Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 112/170 | < Previous Page | 108 109 110 111 112 113 114 115 116 117 118 119  | Next Page >

  • Common Access Card (CAC) Authentication Using Java

    - by Paul
    I'm bascially looking for someplace to start learning how to interface with a government CAC card using java. Ultimately, my goal is to find out how to use CAC card authentication (by PIN number) to authorize access to a website hosted using a Tomcat/J2EE server. But I'll need somewhere to start. So I figure I'd start by writing a small java program to simply read the CAC card information from the CAC card which is inserted into a card reader on my keyboard (DELL keyboard with CAC reader above the numeric keypad). By searching google, I found the cacard java project (https://cacard.dev.java.net/) which was replaced by the OpenSSO project. But I can't seem to find sample code of how to use it to connect to a card, read from a card, etc. Does anyone know where I can find some sample code so that I can start learning how to interact with a CAC card using java? Thanks EDIT: After researching more, I was thinking, would I be able to just set clientAuth="true" in the connector element in the server.xml file? http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html clientAuth: Set this value to true if you want Tomcat to require all SSL clients to present a client Certificate in order to use this socket.

    Read the article

  • Android SDK Manager and AVD Manager doesn't have the correct information and fails to update on Ubun

    - by Johan Carlsson
    I'm trying to install Android SDK on Ubuntu but fail when I try to use the SDK Manager and AVD Manager to install Android platforms. I've downloaded: android-sdk_r04-linux_86.tgz The I start the SDK Manager and AVD Manager (UI) according to the README file: ./tools/android And I get the following Installed Packages: - Install SDK Tools, revision 4 Available Packages: - https://dl-ssl.google.com/android/repoisotry/repository.xml - This repository requires a more recent version of the Tools. Please update- - Android SDK Tools, revision 4 - Archive for Linux (comment: funny since rev 4 seems to be what's installed this is what seems to be installed) Now doing an update of the Android SDK Tools, revision 4 or everything results in 99% progress and then the application hangs. Here's the console feedback: johanc@johan-desktop:~/android/android-sdk-linux_86$ tools/android Starting Android SDK and AVD Manager No command line parameters provided, launching UI. See 'android --help' for operations from the command line. Error: null In the app I choose to upgate the following package: Package Description Android SDK Tools, revision 4 Archive Description Archive for Linux Size: 15 MiB SHA1: 99380c9330c1c3728c836206947350cc00fa28c2 Site https://dl-ssl.google.com/android/repository/repository.xml The console output reads (and the app hangs at 99%): Exception in thread "Installing Archives" java.lang.AssertionError at com.android.sdkuilib.internal.tasks.ProgressTask.incProgress(ProgressTask.java:97) at com.android.sdkuilib.internal.repository.UpdaterData$2.run(UpdaterData.java:358) at com.android.sdkuilib.internal.tasks.ProgressTask$1.run(ProgressTask.java:135)

    Read the article

  • WCF, Metadata and BIGIP - Can I force the correct url for the WSDL items?

    - by Yossi Dahan
    We have a WCF service hosted on ServerA which is a server with no-direct Internet access and has a non-Internet routable IP address. The service is fronted by BIGIP which handles SSL encryption and decryption and forwards the unencrypted request to ServerA (at the moment it does NOT actually do any load balancing, but that is likely to be added in the future) on a specific port. What that means is that our clients would be calling the service through https://www.OurDomain.com/ServiceUrl and would get to our service on http://SeverA:85/ServiceUrl through the BIGIP device; When we browse to the WSDL published on https://www.OurDomain.com/ServiceUrl all the addresses contained in the WSDL are based on the http://SeverA:85/ServiceUrl base address We figured out that we could use the host headers setting to set the domain, but our problem is that while this would sort out the domain, we would still be using the wrong scheme – it would use http://www.OurDomain.com/ServiceUrl while we need it to be Https. Also – as we have other services (asmx based) hosted on that server we had some issues setting the host headers, and so we thought we could get away with creating another site on the server (using, say, port 82) and set the host header on that; now, on top of the http/https problem we have an issue as the WSDL contains the port number in all the urls, where BigIP works on port 443 (for the SSL) Is there a more flexible solution than implementing Host Headers? Ideally we need to retain flexibility and ease of supportability. Thanks for any help…

    Read the article

  • How do I add PHP support to Apache 2 without breaking my current installation?

    - by Hobhouse
    I run Apache 2 with WSGI (for a Django-app) on a Ubuntu box. I want to use Nagios for server monitoring, and for this purpose it seems I have to add PHP support to Apache. When I installed Apache 2, I did this: apt-get install apache2 apache2.2-common apache2-mpm-worker apache2-threaded-dev libapache2-mod-wsgi python-dev Available modules for apache2 are these: /etc/apache2/mods-available$ ls actions.conf authn_default.load cache.load deflate.conf filter.load mime.conf proxy_ftp.load suexec.load actions.load authn_file.load cern_meta.load deflate.load headers.load mime.load proxy_http.load unique_id.load alias.conf authnz_ldap.load cgi.load dir.conf ident.load mime_magic.conf rewrite.load userdir.conf alias.load authz_dbm.load cgid.conf dir.load imagemap.load mime_magic.load setenvif.conf userdir.load asis.load authz_default.load cgid.load disk_cache.conf include.load negotiation.conf setenvif.load usertrack.load auth_basic.load authz_groupfile.load charset_lite.load disk_cache.load info.conf negotiation.load speling.load version.load auth_digest.load authz_host.load dav.load dump_io.load info.load proxy.conf ssl.conf vhost_alias.load authn_alias.load authz_owner.load dav_fs.conf env.load ldap.load proxy.load ssl.load wsgi.conf authn_anon.load authz_user.load dav_fs.load expires.load log_forensic.load proxy_ajp.load status.conf wsgi.load authn_dbd.load autoindex.conf dav_lock.load ext_filter.load mem_cache.conf proxy_balancer.load status.load authn_dbm.load autoindex.load dbd.load file_cache.load mem_cache.load proxy_connect.load substitute.load What is the best way for me to add PHP support to Apache 2 without breaking my current installation and configuration?

    Read the article

  • SSRS 2008 Report Manager Error

    - by Nick
    I have just installed SQL Server 2008 including Reporting Services on Windows Server 2003. I'm having a problem though accessing the Report Manager. When the Reporting Service is first started I can access it fine but after maybe an hour when I try and access it I get an error saying: Unable to connect to the remote server. The reporting service is still running at this point. I can connect to it through Reporting Services Configuration Manager and clicking on the Web Service URL gives a directory listing (I assume that is correct behaviour). If I stop and start the service through Reporting Services Configuration Manager then I can access Report Manager once again (although in maybe an hour I will get the same error once again). I've installed the latest SP1 service pack. I'm using the same domain account to run all the SQL services. The report server is set to use the default ReportServer virtual directory, is set to IP address All Assigned, TCP Port 80 and no SSL certificate. The report manager is set to use the default Reports virtual directory, IP address All Assigned, TCP Port 80 and no SSL certificates. In the log file I get an error: Unable to connect to remote server HTTP status code 500 An attempt was made to access a socket in a way forbidden by its access permissions. Does anyone have any idea why this is happening? I've searched the net but haven't been able to find a solution.

    Read the article

  • HTTPS Redirect Causing Error "Server cannot append header after HTTP headers have been sent"

    - by Chad
    I need to check that our visitors are using HTTPS. In BasePage I check if the request is coming via HTTPS. If it's not, I redirect back with HTTPS. However, when someone comes to the site and this function is used, I get the error: System.Web.HttpException: Server cannot append header after HTTP headers have been sent. at System.Web.HttpResponse.AppendHeader(String name, String value) at System.Web.HttpResponse.AddHeader(String name, String value) at Premier.Payment.Website.Generic.BasePage..ctor() Here is the code I started with: // If page not currently SSL if (HttpContext.Current.Request.ServerVariables["HTTPS"].Equals("off")) { // If SSL is required if (GetConfigSetting("SSLRequired").ToUpper().Equals("TRUE")) { string redi = "https://" + HttpContext.Current.Request.ServerVariables["SERVER_NAME"].ToString() + HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"].ToString() + "?" + HttpContext.Current.Request.ServerVariables["QUERY_STRING"].ToString(); HttpContext.Current.Response.Redirect(redi.ToString()); } } I also tried adding this above it (a bit I used in another site for a similar problem): // Wait until page is copletely loaded before sending anything since we re-build HttpContext.Current.Response.BufferOutput = true; I am using c# in .NET 3.5 on IIS 6. enter code here

    Read the article

  • WCF/MSMQ Transport Security with Certificates

    - by user104295
    Hi there, my goal is to secure the communication between MSMQ Queue Managers – I don’t want unknown clients sending messages to my MSMQ server. I have spent many hours now trying to get Transport security working for the net.msmq binding in WCF, where MSMQ is in Workgroup mode and the client and server do not have Active Directory… so I’m using certificates. I have created a new X.509 certificate, called Kristan and put it into the “Trusted people” store on the server and into the My store of Current User of the client. The error I’m getting is: An error occurred while sending to the queue: Unrecognized error -1072824272 (0xc00e0030).Ensure that MSMQ is installed and running. If you are sending to a local queue, ensure the queue exists with the required access mode and authorization. Using smartsniff, I see that there’s no attempted connection with the remote MSMQ, however, it’s an error probably coming from the local queue manager. The stack trace is: at System.ServiceModel.Channels.MsmqOutputChannel.OnSend(Message message, TimeSpan timeout) at System.ServiceModel.Channels.OutputChannel.Send(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.OutputChannelBinder.Send(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) The code:- EndpointAddress endpointAddress = new EndpointAddress(new Uri(endPointAddress)); NetMsmqBinding clientBinding = new NetMsmqBinding(); clientBinding.Security.Mode = NetMsmqSecurityMode.Transport; clientBinding.Security.Transport.MsmqAuthenticationMode = MsmqAuthenticationMode.Certificate; clientBinding.Security.Transport.MsmqProtectionLevel = System.Net.Security.ProtectionLevel.Sign; clientBinding.ExactlyOnce = false; clientBinding.UseActiveDirectory = false; // start new var channelFactory = new ChannelFactory<IAsyncImportApi>(clientBinding, endpointAddress); channelFactory.Credentials.ClientCertificate.SetCertificate("CN=Kristan", StoreLocation.CurrentUser, StoreName.My); The queue is flagged as ‘Authenticated’ on the server. I have checked the effect of this and if I turn off all security in the client send, then I get ‘Signature is invalid’ – which is understandable and shows that it’s definitely looking for a sig. Are there are special ports that I need to check are open for cert-based msmq auth? thanks Kris

    Read the article

  • How to scrape a _private_ google group?

    - by John
    Hi there, I'd like to scrape the discussion list of a private google group. It's a multi-page list and I might have to this later again so scripting sounds like the way to go. Since this is a private group, I need to login in my google account first. Unfortunately I can't manage to login using wget or ruby Net::HTTP. Surprisingly google groups is not accessible with the Client Login interface, so all the code samples are useless. My ruby script is embedded at the end of the post. The response to the authentication query is a 200-OK but no cookies in the response headers and the body contains the message "Your browser's cookie functionality is turned off. Please turn it on." I got the same output with wget. See the bash script at the end of this message. I don't know how to workaround this. am I missing something? Any idea? Thanks in advance. John Here is the ruby script: # a ruby script require 'net/https' http = Net::HTTP.new('www.google.com', 443) http.use_ssl = true path = '/accounts/ServiceLoginAuth' email='[email protected]' password='topsecret' # form inputs from the login page data = "Email=#{email}&Passwd=#{password}&dsh=7379491738180116079&GALX=irvvmW0Z-zI" headers = { 'Content-Type' => 'application/x-www-form-urlencoded', 'user-agent' => "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.2 (KHTML, like Gecko) Chrome/6.0"} # Post the request and print out the response to retrieve our authentication token resp, data = http.post(path, data, headers) puts resp resp.each {|h, v| puts h+'='+v} #warning: peer certificate won't be verified in this SSL session Here is the bash script: # A bash script for wget CMD="" CMD="$CMD --keep-session-cookies --save-cookies cookies.tmp" CMD="$CMD --no-check-certificate" CMD="$CMD --post-data='[email protected]&Passwd=topsecret&dsh=-8408553335275857936&GALX=irvvmW0Z-zI'" CMD="$CMD --user-agent='Mozilla'" CMD="$CMD https://www.google.com/accounts/ServiceLoginAuth" echo $CMD wget $CMD wget --load-cookies="cookies.tmp" http://groups.google.com/group/mygroup/topics?tsc=2

    Read the article

  • RSA C# Encrypt Java Decrypt

    - by user353030
    Hi guys, In my program (server side - Java) I've created keystore file, with command: keytool -genkey -alias myalias -keyalg RSA -validity 10000 -keystore my.keystore and exported related X509 certificate with: keytool -export -alias myalias -file cert.cer -keystore my.keystore After I saved cert.cer on client side (C#) and I write this code: X509Certificate2 x509 = new X509Certificate2(); byte[] rawData = ReadFile("mycert.cer"); x509.Import(rawData); RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PublicKey.Key; byte[] plainbytes = System.Text.Encoding.ASCII.GetBytes("My Secret"); byte[] cipherbytes = rsa.Encrypt(plainbytes, true); String cipherHex = convertToHex(cipherContent); byte[] byteArray = encoding.GetBytes(cipherHex); .... I write this Java code on server side: keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(new FileInputStream("C:\\my.keystore"), "mypass".toCharArray()); Key key = keyStore.getKey("myalias", "mypass".toCharArray()); if (key instanceof PrivateKey) { Certificate cert = keyStore.getCertificate("myalias"); PublicKey pubKey = cert.getPublicKey(); privKey = (PrivateKey)key; } byte[] toDecodeBytes = new BigInteger(encodeMessageHex, 16).toByteArray(); Cipher decCipher = Cipher.getInstance("RSA"); decCipher.init(Cipher.DECRYPT_MODE, privKey); byte[] decodeMessageBytes = decCipher.doFinal(toDecodeBytes); String decodeMessageString = new String(decodeMessageBytes); I receive this error: javax.crypto.BadPaddingException: Data must start with zero Can you help me, please? Thanks thanks,

    Read the article

  • Collision Attacks, Message Digests and a Possible solution

    - by Dominar
    I've been doing some preliminary research in the area of message digests. Specifically collision attacks of cryptographic hash functions such as MD5 and SHA-1, such as the Postscript example and X.509 certificate duplicate. From what I can tell in the case of the postscript attack, specific data was generated and embedded within the header of the postscript (which is ignored during rendering) which brought about the internal state of the md5 to a state such that the modified wording of the document would lead to a final MD equivalent to the original. The X.509 took a similar approach where by data was injected within the comment/whitespace of the certificate. Ok so here is my question, and I can't seem to find anyone asking this question: Why isn't the length of ONLY the data being consumed added as a final block to the MD calculation? In the case of X.509 - Why is the whitespace and comments being taken into account as part of the MD? Wouldn't a simple processes such as one of the following be enough to resolve the proposed collision attacks: MD(M + |M|) = xyz MD(M + |M| + |M| * magicseed_0 +...+ |M| * magicseed_n) = xyz where : M : is the message |M| : size of the message MD : is the message digest function (eg: md5, sha, whirlpool etc) xyz : is the acutal message digest value for the message M magicseed_{i}: Is a set random values generated with seed based on the internal-state prior to the size being added. This technqiue should work, as to date all such collision attacks rely on adding more data to the original message. In short, the level of difficulty involved in generating a collision message such that: It not only generates the same MD But is also comprehensible/parsible/compliant and is also the same size as the original message, is immensely difficult if not near impossible. Has this approach ever been discussed? Any links to papers etc would be nice.

    Read the article

  • Why is my code signing (MS authenticode) verification failing?

    - by Tim
    I posted this question and have a freshly minted code signing cert from Thawte. I followed the instructions (or so I thought) and the code signing claims to be done right, however when I try to verify the tool shows an error. I have no idea what it means and no idea how to fix this. Any comments would be appreciated. Command line to sign exe: signtool sign /f mdt.pfx /p password /t http://timestamp.verisign.com/scripts/timstamp.dll test.exe Results: The following certificate was selected: Issued to: [my company] Issued by: Thawte Code Signing CA Expires: 4/23/2011 7:59:59 PM SHA1 hash: 7D1A42364765F8969E83BC00AB77F901118F3601 Done Adding Additional Store Attempting to sign: test.exe Successfully signed and timestamped: test.exe Number of files successfully Signed: 1 Number of warnings: 0 Number of errors: 0 Note that there are no errors or warnings. Now, when I try to verify imagine my surprise: signtool verify /v test.exe results in: Verifying: test.exe SHA1 hash of file: 490BA0656517D3A322D19F432F1C6D40695CAD22 Signing Certificate Chain: Issued to: Thawte Premium Server CA Issued by: Thawte Premium Server CA Expires: 12/31/2020 7:59:59 PM SHA1 hash: 627F8D7827656399D27D7F9044C9FEB3F33EFA9A Issued to: Thawte Code Signing CA Issued by: Thawte Premium Server CA Expires: 8/5/2013 7:59:59 PM SHA1 hash: A706BA1ECAB6A2AB18699FC0D7DD8C7DE36F290F Issued to: [my company] Issued by: Thawte Code Signing CA Expires: 4/23/2011 7:59:59 PM SHA1 hash: 7D1A42364765F8969E83BC00AB77F901118F3601 The signature is timestamped: 4/27/2010 10:19:19 AM Timestamp Verified by: Issued to: Thawte Timestamping CA Issued by: Thawte Timestamping CA Expires: 12/31/2020 7:59:59 PM SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656 Issued to: VeriSign Time Stamping Services CA Issued by: Thawte Timestamping CA Expires: 12/3/2013 7:59:59 PM SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D Issued to: VeriSign Time Stamping Services Signer - G2 Issued by: VeriSign Time Stamping Services CA Expires: 6/14/2012 7:59:59 PM SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE Number of files successfully Verified: 0 Number of warnings: 0 Number of errors: 1

    Read the article

  • Cocoa NSStream TCP connection to FTP

    - by Chuck
    Hi, I'm new to Cocoa, but not to programming. Recently I decided I wanted to write a FTP client for Mac, and so I first made it in the language I'm most comfortable in (on Windows), and then moved on to Cocoa when I had the workings of FTP communications down. My question is (apparently) a bit controversial: How do I establish a read/writeable connection to (a ftp server)? What I have so far (non working obviously): NSInputStream *iStream; NSOutputStream *oStream; NSHost *host = [NSHost hostWithAddress:@"127.0.0.1"]; [NSStream getStreamsToHost:host port:3333 inputStream:&iStream outputStream:&oStream]; // ftp port: 3333 [iStream retain]; [oStream retain]; [iStream scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode]; [oStream scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode]; [iStream setDelegate:self]; [oStream setDelegate:self]; // which is not implemented apparently [iStream open]; [oStream open]; // .... [iStream write: (const uint8_t *)buf maxLength:8]; Which is partially based on http://developer.apple.com/mac/library/documentation/cocoa/Conceptual/Streams/Articles/NetworkStreams.html Now, why have I chosen NSStream? Because while this question is merely about how to connect to a FTP stream, my whole project will also include SSL and as far as I've been able to search here and on google, NSStream is capable of "switching" to a SSL connection. I've not been able to see the connection being made (which I'm usually able to do), but I also heard something about having to write to the stream before the stream will open? Any pointers are greatly appreciated, and sorry if my question is annoying - I'm new to Cocoa :)

    Read the article

  • How to successfully add account to android E-mail Database ?

    - by santhosh
    Hi all... I am trying to add an account to E-mail database ,Below is the way i'm trying ... import com.android.email.Account; import com.android.email.Email; import com.android.email.Preferences; import com.android.email.provider.EmailContent; Account account = new Account(mContext); account.setDescription("acc added thr prog"); account.setAutomaticCheckIntervalMinutes(10); account.setEmail("[email protected]"); account.setDraftsFolderName("Drafts"); account.setOutboxFolderName("OutBox"); account.setSentFolderName("Sent"); account.setTrashFolderName("Trash"); account.setName("Tester"); account.setNotifyNewMail(true); account.setSenderUri("smtp+ssl+://[email protected]:[email protected]"); account.setStoreUri("imap+ssl+://[email protected]:[email protected]"); account.setDeletePolicy(10); account.setVibrate(true); mPrefer = Preferences.getPreferences(getInstrumentation().getContext()); account.save(mPrefer); Email.setServicesEnabled(mInstrumenatation.getTargetContext()); Any suggestions Greatly appreciated. With best Regards Santhosh

    Read the article

  • blackberry smartcard reader example

    - by pajton
    I am writing an app for BlackBerry that utilizes a BlackBerry smartcard reader. There is not much documentation on the subject, so I'd really like if someone could give me starting examples. Basically, there is one RSA private key on the card plus a certificate (for paired public key). I would like to be able to encrypt/decrypt data and also sign it as well. The final goal would be to establish an mutual-authenticated SSL connection using client certificate contained on the smartcard. Here is the code I managed to come up with so far: SmartCardReader btReader = null; SmartCardReader[] readers = SmartCardReaderFactory.getInstalledReaders(); for (int i = 0; i < readers.length; i++) { SmartCardReader reader = readers[i]; if (reader.getType().equalsIgnoreCase("bluetooth")) { btReader = reader; break; } } SmartCardReaderSession readerSession = reader.openSession(); CryptoSmartCard card = (CryptoSmartCard) readerSession.getSmartCard(); RSACryptoToken token = (RSACryptoToken) card.getCryptoToken("RSA"); This token looks promising - has some nice methods, but with "cryptic" arguments. What to do next?

    Read the article

  • Exception during secure communication implementation

    - by Liran
    hi everyone. im trying to implement simple secured client server communiction using WCF. when im launching mt server everty thing is OK , But when im launching my client im getting this error: Error : An error occurred while making the HTTP request to https://localhost:800 0/ExchangeService. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caus ed by a mismatch of the security binding between the client and the server. this is the server code : Uri address = new Uri("https://localhost:8000/ExchangeService"); WSHttpBinding binding = new WSHttpBinding(); //Set Binding Params binding.Security.Mode = SecurityMode.Transport; binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None; binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None; Type contract = typeof(ExchangeService.ServiceContract.ITradeService); ServiceHost host = new ServiceHost(typeof(TradeService)); host.AddServiceEndpoint(contract, binding, address); host.Open(); this is the client configuration (app.config): </client> <bindings> <wsHttpBinding> <binding name="TradeWsHttpBinding"> <security mode="Transport"> <transport clientCredentialType="None" proxyCredentialType ="None"/> </security> </binding> </wsHttpBinding> </bindings> the security configuration at both the client and the server are the same , and i dont need certificate for the server in that kind of security (transport) so why do i get this exception ???? thanks...

    Read the article

  • Authenticating to Google Search Appliance using Basic HTTP auth and ASP.NET (VB)

    - by Chainlink
    I've run into a snag though which has to do with authentication between the Google Search Appliance and ASP. Normally, when asking for secure pages from the search appliance, the search appliance asks for credentials, then uses these credentials to try and access the secure results. If this attempt is successful, the page shows up in the results list. Since ASP is contacting the search appliance on the client's behalf, it will need to collect credentials and pass them along to the search appliance. I have tried a couple of different documented ways of accomplishing this, but they don't seem to work. Below is the code I have tried: 'Bypass SSL since discovery.gov.mb.ca does not have valid SSL cert (NOT PRODUCTION SAFE) ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf customXertificateValidation) googleUrl = "https://removed.com" Dim rdr As New XmlTextReader(googleUrl) Dim resolver As New XmlUrlResolver() Dim myCred As New System.Net.NetworkCredential("USERNAME", "PASSWORD", Nothing) Dim credCache As New CredentialCache() credCache.Add(New Uri(googleUrl), "Basic", myCred) resolver.Credentials = credCache rdr.XmlResolver = resolver doc = New System.Xml.XPath.XPathDocument(rdr) path = doc.CreateNavigator() Private Function customXertificateValidation(ByVal sender As Object, ByVal certificate As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As Net.Security.SslPolicyErrors) As Boolean Return True End Function

    Read the article

  • TLS with SNI in Java clients

    - by ftrotter
    There is an ongoing discussion on the security and trust working group for NHIN Direct regarding the IP-to-domain mapping problem that is created with traditional SSL. If an HISP (as defined by NHIN Direct) wants to host thousands of NHIN Direct "Health Domains" for providers, then it will an "artificially inflated cost" to have to purchase an IP for each of those domains. Because Apache and OpenSSL have recently released TLS with support for the SNI extension, it is possible to use SNI as a solution to this problem on the server side. However, if we decide that we will allow server implementations of the NHINDirect transport layer to support TLS+SNI, then we must require that all clients support SNI too. OpenSSL based clients should do this by default and one could always us stunnel to implement an TLS+SNI aware client to proxy if your given programming language SSL implementation does not support SNI. It appears that native Java applications using OpenJDK do not yet support SNI, but I cannot get a straight answer out of that project. I know that there are OpenSSL Java libraries available but I have no idea if that would be considered viable. Can you give me a "state of the art" summary of where TLS+SNI support is for Java clients? I need a Java implementers perspective on this.

    Read the article

  • iPhone developer cert not associating with Provisioning Profiles

    - by baudot
    I'm seeing the dreaded "Code Sign error: The identity 'iPhone Developer' doesn't match any valid certificate/private key pair in the default keychain" error. Strange, as it used to work. Not sure what changed. A few of the symptoms I've noticed beyond this: In the project info, for Code Signing Identity, instead of saying "iPhone Developer: My Name Here", it only says "iPhone Developer", followed by a list of grayed out Provisioning Profiles with the error message "profile doesn't match any valid certificate/private key pair in the keychain." In the organizer, if I click the "Developer Profile" sidebar entry, it shows one entry in the "Identities" pane, "iPhone Distribution: My Name Here". However, no profiles show in the Provisioning Profiles pane. In the organizer, if I click the "Provisioning Profiles" sidebar entry, for each of the profiles there it reports "A valid signing identity matching this profile could not be found in your keychain." I've tried a handful of the usual folk cures for this ailment, without success so far, such as: Cleared my old keypairs and expired developer identity cert out of the keychain. Deleted my old developer profile, created a new one, and regenerated the provisioning profile after. Reconfirmed: The App ID on the provisioning portal for this app is a pure wildcard ID. (The "Bundle Identifier" in the info.plist is just the appname, no reversed domain prefix.) Restored my iPhone. Overstalled the latest version of Xcode.

    Read the article

  • TRICKEY ONE PLEASE SOLVE

    - by jack
    Create a DTD to record the sellers of merchandise to the Second-hand shop. Each seller has the child elements sellerID (in the format KSXXXXXXX), name, address, phone and sighted_identification. ? the name element has child elements of title and firstname and surname ? the address element has child elements address_line, suburb, state and postcode ? the sighted_identification can be any of the following – passport – drivers licence – birth certificate – Medicare card. –1. Create a DTD to record the sellers of merchandise to the Second-hand shop. Each seller has the child elements sellerID (in the format KSXXXXXXX), name, address, phone and sighted_identification. ? the name element has child elements of title and firstname and surname ? the address element has child elements address_line, suburb, state and postcode ? the sighted_identification can be any of the following – passport – drivers licence – birth certificate – Medicare card. Create an XML document for five sellers including at least two with multiple sighted identifications. 3. Create an XSLT style sheet to logically display all of the seller’s details. Note 1: it may help you to create lists for both sellers and for sighted_identification. Note 2: The shops database stores the sighted identification of sellers as p, dl, bc and mc rather than by their full name, so creating an entity for each type is required. Note 3: Your XSLT should order the sellers by sellerID – for this reason don’t have them ordered correctly in the XML file – rather sort the sellerID within the XSLT. OUTPUT SHOULD BE SOMETHING LIKE THIS SELLER ID : NAME: ADDRESS : PHONE : IDENTIFICATION : IDENTIFICATION : IDENTIFICATION :

    Read the article

  • APNs notification failure...

    - by Kamal Challa
    Hi , i tried the following code (PHP) $apnsHost = 'gateway.sandbox.push.apple.com'; $apnsPort = 2195; $apnsCert = 'apple_push_notification_production.pem'; $streamContext = stream_context_create(); stream_context_set_option($streamContext, 'ssl', 'local_cert', $apnsCert); $apns = stream_socket_client('ssl://' . $apnsHost . ':' . $apnsPort, $error, $errorString, 2, STREAM_CLIENT_CONNECT, $streamContext); if($apns) { echo "Connection Established<br/>"; $deviceToken = '**********';//masked $body = array(); $body['aps'] = array(’alert’ => "test message"); //$body['aps']['badge'] = 1; $payload = json_encode($body); $apnsMessage = chr(0) . pack("n",32) . pack('H*', str_replace(' ', '', $deviceToken)) . pack("n",strlen($payload)) . $payload; print "sending message :" . $apnsMessage . "<br/>"; print "sending payload :" . $payload . "<br/>"; fwrite($apns, $apnsMessage); } else { echo "Connection Failed"; echo $errorString; echo $error; } socket_close($apns); fclose($apns); reply is Connection Established sending message :?? d^÷Îå0ZCd%1ÄuwOOYš'ÊÈ}ârðm¾Í?,{"aps":{"\u2019alert\u2019":"test message"}} sending payload :{"aps":{"\u2019alert\u2019":"test message"}} But am not able to get the notification any help?

    Read the article

  • Error getting twitter request token using OAuth and PEAR Services_Twitter

    - by Onema
    Hello, I am moving from the basic authentication method using username and password to the OAuth based authentication. I was using an old version of the pear package Services_Twitter, that did not support OAuth. The latest version of this package supports OAuth authentications, it has a few dependencies (HTTP_Request2, HTTP_OAuth). It was very simple to install them and upgrade the package. I did all this my local machine and had no trouble getting the authentication up and running. I committed this code to the test site, but every time the code request a "request token" I get the following error message "Unable to connect to ssl://api.twitter.com:443. Error #0" I have spend 6 hours making sure that all the pear packages where up to date, checking the customer token and token secret, making sure port 443 is not closed... in addition to various other test. I have exhausted my resources and I come to you in hope to find some answers. Thank you PD: One of the things I do not understand is why does the message says that the url is ssl://api.twitter.com:443 rather than https://api.twitter.com/request_token? the former one is the one I am using to get the request token.

    Read the article

  • Rails, Apache2 on Ubuntu (karmic) deployment

    - by Steve
    I just need some clarification on a couple of files. My site has an admin subdomain and SSL in addition to the normal *:80 details found in the virtual hosts. My question(s): Do I need to specify a 1) ServerName and 2) DocumentRoot in: /etc/apache2/apache2.conf? I currently enable my site from this directory: /etc/apache2/sites-available/site Here are the contents of my site file in the above directory (/etc/apache2/sites-available/site): <VirtualHost *:80> ServerName www.site.com ServerAlias www.site.com DocumentRoot /home/user/public_html/site/current/public RailsAllowModRewrite off <directory "/home/user/public_html/site/current/public"> Order allow,deny Allow from all </directory> </VirtualHost> <VirtualHost *:80> ServerName www.site.com ServerAlias admin.site.com DocumentRoot /home/user/public_html/site/current/public RailsAllowModRewrite off <directory "/home/user/public_html/site/current/public"> Order allow,deny Allow from all </directory> </VirtualHost> <VirtualHost *:443> ServerName www.site.com ServerAlias www.site.com # SSL releated SSLEngine on SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLCertificateFile /path/to/site.com.crt SSLCertificateChainFile /path/to/bundle.crt SSLCertificateKeyFile /path/to/site.key # Used by rails RequestHeader set X_FORWARDED_PROTO "https" </VirtualHost> Do you see anything wrong?

    Read the article

  • Inheritance issue with ivar on the iPhone

    - by Buffalo
    I am using the BLIP/MYNetwork library to establish a basic tcp socket connection between the iPhone and my computer. So far, the code builds and runs correctly in simulator but deploying to device yields the following error: error: property 'delegate' attempting to use ivar '_delegate' declared in super class of 'TCPConnection' @interface TCPConnection : TCPEndpoint { @private TCPListener *_server; IPAddress *_address; BOOL _isIncoming, _checkedPeerCert; TCPConnectionStatus _status; TCPReader *_reader; TCPWriter *_writer; NSError *_error; NSTimeInterval _openTimeout; } /** The delegate object that will be called when the connection opens, closes or receives messages. */ @property (assign) id<TCPConnectionDelegate> delegate; /** The delegate messages sent by TCPConnection. All methods are optional. */ @protocol TCPConnectionDelegate <NSObject> @optional /** Called after the connection successfully opens. */ - (void) connectionDidOpen: (TCPConnection*)connection; /** Called after the connection fails to open due to an error. */ - (void) connection: (TCPConnection*)connection failedToOpen: (NSError*)error; /** Called when the identity of the peer is known, if using an SSL connection and the SSL settings say to check the peer's certificate. This happens, if at all, after the -connectionDidOpen: call. */ - (BOOL) connection: (TCPConnection*)connection authorizeSSLPeer: (SecCertificateRef)peerCert; /** Called after the connection closes. You can check the connection's error property to see if it was normal or abnormal. */ - (void) connectionDidClose: (TCPConnection*)connection; @end @interface TCPEndpoint : NSObject { NSMutableDictionary *_sslProperties; id _delegate; } - (void) tellDelegate: (SEL)selector withObject: (id)param; @end Does anyone know how I would fix this? Would I simply declare _delegate as a public property of the base class "TCPEndPoint"? Thanks for the help ya'll!

    Read the article

  • PHPMailer with GMail: SMTP Error

    - by Abs
    Hello all, I am making use of PHPMailer to send mail through GMail. The code I use is straight from a tutorial and it works perfectly on my laptop. However, testing this on a Windows 2003 Server - it seems to always return an SMPT error: SMTP Error: Could not connect to SMTP host. Mailer Error: SMTP Error: Could not connect to SMTP host. Here is the settings I use in PHPMailer: include("phpmailer/class.phpmailer.php"); $mail = new PHPMailer(); $mail->IsSMTP(); $mail->SMTPAuth = true; // enable SMTP authentication $mail->SMTPSecure = "ssl"; // use ssl $mail->Host = "smtp.gmail.com"; // GMAIL's SMTP server $mail->Port = 465; // SMTP port used by GMAIL server Can I say with confidence that this isn't a port issue, since I am connecting to another server on port 465 and it is sending mail. If not, please explain. How can I resolve this issue? Thanks all for any help

    Read the article

  • How to achieve high availability?

    - by tanyehzheng
    My boss wants to have a system that takes into concern of continent wide catastrophic event. He wants to have two servers in US and two servers in Asia (1 login server and 1 worker server in each continent). In the event that earthquake breaks the connection between the two continents, both should work alone. When the connection is revived, they should sync each other back to normal. External cloud system not allowed as he has no confidence. The system should take into account of scalability which means addition of new servers should be easy to configure. The servers should be load balanced. The connection between the servers should be very secure(encrypted and send through SSL although SSL takes care of encryption). The system should let one and only one user log in with one account. (beware of latency between continent and two users sharing account may reach both login server at the same time) Please help. I'm already at the end of my wit. Thank you in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 108 109 110 111 112 113 114 115 116 117 118 119  | Next Page >