Alert: this question is not for developers using Xcode, but for developers using "Codename One" to generate Apple certificates. If you don't know what I'm asking about, read here
I received an e-mail with subject "Action Needed: iOS Distribution Certificate Expires in 30 Days". Its body:
[...] Your iOS Distribution Certificate will no longer be valid in 30 days.
To generate a new certificate, sign in and visit Certificates,
Identifiers & Profiles.
Certificate: iOS Distribution
Team ID: xxxxxxxxxx
[...]
What have I to do with "Codename One" to renew this certificate? Have I to remove all generated iOS certificates (including Push certificates) and regenerate them? Thank you
You just need to re-run the certificate wizard and revoke the existing certificate. It will then generate new certificates for you that you can use when you resubmit your app.
Notice that this won't impact the app that's already in the store as Apple re-signs the apps when placing them in the store.
Related
Enhanced domains. Salesforce will rollout enhanced domains on all orgs in 2023 right. my sandbox is detecting the target org as "System is down!". How to solve this issues i need some articles for this issue.
Enhanced domains. Salesforce will rollout enhanced domains on all orgs in 2023 right. my sandbox is detecting the target org as "System is down!". How to solve this issues i need some articles for this issue.
Unclear question. Does the target org already has enhanced domains enabled? You can log in and check the release updates.
Are you doing some integration? Lightning Connect, REST API maybe? If you do - did you mess the initial login call up? If you hardcoded sandbox's name as mydomainname--mysandbox.my.salesforce.com then it's your fault. Yes, the integration will fail to find it after enhanced domains are on. You should never hardcode like that. You're supposed to send login calls to generic login.salesforce.com / test.salesforce.com and READ THE FINAL URL from login response (you already read access_token but probably ignore the instance_url which will be valid, whether enhanced domains are on or not).
I am trying to access the multiple communities in multiple salesforce sites with same connected-app but could not.
For example: I have created the two salesforce sites A and B. And created connected-app in A. To access rest API of A, i could authenticate with connected-app in A, But how to connect with B with using the same client_secret and client_id by differs in user_name and password?
Or is there any way to connect with REST API with username and password as creds?
Example: There is community_A1, community_A2 in Site A and community_B1 , community_B2 in Site B.
I need to access communities in both the Sites
This should work out of the box, what errors you're getting?
You can have 1 set of consumer key and secret and (if admin in target org didn't block it) you could use this to login to any SF in the world, sandbox or production, core SF or community.
Imagine being a developer of mobile app that pulls data from salesforce. You'd want to have just 1 pair of keys, not install separate key for every org people might install your app...
All org-specific stuff you need is username, password and login url. For community the login url will look like https://sandboxName-MyDomain.cs123.force.com/communityName
Once you have that, you can inspect all the OAuth2 stuff at https://sandboxName-MyDomain.cs123.force.com/communityName/.well-known/openid-configuration
Have you played with https://openidconnect.herokuapp.com/ ?
Paste your community url, for now keep the client and secret as is, click next. Login to community and keep clicking next. It should work fine and at the end - give you access_token / session id.
Now close this browser completely / open new incognito window and do it again. This time give your login url but also client and secret. Next, Next... Check the user's login history, it should mention your connected app now.
Now close this and do it last time, with the other community's login url and another user's credentials but still with your client and secret.
is there any way to connect with REST API with username and password
as creds?
Not for community. Internal users can get access in one go with https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_username_password_flow.htm&type=5 but community/experience users need this interactive login, there has to be a human consent / password typing step. And anyway it's not very secure flow. "Experience Cloud sites don’t support the OAuth 2.0 username-password flow."
In a pinch you could try the SOAP API's login method but from what I remember you may need to pass the community's Id in the message then
Connected-app is global metadata in salesforce. Once we create a connected-app in one org, then can access any salesforce site with the same client_id,client_secret, unless the admin has blocked the access.
I needed to add the custom profile into the community members to allow the access to the community via API (Community workspace -> administration -> members -> profiles.)
We wish to automate the process of applying a S/MIME certificate to Outlook so that it can be used for Signing and Encrypting of email. We want to be able to programmatically set security setting preferences for: the signing & encryption certificate and their corresponding algorithms.
Can we make use of Outlook MAPI or the Graph API for this purpose? Which call / field (group) should we use? Our preference is to use a C/C++ API.
For anyone trying to do the same, the following script is great (or a great place to start) for setting an S/MIME certificate to Outlook including the required settings.
https://github.com/glueckkanja-pki/PKI-Configuration-Tools/blob/master/ActivateSignatures.ps1
The scripts edits the registry entry which contains the Outlook security settings. You can run the Powershell script using 'system("start [...]")' or 'CreateProcess' for example.
To answer the subquestions: I have not found a way to do this through either Outlook MAPI nor Graph API. The registry entry is: HKEY_CURRENT_USER\Software\Microsoft\Office\"version, 16.0 for me"\Outlook\Profiles\"Profile Name"\c02ebc5353d9cd11975200aa004ae40e
I am trying to sign my small application, following this tutorial:
In the tutorial they did not ask me to purchase Microsoft Authenticode Certificates
I need to Removes "Unknown Publisher" security warnings; after I signmy msi and exe files I still have "Unknown Publisher"
Can I sign my msi or exe without purchasing Microsoft Authenticode Certificates?
I know that I can sign Java, Authenticode, and AIR apps free: https://www.globalsign.com/en/code-signing/code-signing-tool/
No you can't remove "Unknown Publisher" security warnings without purchasing a code signing certificate.
The tutorial link describes how to create a test certificate. Quoting the first paragraph "If you use a test (self-created) certificate, the installation dialogs will display an "Unknown publisher" message."
When you purchase a code signing certificate, the certifying authority takes certain steps to verify your identity. If those steps are passed, the certifying authority issues you a certificate signed by their private key. The private key is kept secret. When you install code signed software, the operating system extracts the code signature from the software and validates it against the public key provided by the certifying authority. This is a simplification, the actual check involves a chain of certificates. But the key point is: if you use a self signed test certificate, the operating system has no knowledge of the public key of the self signed test certificate so cannot validate against it.
I recently had a computer crash, and all those secure key files I create/downloaded got wiped out since I had to reinstall everything on my new computer.
Now when I try to archive my code base, I get an error saying that "no provisioning files were found with a signing identity." Here is the screen shot of the error:
Then I click "fix it" but it always comes back to this error. I think it is because my keychain access got wiped out. Would anyone know the steps to reset my keychain access with the correct settings?
Thanks!!
You need to revoke all certificates in apple developer center and issue them again. Each certificate has a private key which is stored only in your (issuer) keychain, since you lost your keychain there is no way to return those private keys (other than if you had a backup)
Go to "Certificates, Identifiers & Profiles" section of Member Center. On the left hand menu bar click on "Certificates". Make a list of certificates (hopefully you have one or two). Revoke them one by one. And create them again. You will need to create a certificate request file (.certSigningRequest) from your keychain.
Here is a good article about creating certificates:
http://www.aquafadas.com/en/documentation/sample-page/developer-apple-com-2/generating-your-development-certificate/
Please make sure that you also downloaded the intermediate apple certificate which is available inside member center|certificate section. You will notice the link when you creating new certs.
If someone else was publishing/testing apps using your account you need to share the private key with them.
Here is another article from same site explaining how to export certs with private keys:
http://www.aquafadas.com/en/documentation/sample-page/developer-apple-com-2/how-to-share-an-apple-certificate-and-its-private-key/
PS. I used google to find out above article and both happened to be from same website!