a .der file into a .crt file when I use it as a self-signed certificate?
DER and PEM are both essentially the same data only with a different encoding (binary vs. base64 with some ASCII envelope) and it is easy to convert one into the other. ca_file expects a list of PEM, not DER.
I'm trying to create a pass to add into apple wallet. I have my file ready and I want to convert the file into .pkPass file.
I tried using 'signinpass' tool from 'https://developer.apple.com/download/more/?name=Passbook' and ran on Xcode but i'm not able to generate .pkpass file.
I know that .pkpass is just a zip file so can anyone advise me on how to sign manifest file, which has key/value pair of files and its hashcode with its pass certificate?
I got it. I used 'SignPass'and used {path}/signpass -p {passfile}.pass/ -c { pass cert}
provided in
'https://developer.xamarin.com/samples/monotouch/PassKit/' and went through
'https://developer.xamarin.com/guides/ios/platform_features/introduction_to_passkit/'
and was able to generate .pkpass
I am generating pdf using wicked_pdf and I am also using prawntable for pdfs which needs to be password protected. Since wicked pdf doesnt supports password protected pdf generation.
Is there any way to add a digital signature which is in .pfx format to pdf.?
Passwording pdf files vs digitally signing them
Passwording a pdf file encrypts the file. You will need to find a pdf library/toolkit to do that for you. If you can't find one with a ruby API, then you can call it as a command from ruby. The latter is not as elegant but works fine. (Be sure to catch and handle errors.)
Digitally signing a pdf is completely different than encryption. The result of signing is a pdf with one or more digital signatures. You use either a library to sign a file locally or, for a more dependable system, sign the file via a dedicated appliance that also holds the signer's private key and certificate.
Unlike password protection/encryption, anyone who receives a digitally signed pdf file can read the file's content. The digital signatures provide the relying party (the recipient) with assurances about:
the identity of the person who signed the file
the integrity of the file (confirming that it wasn't changed since signing)
the non-reputability of the file (confirming that the signer can't claim that they hadn't signed the file)
An important issue is that having a signer's private key on the file system of a regular computer/server is not secure enough to provide any guarantee against repudiation by the signer--she could truthfully say that there is no way to assure that her "signature" was not forged by un-authorized use of the pfx file.
The Origami library has a very basic support for PDF digital signatures and there is sample code for this at https://github.com/gdelugre/origami/blob/master/examples/signature/signature.rb.
A couple of months after installing successfully the BlackBerry signature key for signing my application, I have lost my private key. How can I retrieve it?
I have already sent an email to BlackBerry developers' support, but they're really slow in replying.
Search your hard-drive or trash-bin for sigtool.* :
You need to find sigtool.csk and sigtool.db. If you can find these files you can copy them to your Components\bin folder. For example:
C:\eclipses\BB1.1.2\plugins\net.rim.ejde.componentpack6.0.0_6.0.0.29\components\bin
Or you can use the Import Key Feature of the Blackberry Plugin and point it to these files.
If you can't find these files, then you need TechSupport to resend you the three CSI files for creating your keys. Note, after you create a key-set with these csi files they are useless, so you can't use them to recreate new keys later.
I suggest backing up the sigtool files after you find/recreate them.
Good Luck mate!