How to delete/remove certificates from Mono certificate stores My and Trust?
- How to remove the certificate from the stores (My,CA,Trust etc)?
Running this command:
certmgr -del -c -v -m Trust CERTHASH
Where CERTHASH is the number in Unique Hash
(you can extract this value running certmgr -list -c -v -m YOURSTORE
, see example at the end of my answer):
- Where is Mono storing the certificate details in the system?
In some of these paths:
/usr/share/.mono/certs/
~/.config/.mono/certs/
Examples:
Add new certificate to Trust
store (valid stores are: My
, AddressBook
, CA
, Trust
and Disallowed
):
me@myserver:~$ certmgr -add -c -v -m Trust google.cer
Mono Certificate Manager - version 3.2.6.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD licensed.
1 certificate(s) added to store Trust.
List certificates:
me@myserver:~$ certmgr -list -c -v -m Trust
Mono Certificate Manager - version 3.2.6.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD licensed.
X.509 v3 Certificate
Serial Number: 7CBE60802548D325
Issuer Name: C=US, O=Google Inc, CN=Google Internet Authority G2
Subject Name: C=US, S=California, L=Mountain View, O=Google Inc, CN=*.google.com
Valid From: 10/09/2014 14:03:47
Valid Until: 09/12/2014 0:00:00
Unique Hash: 4D348D0E4028C850A7C783413571111E8E3BD9DE
Key Algorithm: 1.2.840.113549.1.1.1
Algorithm Parameters: 0500
Public Key: 3082010A02820101008886AADB2DAFB37AB6209979B263A41A0B9F18403D0FBBD3DFF01C97DD848ABF1CA1F4AC369E2BF3646F8F4ECA5CDE09B4315A21472137C886C80AAE5D9043135AAD18F0E8FA2CA3D0D49A68D641DCC8D33C272E4B3025A312B436B57098E2F502A2DCE8BFA206023EBD0A7169520437D4DCAF6411AFEDD58C4F75175D045FA4D6D0AD6ADA4523D03E143A3A96A5E43D1C524555A343215C41719D172019C9F32C18F25745872BC80D8602AA793D15EDB01B37CF5CCD4E7C755063D24B8B6BD1A4E42390D36FC64DB5D23B8B3E9CEB2138EF21BB1300DB09F49E91EF961F78F4B4B6B7651C9012758B0D1290C5DD55B577A096270FA288B571B7F2217B9E97070203010001
Signature Algorithm: 1.2.840.113549.1.1.5
Algorithm Parameters: 0500
Signature: 39250E018CA35E143782C4A3DCD416D7C36BFDE91C20936AF691478B5C15733AA17127687656B702EBFCE79D3C8C5A69A40B75AD797E0E3435688F7B5145699990A2F7330C5437D404E94CD9D596CBB7005661EC27AB4A21541510F3CC6B9020CDEC703AF3BCFCA0BEC6799AF93C1FE0CC25FAABA28F2F06362616C4C44164CDE3C78A7CF6D6F025BFA79476664FB0565C5FC5C9864D9B49078FE34B915CC40DE5B36C4D1E631F944B103CDF8F9CD87F19566AA7B4AFC16981EE2FF3B7FC8236CE722D976F9A8FD3A76B80828B59CE8381260276966892AC3693014CA4559189656EFCB26D90C2B363758E1EAD458AD79885E2B2BFC1CAE883E89882BE3BBA19
Private Key: False
KeyPair Key: False
Remove certificate:
me@myserver:~$ certmgr -del -c -v -m Trust 4D348D0E4028C850A7C783413571111E8E3BD9DE
Where is Mono installing the X509 certificates in Linux?
If I read the mono sources right, certificates should by default be in ~/.config/.mono/certs
but I don't have any to check.
Mono.Security.Protocol.Tls.TlsException Received 0 bytes from stream in MVC under Mono
After inspecting logs, I've noticed that the system date was set to to 01/01/1970. After updating the date and restarting Apache, everything worked. I guess in my case the NTP was updating the date/time on boot every time and without internet connection was falling back to Unix epoch.
Mono https webrequest fails with The authentication or decryption has failed
Mono does not trust any certificate by default, to import the Mozilla trusted root authorities you can run mozroots --import --quiet
in the mono installation folder where mozroots.exe is located
How can I make git accept a self signed certificate?
To permanently accept a specific certificate
Try http.sslCAPath
or http.sslCAInfo
. Adam Spiers's answer gives some great examples. This is the most secure solution to the question.
To disable TLS/SSL verification for a single git command
try passing -c
to git
with the proper config variable, or use Flow's answer:
git -c http.sslVerify=false clone https://example.com/path/to/git
To disable SSL verification for all repositories
It is possible to globally deactivate ssl verification. It is highly recommended to NOT do this but it is mentioned for completeness:
git config --global http.sslVerify false # Do NOT do this!
There are quite a few SSL configuration options in git
. From the man page of git config
:
http.sslVerify
Whether to verify the SSL certificate when fetching or pushing over HTTPS.
Can be overridden by the GIT_SSL_NO_VERIFY environment variable.
http.sslCAInfo
File containing the certificates to verify the peer with when fetching or pushing
over HTTPS. Can be overridden by the GIT_SSL_CAINFO environment variable.
http.sslCAPath
Path containing files with the CA certificates to verify the peer with when
fetching or pushing over HTTPS.
Can be overridden by the GIT_SSL_CAPATH environment variable.
A few other useful SSL configuration options:
http.sslCert
File containing the SSL certificate when fetching or pushing over HTTPS.
Can be overridden by the GIT_SSL_CERT environment variable.
http.sslKey
File containing the SSL private key when fetching or pushing over HTTPS.
Can be overridden by the GIT_SSL_KEY environment variable.
http.sslCertPasswordProtected
Enable git's password prompt for the SSL certificate. Otherwise OpenSSL will
prompt the user, possibly many times, if the certificate or private key is encrypted.
Can be overridden by the GIT_SSL_CERT_PASSWORD_PROTECTED environment variable.
Related Topics
Copy and Overwrite a File in Shell Script
Openssl/Rsa - Using a Public Key to Decrypt
Any Good Guides on Using Ptrace_Sysemu
How to Convert Dynamically Linked Application to Statically One
Angular Cli App Not Running When Deploying to Linux App Service
Get Subnet Mask in Linux Using Bash
Jenkins/Hudson Ci Minimum Requirements for a Linux Rh Installation
Open Eclipse Juno with Error "No More Handles ..." in Ubuntu 12.04
How to Get a Bash Script Working on Freebsd, Openbsd and Linux Without Modifying It
Deploying War in Jboss 7.0.1 Through Commandline
Installing Gcc from Source on Alpine
How to Translate X11 Keycode Back to Scancode or Hid Usage Id Reliably
What Ncurses Frameworks Are Available for Bash
Difference Between a Stripped Binary and a Non Stripped Binary in Linux
Docker Run a Shell Script in The Background Without Exiting The Container