Managing Certificates for Application Testing

证书管理与应用签名
最新推荐文章于 2025-12-06 18:15:59 发布
原创 最新推荐文章于 2025-12-06 18:15:59 发布 · 1.2k 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#application #testing #file #windows #import #command

本文介绍了如何管理和使用测试证书,包括将证书添加到个人证书存储和个人设备中,确定设备的安全配置,查询设备证书存储中的证书,以及应用程序的测试和分发签名。此外,还详细说明了数字证书文件的导入、导出及查看过程。


A.     Adding Test Certificates to the Certificate Store and Devices

You need to add test certificates to the following:

Personal certificate store on the computer used to develop applications

Windows Mobile-based device

You add certificates to the device by using the RAPIConfig.exe application and a provisioning .xml file.

To add the certificates to the personal certificate store

For the privileged certificate, open Windows Explorer and double-click the TestCert_Privileged.pfx file located at C:/Program Files/Windows CE Tools/wce500/<platform>/Tools.

Click Next three times. A password is not associated with this certificate.

Confirm that Automatically select the certificate store based on the type of certificate is selected, and then click Next.

Click Finish.

For the unprivileged certificate, double-click the TestCert_UnPrivileged.pfx file located at C:/Program Files/Windows CE Tools/wce420/<platform>/Tools, and then repeat steps 2–4.

To add the certificates to the device

Connect the Windows Mobile-based device to the computer using ActiveSync.

Open a command prompt window, and change to the folder that contains the RAPIConfig.exe application and the sdktestcerts.xml file. The files are located at C:/Program Files/Windows CE Tools/wce500/<platform>/Tools.

At the command prompt, type RAPIConfig.exe /p sdktestcerts.xml, and then press ENTER.

B.     Determining the Security Configuration of the Device

If the device security configuration requires signed binary files and the application binary files are unsigned, the application will not run. You can use provisioning XML and the SecurityPolicy Configuration Service Provider to determine the security configuration of the device.

C.      Querying for Certificates Contained in the Device Certificate Store

If your application fails to install or run, it may be signed with a certificate that does not match any of the root certificates contained in the device certificate store. You can use provisioning XML and the CertificateStore Configuration Service Provider to determine which certificates are contained in the certificate store.

To query for certificates contained in the device certificate store

Create the provisioning XML document.

Save the XML document as an ASCII file.

Add the .xml file to an installation .cab file by doing the following:

Open a command prompt window and change to the C:/Program Files/Windows CE Tools/wce500/Windows Mobile 5.0 Pocket PC SDK/ folder for Pocket PC, or C:/Program Files/Windows CE Tools/wce500/Windows Mobile 5.0 Smartphone SDK/ folder for Smartphone.

Run the makecab.exe tool as follows:

For Windows Mobile-based Smartphones: makecab XML file name myprovxml.cab

For Windows Mobile-based Pocket PCs: makecab /D COMPRESS=OFF XML file name myprovxml.cab

Note   /D COMPRESS=OFF turns off file compression, which Windows Mobile software for Pocket PCs requires.

Sign the .cab file using signtool.

D.    Signing Applications for Testing and Distribution

You sign .cab and binary files using signtool.exe. This will enable you to certify and distribute the application through the Microsoft Mobile2Market program.

E.      Importing and Exporting Test Certificates

a)      Installing the PVK Digital Certificate Files Importer

You can use the PVK Digital Certificate File Importer tool for packaging import and export certificate files.

To download and install the PVK Digital Certificate Files Importer

Download the PvkImprt.exe setup program, located at PVK Digital Certificate Files Importer.

Double-click the file.

Follow the instructions on the screen.

You can also use the command line to install for the application. The following example shows the syntax for installing from the command line.

pvkimprt [option]

The following table shows the command line options for the installation.

Option

Description

/Q

Quiet mode for the installation package

/T:<full path>

Specifies a temporary working folder

/C

When used with the /T option, extracted for folder specified

/C:<Cmd>

Overrides the install command defined by author

b)     Importing Digital Certificate Files into the Personal Certificate Store

You can import the digital certificate files (.cer or .spc file and a .pvk key pair file) into the personal certificate store on a computer by running PVK Digital Certificate Importer (PvkImprt.exe) with the -IMPORT option.

To import the digital certificate files into the Personal certificate store

Open a command prompt window.

Type PVKIMPRT -IMPORT and the full path of the .cer or .spc file and a .pvk file.

The following example shows the syntax for using PvkImport.exe to import the .cer or .spc file and a .pvk key pair file:

<full directory path/>PvkImprt -import <full directory path/><.spc or .cer file> ,<full directory path/><.pvk file>

In the following example, the TestCert_Privileged.cer and TestCert_Privileged.pvk files are imported:

C:/SDK/Tools/pvkimprt -import C:/SDK/Tools/TestCert_Privileged.cer C:/SDK/Tools/TestCert_Privileged.pvk

Click Next, and then select Place all certificates in the following store.

Click Finish.

The import was successful message displays.

To confirm that the import was successful, view the certificate in the personal certificate store.

 

 

c)      Packaging Digital Certificate Files for Export

You can package digital certificate files (.cer or .spc and .pvk) in a .pfx file. A .pfx file is encrypted according to the PKCS #12 standard and a single password helps protect a .pfx file. Packaging enables you to back up the files and import them into the personal certificate store on another computer.

Run the PvkImprt tool from the directory you installed it in, or supply the complete path to the install directory.

To package digital certificate files in a .pfx file for export

Open a command prompt window.

Type PVKIMPRT -PFX and full path of the .cer or .spc file and a .pvk file.

The following example shows the syntax for packaging files in a .pfx file:

<Full directory path/>pvkimprt -PFX <Full directory path/><.cer or .spc file name> <Full directory path/><.pvk file name>

In the following example, the TestCert_Privileged.cer and TestCert_Privileged.pvk files are packaged in a .pfx file:

pvkimprt -PFX c:/SDK/Tools/TestCert_Privileged.cer c:/SDK/Tools/TestCert_Privileged.pvk

Click Next.

Select Yes, export the private key, and then click Next.

Select Enable strong protection, and then click Next.

Select Personal Information Exchange - PKCS#12 (.PFX).

Type the password you want to use to help protect the file, and then click Next.

Type the file name or click Browse to select the file, and then click Finish.

d)     Viewing Certificates in the Personal Certificate Store

You can use Microsoft Internet Explorer to view certificates in the personal certificate store.

To view certificates using Internet Explorer

Open Internet Explorer.

On the Tools menu, click Internet Options.

Click the Content tab, and then click Certificates.

Click the Personal tab to view the certificates in the personal certificate store

You should have access rights to the private keys of all certificates in the personal certificate store. You can determine whether you have access rights to a private key by double-clicking a certificate to view the certificate information.

e)     Troubleshooting the PVK Digital Certificate Files Importer

Due to a difference in default key lengths between Microsoft® Windows® Millennium, Microsoft® Windows® XP and other versions of Windows, the PvkImprt.exe tool may fail when used to import keys between Windows Millennium or Windows XP and other Windows platforms. You can solve this problem by doing the following:

Use PvkImprt.exe to export the .pvk and .spc or .cer files as type .pfx on a Windows platform that is the same as the one on which the keys were generated. For example, if the key pair was generated on a Windows Millennium or Windows XP computer, perform the .pfx export on a Windows Millennium or Windows XP computer.

Once the keys have been exported as type .pfx, they can be imported on any Windows platform using a certificate import tool. For example you could import the files by using the Certificate Import Wizard.

 

 

 

 

Dlanguage
关注
项目管理: Agile实践方法与工具介绍
AI天才研究院
08-11 622
作者:禅与计算机程序设计艺术Project management (PM) refers to the process of planning and organizing projects that involve diverse stakeholders with varied roles and responsibilities. In this article, we will explore several agile methodologies and tools in project mana
OpenNESS & OpenVINO Demo 部署
烟云的计算
11-11 3817
目录 文章目录目录部署架构部署 Edge Controller基础配置配置 Proxy配置防火墙Install necessary packageInstall MySQLInstall DockerInstall Docker Compose重启服务器部署 Controller 微服务下载 controller code repo配置各类文件,加入 Proxy URLBuild the cont...
pvkimprt.exe证书导出工具
09-08
pvkimprt.exe证书导出工具,证书导出工具用于将.spc和.pvk文件导出为pfx证书文件。直接安装,不需要解压缩,导出时,会提示创建证书的密码 输入正确的密码后,出现导出向导界面,点击下一步,选择“是,导出密钥”,然后点击下一步, 出现证书类型选择界面,选择“个人信息交换 - PKCS #12(.PFX)(P)”(只有这一种可选,并且其下面的选项均不选择),再点击下一步, 出现私钥保护密码选项,输入密码,然后点击下一步,在文本框中输入要生成的文件名(一般与证书名称一致,最后得到的文件名后缀是.pvk),点击下一步 显示完成窗口,并显示导出证书的信息。
pvkimprt.exe
06-24
本资源为压缩文件,需解压安装到您机器上,功能介绍:使用PVKIMPORT把SPC和PVK转PFX格式
pvk程序用于证书格式转换
06-25
用于将X509PEM证书转证PVK及SPC格式
如何将.spc和.pvk转换成.pfx格式
05-26
NULL 博文链接:https://mimmy.iteye.com/blog/520604
.pfx文件转为.pvk和.spc文件的办法
我的编程之旅
06-08 5524
<br />以前从Verisign购买的证书都是.pvk+.spc文件,这次却得到一个.pfx文件,而inetsdk的SignCode.exe是使用.pvk+.spc文件的,只好去找工具来进行提取了。<br /><br />工具准备:首先需要OpenSSL,可以从这里下载。另外还需要pvk.exe,可以从这里下载。<br />用以下命令:<br />1) 从 PFX 文件提取私钥<br />->openssl pkcs12 -in (pfx-file) -nocerts -nodes -out (pem-k
Preparing for Application and Service Deployment-Application Life Cycle Management for Windows Azure
riverlau的专栏
01-02 555
http://msdn.microsoft.com/en-us/library/ff803362.aspx December 6, 2011 This chapter outlines an application life cycle management approach for Windows® Azure™ technology platform applications.
TYPES OF TESTING
emilyzhang98的专栏
02-24 1721
TYPES OF TESTING 1.  Black Box Testing. 21.1 FUNCTIONAL TESTING.. 21.2 STRESS TESTING.. 21.3 LOAD TESTING.. 31.4 AD-HOC TESTING.. 31.5 EXPLORATORY TESTING.. 31.6 USABILITY TESTING..
Detailed Protocol for Testing an iPad with a RAT (Remote Access Trojan) and Cloud Command and Contro
weixin_65409651的博客
08-07 512
【代码】Detailed Protocol for Testing an iPad with a RAT (Remote Access Trojan) and Cloud Command and Contro。
Managing the server
znznznlt的博客
01-26 399
Managing the server manage.py commands login to the server and change to the /edx/app/edxapp/edx-platform directory to use manage.py list all manage.py commands - sudo -u www-data /edx/bin/
Office Web Apps and Skype for Business Integration
徐火军博客
06-17 4363
This article addresses the deployment of a single Office Web Apps 2013 Server and subsequent integration with an existing Skype for Business (SfB) Server 2015 environment.  The environment and example
13、Anthos: Empowering Hybrid and Multicloud Application Deployment
jupi8的博客
08-19 89
这篇博文深入探讨了Google Anthos如何赋能混合云和多云环境下的应用部署与管理。内容涵盖了从应用构建、部署、策略执行到服务管理的完整流程,并详细介绍了Anthos的关键组件,如Cloud Build、Artifact Registry、Google Cloud Marketplace和Migrate for Anthos。此外,还讨论了在不同应用场景下Anthos的架构设计、优势及限制,包括高可用性应用、地理分布式应用、互联网接入的混合多云应用以及受法规约束的应用。总体而言,Anthos提供了一整套
22、Appendix B: Acronyms - A Comprehensive Guide for IT Professionals
qsc9012345的博客
06-07 83
This comprehensive guide explores the most common IT acronyms relevant to CompTIA A+ certification and beyond. It covers hardware, networking, operating systems, security, troubleshooting tools, and advanced technologies such as cloud computing and softwar
91、Web Applications, Software, and Programming Security Insights
yhn4567890的博客
10-06 34
本文深入探讨了Web应用、软件及编程安全的关键议题,涵盖主要威胁如网站篡改、DoS攻击、欺诈与网络入侵,并分析了应用层攻击的成因。文章详细介绍了Web应用保护措施,包括服务器加固、输入验证、会话管理以及OWASP框架的应用。同时,讨论了软件开发中的安全需求、开源与全披露争议、编程语言安全特性,以及面向对象和分布式系统的安全实践。最后,展望了人工智能驱动攻击、物联网漏洞等新兴威胁,并提出零信任架构、区块链和机器学习等应对技术,强调遵循GDPR和ISO 27001等行业标准的重要性,为构建全面的数字安全生态提供
如何制作.pfx数字证书
一切尽在积累
01-19 1万+
使用VS2005自动创建的.pfx数字证书默认有效期只有一年,并且“颁发者”、“颁发给”均为当前机器名和当前登陆用户名的组合,其实我们完全可以创建更友好的.pfx数字证书。 打开Microsoft.NET Framework的SDK命令提示,详细操作步骤如下: 1、创建一个自己签署的X.509证书.cer和一个私钥文件.pvk,用到.NET自带的makecert工具,命令如下:
Dynare的下载、安装和使用
热门推荐
u013313168的专栏
03-31 1万+
Quick Start For those who want to quickly have something running, this page explains how to setup Dynare on Windows and to run your first model file. To run Dynare, you have the choice between r
linux下安装软件包的方法
Allen
08-02 1367
There are several ways of installing softwares in linux and they are described in many tutorials. this tutorial will cover most of the processes of installing softwares in a linux system. Online inst
二叉树的层序遍历:4道例题讲解
最新发布
wxy963的博客
12-06 918
429. N 叉树的层序遍历 - 力扣(LeetCode)先来看这道题:因为层序遍历的本质是按 “层” 的顺序处理节点:先处理第 1 层(根节点),再处理第 2 层(根的所有子节点),接着处理第 3 层(第 2 层每个节点的子节点)…… 而队列的特性是 “先进先出”,刚好能匹配这种 “按顺序处理、按顺序传递下一层节点” 的逻辑:由于队列本身是 “连续的节点”。 那么我们在处理的过程中很可能出现下面这种情况: 当前层节点还没处理完时,下一层节点已经在往队列里加了。 如果我们不记录 “当前层有多少个节点”,那么
Exception managing chrome: error sending request for url
08-16
在使用 Chrome 浏览器或基于 Chrome 的自动化工具(如 Selenium)时,出现 `error sending request for URL` 异常,通常与网络请求失败、版本不兼容、驱动程序配置不当或远程服务不可用有关。以下是常见的原因及对应的解决方法。 ### 1. ChromeDriver 与 Chrome 浏览器版本不兼容 当使用的 `ChromeDriver` 版本与当前安装的 `Chrome` 浏览器版本不匹配时,会导致 `SessionNotCreatedException` 或请求失败的问题。例如,若 `ChromeDriver` 支持的是 Chrome 121,而系统中安装的是 Chrome 130,则会提示版本不兼容 [^2]。 **解决方法:** - 确认当前 Chrome 浏览器的版本(可在 `chrome://settings/help` 查看)。 - 下载与该版本匹配的 [ChromeDriver](https://googlechromelabs.github.io/chrome-for-testing/)。 - 替换旧的 `chromedriver.exe` 文件,并确保其路径未被其他旧版本污染。 ### 2. 网络请求失败(如访问 `known-good-versions-with-downloads.json` 失败) 自动化工具在启动时可能尝试访问远程资源(如 `https://googlechromelabs.github.io/chrome-for-testing/known-good-versions-with-downloads.json`)以获取兼容版本信息。如果网络连接受限、代理配置错误或防火墙拦截,会导致请求失败 [^1]。 **解决方法:** - 检查网络连接是否正常,尝试手动访问上述 URL。 - 如果使用了代理,确保在代码或系统中正确配置代理设置。 - 在代码中禁用自动检查版本(如通过设置 `options.add_argument('--disable-background-networking')`)。 ### 3. ChromeDriver 路径冲突 系统 `PATH` 环境变量中可能包含多个 `chromedriver.exe`,导致程序加载了错误的驱动程序版本,从而引发兼容性问题 [^1]。 **解决方法:** - 检查系统 `PATH` 中所有包含 `chromedriver.exe` 的路径。 - 删除或重命名旧版本的 `chromedriver.exe`。 - 在启动脚本中显式指定正确的 `chromedriver` 路径,例如: ```python from selenium import webdriver options = webdriver.ChromeOptions() driver = webdriver.Chrome(executable_path='/path/to/correct/chromedriver', options=options) ``` ### 4. Plausible.io 请求失败(如统计信息发送失败) 某些自动化工具会尝试将使用情况统计信息发送到远程服务(如 Plausible.io),如果该服务不可达或被屏蔽,会抛出 `Error sending stats` 类似的异常 。 **解决方法:** - 如果不需要统计功能,可以在启动时禁用相关设置。 - 对于 Selenium,可以尝试添加如下参数: ```python options.add_argument('--disable-usage-statistics') ``` ### 5. 驱动程序或浏览器被安全软件拦截 某些杀毒软件或防火墙可能会拦截 ChromeDriver 与浏览器之间的通信,导致连接失败。 **解决方法:** - 暂时关闭杀毒软件或防火墙进行测试。 - 将 `chromedriver.exe` 和浏览器添加到信任列表中。 ### 6. 使用无头模式时的额外配置问题 如果使用了无头模式(headless),某些网站可能会检测到自动化行为并阻止请求。 **解决方法:** - 添加如下参数以规避检测: ```python options.add_argument('--headless=new') options.add_argument('--disable-blink-features=AutomationControlled') options.add_argument('--no-sandbox') options.add_argument('--disable-dev-shm-usage') ``` ---
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值