I have literally tried every single possible thing on every single post on this website and my app still gets rejected by the Invalid Binary Error. I am using a valid distribution certificate. Any idea? Using xCode 3.2.6 with ios 4.3. I have literally gone over the guide on the dev portal at least 20 times and I just need help!
Invalid Signature - Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose "Clean All" in Xcode, delete the "build" directory in the Finder, and rebuild your release target.
Related
I've been trying to follow the
Setting Up Stackdriver Debugger for Java applications on Google Compute Engine, but am running into issues with Stackdriver Debug.
I'm building my .war file from a separate build server, then deploying it to my GCE server. I added the agent to the start command via /etc/defaults, and my app appears in the https://console.cloud.google.com/debug control panel. The version I set in the run command matches the revision that shows up in the source-context(s).json files.
However when I click open the app, I see the message that
No source version information was provided by the deployed application
I connected the app's git repo as a mirrored cloud repository, and can browse the source files in the sidebar of the Stackdriver Debug page. But, If I browse to a file and add a breakpoint I get an error that the error "File was not found in the executable."
I have ran the gcloud preview app gen-repo-info-file command, which created two basic json files storing my git repo and revision. Is it supposed to do anything else?
I have tried running jetty using both normal and extracted modes. If I have jetty first extract the war file, I can see the source-context.json filesin the WEB-INF/classes directory.
What am I missing?
https://github.com/GoogleCloudPlatform/cloud-debug-java#extra-classpath mentions
you can update the agentPath showing your WEB-INF/class directory.
-agentpath:/opt/cdbg/cdbg_java_agent.so=--cdbg_extra_class_path=/opt/tomcat/webapps/myapp/WEB-INF/classes
For multiple class paths:
-agentpath:/opt/cdbg/cdbg_java_agent.so=--cdbg_extra_class_path=/opt/tomcat/webapps/myapp/WEB-INF/classes:/another/path/with/classes
There are a couple of things going on here.
First, it sounds like you are doing the correct thing with gen-repo-info-file. The debugger agent should pick up the json files from the WEB-INF/classes directory.
The debugger uses fuzzy matching to find source files, so as long as the name of the .java file matches a file in your executable, you should not get that error.
The most likely scenario given the information in your question is that you are attaching the debugger to a launcher process, rather than your actual application. Without further details, I can't absolutely confirm that, though.
If you send us more details at cdbg-feedback#google.com, we can look more closely at your case to see if we can understand exactly what's happening, and potentially improve our documentation, since it sounds like you followed the docs pretty closely.
Upgraded Telerik in my ClickOnce application to version 2014.3.1202.40. (Never sure of the best way to do this. After the install, all my references to Telerik controls was broken and I had to remove all Telerik references in each of the projects and re-add them. So, I may be upgrading in the wrong way. But that's another matter.)
I deploy my app to a staging folder on my web server before moving to production. The app is signed with a commercial code signing certificate from Comodo that doesn't expire until 2019. I've uploaded new versions many times with no problem. But now, since I upgraded the Telerik controls, I can't download the and install the application. Here's what happens:
In Chrome, I enter the url: http://porpoiseanalytics.com/PorpoiseStaging/setup.exe
I get the "Not commonly downloaded" warning where I never got that before. I don't get any error on Firefox nor on IE.
If I tell Chrome to keep the file, I can start it. The installation starts on all the other browsers too.
About 3/4 of the way through the download of the files, Avast blocks it with DRep virus (I'm guessing lack of reputation). If I turn off Avast, it installs fine. ClickOnce install log shows an error: "Exception occurred loading manifest from file [application].exe: the manifest may not be valid or the file could not be opened."
Why is my application suddenly acting like it has no reputation when it's been downloaded for months with no problems. But, after I modify the application in VS2010 and then remove and re-add the Telerik dll's, I suddenly have no reputation. And what makes matters worse, is that now my production download located at ttp://porpoiseanalytics.com/PorpoiseDownload/setup.exe is suddenly acting the same way.
I admit I don't have a good enough understanding of reputation, signing, and clickonce. But I do know that whereas before we were fine, after deploying the application, we're flagged as malicious software. I made a few code changes in the program (not many), but I also replaced the Telerik dlls. Probably has something to do with signing and publishing, but I can't figure it out. Please help. Thanks.
I think I figured it out. Although I had signed the manifest in the main UI project (the installer), the executable was not signed. With some help, learned how to do that:
Download the Windows 7 SDK with signtool.
In Visual Studio, open project properties in the main UI project.
Open the Compile tab and click on the Build Events button.
In the post-build events, enter:
"C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\signtool.exe" sign /f "$(ProjectDir)[name of code cert file]" /p "[password]" /t http://timestamp.comodoca.com/authenticode "$(ProjectDir)obj\$(ConfigurationName)\[exe name].exe
where [name of cert file] is the name of the code-signing cert file, such as private_key.pfk, and [password] is the password used when exporting the certificate (if % is included in the password escape it with %%, so pass%word would be entered as pass%%word), and [exe name] is the name of your primary project executable.
In other projects within solution, sign those by inserting a similar command line in the same post-build location:
"C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\signtool.exe" sign /f "$(ProjectDir)DAD_Code_Certificate.pfx" /p "<password>" /t http://timestamp.comodoca.com/authenticode "$(TargetPath)
Orignal Problem
My theory is that the original problem was caused because of a new feature in Avast 2015 that does a DomainRep (reputation?) check and if several criteria are all met, the alarm bells go off and it stops the download. Because my executable was not signed, it met all the requirements.
It is possible (although I really am not sure about this) that because of this DRep alarm, Google flagged the installer on our website as malicious, causing the red "not normally downloaded" warning when first starting the download.
At least, that's my best guess. Others will most certainly understand this better than me (and would have avoided it in the first place by signing the executable).
Official answer from Google Apps technical support (I'm on the Silver support plan - $150/month):
I replicated the issue you are describing and it looks to be a known
issue with Google Chrome, when trying to download an archive that has
an executable in it.
Please be advised that Google Chrome is outside the support scope of
Google Cloud, however the workaround is rather simple: when that
message appears you can click on the arrow to the right of that
message and chose "keep". This will download the file requested.
I have just installed Vault on my machine, I intend touse it single user.
When trying to use it for the first time, I get the error message below.
Is there anything I should enable?
I have the correct passwords.
I am using the Admin account.
I have Windows * 64 bits, Vault is also 64 bits.
Thanks to Beth's answer below, now I can at least visualise the following page, but still not be able to follow the links in it.
This is the result I get when I click on the links(Picture below).
Error messages are below, but the formatting is not good.
Most likely causes: The request matched a wildcard mime map.
The request is mapped to the static file handler. If there were different pre-conditions, the request will map to a different handler.
Things you can try: If you want to serve this content as a static file, add an explicit MIME map.
Detailed Error Information: Module StaticFileModule Notification ExecuteRequestHandler Handler StaticFile Error Code 0x80070032
Requested URL http://vrindavana:80/VaultService/Admin/default.aspx Physical Path C:\inetpub\wwwroot\VaultService\Admin\default.aspx
Logon Method Anonymous
Logon User Anonymous
IIS:
I have IIS installed and if I browse it I see what's on the picture below.
First try reaching the Vault server using a browser. Try the URL http://<your Vault server name>/vaultservice/index.html. If you can not reach that page, then change to either the FQDN or the IP address.
If you still cannot reach the index.html page, then try reaching it using a browser right on the server and use localhost. The URL would then be http://localhost/vaultservice/index.html.
Let me know the results of these URLs first and then I'll give you next steps.
Beth
SourceGear Technical Support
Thanks for the update.
The error seems to indicate a problem with the .NET Framework. Here are the next steps you should try.
1) Register the .NET framework with IIS. Run a command-prompt as administrator and then change directories until you get to the highest version of the 4.x .NET framework. It might look something like cd C:\Windows\Microsoft.net\framework64\v4.0.30319, but I'm not sure of the entire path on your machine. Then run the command aspnet_regiis -i.
Then try your web page again.
2) If you then get a 404.2 error, then open your IIS Manager, click on the machine name and then click on ISAPI and CGI restrictions. Make sure the .NET frameworks are set to Allow there.
I ran into a problem creating a new project in Cocos2d-x 3.1.1 (or 3.0 - it happens at both versions).
When I'm running the build script in console (Windows 8 - console with admin privileges) an WindowsError pops up (check the image below).
http://i.imgur.com/Ixg4jEE.png
I can set up the COCOS_CONSOLE_ROOT manually, but it does not help with the Error 5.
I tried setting the 777 priviligies an all cocos2d-x folder and subfolders, but it does not help.
Anybody had the same problem? Any solutions out there?
On Windows you should not put manually installed programs and tools under C:\Program... (english: C:\Program Files) because that's a folder where only apps with a proper installer should go. Otherwise you will keep having permission issues. Apps are not allowed to write to that folder or any of its subfolders.
Since cocos2d-x isn't an app, it can't redirect its output to the proper AppplicationData folder as is mandated by the operating system. Not being able to write or modify the program folder's contents (except during installation) is a security feature in Windows that you can't (or shouldn't) bypass.
To fix this simply extract cocos2d-x in a folder that both you and apps have full read/write permission. Normally this would be in your Documents folder, but Desktop would also work and probably just any folder on a drive that you created, for instance C:\cocos2d-x.
Due to this line:
_winreg.SetValueEx() ...
the actual problem looks like to be with registry access, rather than with file permissions.
Make sure you actually running console as an admin, by:
searching cmd in Windows search, or just creating a shortcut to it to desktop
right clicking to cmd.exe and choosing "Run as administrator"
Make sure you don't have registry access block in any way: like blocking in group policies, some "security optimization" software and viruses and antiviruses.
Make sure your python version is 2.x. Python 3.x is not supported.
Anyway, this 'setup.py' step is optional for using cocos2d-x and you can live without running it at all.
I am completely new in jarSigning issue but for a few days i am in trouble about this and searched/learned a lot.
(This topic is not related to my problem: Why does Java Web Start say a signed jar file is unsigned? )
I use org.apache.commons packages in my java-web-start project and it worked with charm for years. Last week, after the java 7 update 45, our users were unable to run our application that runs via JNLP. The error they receive is "JARSigningException" related to some jars which belong to Apache. I removed the lines that correspond to these 6 jars from jnlp, then we were able to start the webstart application but in runtime we had some exceptions.
All jars are self-signed using same certificate (I myself have not signed them, but since we did not have a problem since a couple of days ago, they should have been signed with the same certificate)
When I verify a problematic jar file as below :
jarsigner -verify commons-digester-1.7.jar
I receive below message :
jar verified.
Warning:
This jar contains unsigned entries which have not been integrity-checked.
This jar contains entries whose signer certificate has expired.
This jar contains entries whose certificate chain is not validated.
Re-run with the -verbose and -certs options for more details.
If the Jar file is verified, why do i still receive the JARSigningException when I try to run the jnlp file?
Any help would be appreciated,
Thanks in advance,
See http://www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html for more information on the security changes in Java7 Update45. The changes in U51 are starting to close the door on the security problems even more. http://java.com/en/download/faq/release_changes.xml
The geneeral rule was that all jars within our downloaded JNLP application needed to be signed with the same certificate but like I said, I think there are tighter restrictions now about self-signed certificates.
Also found this blog https://blogs.oracle.com/java-platform-group/entry/updated_security_baseline_7u45_impacts
The security slider setting (in Windows - control panel -> Java then Security tab) will prevent self-signed and unsigned applications when the setting is at High or Very High.