Search Results

Search found 3868 results on 155 pages for 'wildcard ssl'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 123/155 | < Previous Page | 119 120 121 122 123 124 125 126 127 128 129 130  | Next Page >

  • Hybrid Exchange Online setup with on premise public folders, certificate issues?

    - by exxoid
    We have a Hybrid Exchange setup with Exchange Online (v15 tenant) and Exchange 2010 on premise. The hybrid configuration for the most part is working, what I am having an issue with is getting public folders to work for cloud users. I followed the official documentation here (http://technet.microsoft.com/en-us/library/dn249373(v=exchg.150).aspx) and it kind of works. When I am accessing Outlook on a public wifi I am able to bring up the cloud mailboxes and on premise public folders show up in Outlook. When I am accessing email via Outlook as a cloud user on the same LAN as the on premise exchange, the cloud user makes the outlook.com connection for live/ad/archive mailbox but fails to create a proxy connection for the on premise public folders. The error I get is a certificate mismatch, it seems that when a user on the LAN accesses Outlook/Exchange it is using a different certificate vs. when Outlook is launched on a WiFi network. When I look at the Outlook connection information, I see the connection to outlook.com for ad/live/archive mailbox but no entry for public folder connection. Our on premise Exchange is 2010 SP3 with latest CUs. The client is a domain joined laptop with Windows 7 and Office 2010 SP2, latest windows updates applied. Our infrastructure has a working ADFS 3 and DirSync setup for Office 365. My question then is, what do I need to do to make sure that the Cloud user launching Outlook on the LAN uses the proper certificate (the wildcard 3rd party cert.. vs. the self signed certificate which it looks like it may be using during the connection attempt).

    Read the article

  • How to setup bindings for development IIS 7.5 with lot of sites

    - by Antonio Bakula
    I am a programmer in a small ASP.NET shop with very little expirience in server administration, and I have to setup IIS 7.5 to host lot of sites on newly installed windows server 2008 R2, these sites are test "clones" for sites on "real" web server and they should be accessible only in local network (domain). Developers should add new sites for our new customers. Project managers use this server to check progress and test new sites and new features, QA people have to have access to this site and test before we copy it to the "real" web server. Developers only have access to IIS console, in fact they can use RDP to test server with their developer domain credentials and permissions, also developers are local admins on that machine (tester). On our previous server I used different port numbers for each site. That worked but don't like this solution, I would prefer to use subdomains. But here are the problems: manually adding DNS records is not an option because we do not wont that developers have to administer domain DNS server, and currently this had to be done with domain administrator credentials. Is there a some way to add DNS record automatically ? I tried to add DNS record for subdomains on test server with wildcard (*.tester) and that seems to work for some time but that change coused some bad problems in our domain network and admin forbid me to mess with DNS, he said that I have to add DNS record for every subdomain manually and that I can not use wildcards, and there is nothing that I can do about it, mainly for "politicall" reasons :( obviously our admin is pretty much uncooperative, outsorced from different organization and I can't do anything about that. can I add another DNS server on that machine ? What must be setup on clients machines to "tell" them to use domain DNS server and tester domain server ? So please I need someone to give me some advice, what should I do ? Is different port numbers only option left ? Thanks !

    Read the article

  • I can access my company mail on iPhone, but not on a PC/Mac

    - by Philippe
    On my iPhone (4), I can set up my company e-mail, which allows me to receive and send e-mail and use the calender to manage appointments. The company is using Exchange 2003. The problem is that this is the only way I can access my e-mail when I'm not at the office. I've tried setting up an account on Outlook 2007, Outlook 2010, Outlook 2011 (Mac) and the OSX Mail app, but it doesn't work. The server cannot be reached, even though I've used the exact same settings as on the iPhone. The info I use on the iPhone is: Server name of the company mail server (it's the same as for webmail) Use SSL AD Domain of my account My AD account name Password When I enter this on the iPhone, it works like a charm, but whatever I try on one of my desktops, it doesn't work. FYI: I can't ask the company IT guys because according to them, it doesn't work from a remote location, not even on the iPhone (but obviously, that works just fine)

    Read the article

  • Logging the client IP with Nginx/Varnish/Apache

    - by jetboy
    I have Nginx listening on port 443 as an SSL terminator, and proxying unencrypted traffic to Varnish on the same server. Varnish 3 is handling this traffic, and traffic coming in directly on port 80. All traffic is passed, unencrypted, to Apache instances on other servers in the cluster. The Apache instances use mod_rpaf to replace the logged client IP with the contents of the X-Forwarded-For header. My problem is that if the traffic is coming via Nginx, while the 'correct' client IP is getting logged in the VarnishNCSA logs, it looks as if Varnish is (understandably) replacing Nginx's X-Forwarded-For header with 127.0.0.1 downstream, and this is getting logged with Apache. Is there a nice simple way to stop Varnish rewriting X-Forwarded-For if it's already populated?

    Read the article

  • Hardware VPN suddenly slow, even after replacement. Free software VPN speed is fast [closed]

    - by Andrew
    In our company we have two remote users, one in Northern California and one in Texas, that connect via VPN. We have a hardware SSL VPN unit, and suddenly this week they experienced massive slowdown, to the point of speedtesting at 0.5 mbps when it is normally 7-10mbps. We replaced the hardware sslvpn but that did not solve the problem. If I have them connect using a free VPN tool like TeamViewer, their speeds are back to normal. Does anyone have any idea why this could happen? We have not made any infrastructure changes so this was very out of the blue and I'm confused as to why even replacing the hardware vpn didn't fix it, if using free software works just fine.

    Read the article

  • Personal Archive not Visible in Outlook

    - by Krypton2k
    I just added a second user to my Exchange 2010 box, it is in coexistence with exc2003. My account is already set up and working with a personal archive folder. The user I just set up however is unable to see the archive in Outlook. It is visible in OWA but not outlook. I have created a test profile on my PC with the users account and still no archive, if I jump back to my profile on the same box the archive is there so I know it is not an office versions issue. UPDATE: I have deleted all profiles from Outlook (one of which worked with the archive) now any new profiles including my own no longer show up. I think I have broken something In exchange. I get an auto discover certificate error which I am in the process of fixing. Perhaps the 2 problems are related. Also OWA on this server runs on a custom SSL port.

    Read the article

  • IIS returning plain Forbidden response. No HTTP code

    - by Alex Pineda
    I'm running a ServiceStack application on IIS. My regular services work fine and have not had any problems with permissions. My new project involves providing generated pdfs. I gave IIS_IUSRS read/write permissions to the Temp directory under my app directory. I also allow non SSL connections to this directory. When I browse to the file which ServiceStack is supposed to automatically serve up (eg. http://ryu.com/Temp/201310171723337631.pdf ) I get this: Forbidden Request.HttpMethod: GET Request.PathInfo: Request.QueryString: Request.RawUrl: /ryu/Temp/201310171723337631.pdf App.IsIntegratedPipeline: True App.WebHostPhysicalPath: C:\inetpub\ryu App.WebHostRootFileNames: [global.asax,global.asax.cs,web.config,bin,temp] Now this doesn't look like a ServiceStack error message, more like IIS, but I'm not certain as to how to get to the bottom of this. Authorization settings are Allow All.

    Read the article

  • Should the hostname of my VPS point to the dedi IP of my Domain or to to a shared one used for new account creation?

    - by thomas
    I leased a VPS which I want to use to sell shared hosting. 3 IPs - I call them A, B and C here for simplicity. Actual setup is: A=NS1.mydomain.com; host.mydomain.com and is used to set-up new accounts in shared environment B=NS2.mydomain.com C=dedicated IP for mydomain.com (SSL secured) The more I read about DNS, the more I get confused; thus my question: Is this configuration "Good Practice", especially the hostname pointing to A rather than to C? And what would be a better alternative?

    Read the article

  • How can I prevent Apache from exposing a user's password?

    - by Marius Marais
    When using basic authentication (specifically via LDAP, but htpasswd also) with Apache, it makes the REMOTE_USER variable available to the PHP / Ruby / Python code underneath -- this is very useful for offloading authentication to the webserver. In our office environment we have lots of internal applications working like this over SSL, all quite secure. BUT: Apache exposes the PHP_AUTH_USER (=REMOTE_USER) and PHP_AUTH_PW variables to any application inside PHP. (PHP_AUTH_PW contains the plaintext password the user entered.) This means it's possible for the app to harvest usernames and passwords. Presumably the same information is available to Python and Ruby (all three are currently in use; PHP is being phased out). So how can I prevent Apache from doing this? One idea is to use Kerberos Negotiate authentication (which does not expose the password and has the benefit of being SSO), but that automatically falls back to Basic for some browsers (Chrome and in some cases Firefox), causing the password to be exposed again.

    Read the article

  • IIS7 - multiple ports for websites, some working, some not.

    - by glasnt
    I have multiple IIS7 websites hanging off 1 IP, using different ports. All three sites use Z.A.B.C:XX, where XX is {100, 200, 300} * There's no web.config settings not making :300 not work, the bindings are set ok. I can even change the ports so 200 becomes 300, but the original 300 still doesn't work. They are all shown by IP, so it's not DNS. There's no SSL setting differences between them. I can't see anything in metabase.xml that would make one behave differently to another. Are there any other settings in IIS7 that I might not be finding, that would fix the issue? * not the real values.

    Read the article

  • Moving cpanel backup of magento site to VPS

    - by user2564024
    I was having my site in shared hosting, I took the entire backup, its structure is like addons homedir mysql resellerpackages suspendinfo bandwidth homedir_paths mysql.sql sds userconfig counters httpfiles mysql-timestamps sds2 userdata cp locale nobodyfiles shadow va cron logaholic pds shell vad digestshadow logs proftpdpasswd ssl version dnszones meta psql sslcerts vf domainkeys mm quota ssldomain fp mma resellerconfig sslkeys has_sslstorage mms resellerfeatures suspended Now I have subscribed to vps, I have copied the files inside homedir/public_html to var/www/html of my new hosting, but am seeing the following error when I view it browser, There has been an error processing your request Exception printing is disabled by default for security reasons. Error log record number: 259343920016 I have just created database with name magenhto inside mysql. Previously I had cpanel and used one click installer. Hence am not aware of how to use that data inside mysql to this new system and are there any more changes.

    Read the article

  • Personally identifiable information (PII) on shared web hosting

    - by S. Cobbs
    Hey folks, I am providing web hosting services (shared and dedicated) and have had one of my shared hosting clients mention needing an SSL cert for their site where they are collecting insurance quotes in a form, including names and social security numbers. My privacy sense is tingling, and I'm pretty sure it's not legal (in the US) to do this on a shared system, but can't find anything to support my thoughts outside of PCI-DSS, but the customer isn't processing payments through the site so I'm not sure if that applies. I'm reading lots of policy documents where people advise to minimize and manage the PII footprint internally, but as the host I don't want to put all of my customer's clients at possible risk. I'm not looking here for legal advice necessarily, but perhaps someone in a similar position to mine can provide some rule of thumb or point me in the right direction.

    Read the article

  • Apache redirect some requests to another server

    - by mucie
    We just bought a new server. We want our old server to respond the https connections(because of ssl certificate) and new server to respond the rest. New server is ready but i don't know how to redirect requests to new one. mydomain.com => old machine ip 10.10.10.41 => new machine Requests will come through mydomain.com. If it is https: respond else redirect to 10.10.10.41 How should i configure apache for this situation?

    Read the article

  • How do I make stunnel verify a clients certificate?

    - by unixman83
    NOTE: The title is misleading. Please correct it if you know a better title. What I want to know is how do I create the SSL keys / certificates needed for this. Hi. I am using stunnel to authenticate RDP (Remote Desktop) and I need to verify that a client possesses the proper credentials. So people cannot brute force into the machine. I am also using a bad (outdated) version of RDP that has security vulnerabilities, so stunnel is a must. I will preshare the necessary .pem's between machines. What are the openssl commands I need to create the right .pem files on both the client and on the server? What files need to be shared?

    Read the article

  • Am I supposed to assign the broadcast IP somewhere?

    - by pvieira
    This is a very basic question from a newbie point of view. I have a dedicated server at Hetzner running Windows 2008 R2. I bought a subnet of IP addresses to use in this server. They provided me a given range of IPs, incluind one Ip labeled as "Broadcast". I know how to assign those IPs to the NIC, but should I do something with the Broacast IP, like configure it somewhere on Windows? Or can I just ignore it and I'll be fine? This IP range will be used to host SSL sites.

    Read the article

  • Multi-site Drupal install with sites on different ports using Apache ip-based hosting?

    - by MattB
    In the past we've used name-based virtual hosting in Apache. We recently converted websites to SSL and had to go the ip-based route. As a result, we currently have an instance that is set up as follows: www.domain.com using port 80 dev.domain.com using port 8080 Both use the same IP. Is this scenario possible using Drupal multi-site functionality? While we find that dev.domain.com works and reads the correct "dev" database (using the dev settings), it reads theme files from the "www" site instead which is not what we want. Is the culprit the dev's htaccess file? Apache is listening on 8080 and does use the proper DB settings, but just not the correct theme files. One other note: browsing dev.domain.com:8080 gives an error: "The page isn't redirecting properly". Should we just purchase a new IP address for the dev website, or would this still not help? Any advice would be appreciated. Thanks.

    Read the article

  • How to effectively secure a dedicated server for intranet use?

    - by Mark
    I need to secure a dedicated server for intranet use, the server is managed so will have software based security, but what other security should be considered for enterprise level security? The intranet is a host for an ECM (Alfresco) managing and storing sensitive documents. As the information is sensitive we are trying to make it as secure as reasonably possible (requirement in UK law). We plan to encrypt the data on the database. It will be connected to via SSL encryption. Should we consider Hardware firewall, Private lan between the application server and database server?

    Read the article

  • Join multiple consecutive SQLite database dump files into 1 common database? Purpose: Search through ENTIRE Chrome Browsing History

    - by porg
    Google Chrome 's default web browsing history search engine only lets you access the records of the recent 100 days. Nevertheless in your application data, Chrome keeps your entire browsing history in SQLite database files, with the file naming scheme of "History Index YYYY-MM". I am looking for a way to search… …through my entire browsing history, …with sophisticated filters (limit search terms to certain fields such as URL, domain, title, body text; wildcard or regex terms, date ranges). … in … …either some ready-made software. eHistory came close, as it can limit terms to fields, but it lacks wildcards/regexes, and has the same limited time horizon as the default search. Beyond that, I could not find any suited Chrome extension or standalone (Mac) app. …or a command line to join multiple SQLite database files into one database, which I can then query (with the full syntax power). In the spirit of the pseudo code below: Preferred this way: sqlite --targetDatabase ChromeHistoryAll --importFiles /path/to/ChromeAppData/History\ Index* --importOnlyYetUnknownFiles Or if my desired feature --importOnlyYetUnknownFiles is not possible (feature could also be called "avoid duplicate imports by checking UIDs"), then by explicitly only importing files, of which I know, that they have yet not been imported into the ChromeHistoryAll database: cd ChromeAppData; sqlite --databaseTarget ChromeHistoryAll --importFiles YetNotImported1 YetNotImported2 YetNotImported3 All my queries I would then perform in the database "ChromeHistoryAll" P.S.: Additional question of general interest: Is there a way to perform a database query in a temporary database which was created on-the-fly from multiple files? Like: sqlite --query="SQL query" --targetDatabase DbAll --DBtemporaryInRAM --importFiles db1 db2 db3 This is surely not applicable for my Chrome question, as these History Index files have a combined file size of 500MB together, thus such a query would be of bad performance. But it could come handy in other situations.

    Read the article

  • What character can be safely used for naming files on unix/linux?

    - by Eric DANNIELOU
    Before yesterday, I used only lower case letters, numbers, dot (.) and underscore(_) for directories and file naming. Today I would like to start using more special characters. Which ones are safe (by safe I mean I will never have any problem)? ps : I can't believe this question hasn't been asked already on this site, but I've searched for the word "naming" and read canonical questions without success (mosts are about computer names). Edit #1 : (btw, I don't use upper case letters for file names. I don't remember why. But since a few month, I have production problems with upper case letters : Some OS do not support ascii!) Here's what happened yesterday at work : As usual, I had to create a self signed SSL certificate. As usual, I used the name of the website for the files : www2.example.com.key www2.example.com.crt www2.example.com.csr. Then comes the problem : Generate a wildcard self signed certificate. I did that and named the files example.com.key example.com.crt example.com.csr, which is misleading (it's a certificate for *.example.com). I came back home, started putting some stars in apache configuration files filenames and see if it works (on a useless home computer, not even stagging). Stars in file names really scares me : Some coworkers/vendors/... can do some script using rm find xarg that would lead to http://www.ucs.cam.ac.uk/support/unix-support/misc/horror, and already one answer talks about disaster. Edit #2 : Just figured that : does not need to be escaped. Anyone knows why it is not used in file names?

    Read the article

  • IIS 7: launch unique site instance per host name

    - by OlduwanSteve
    Is it possible to configure IIS 7 so that a single site with multiple bindings (or wildcard bindings) will launch a unique instance for each unique host name? To explain why this is desirable, we have an application that retrieves its configuration from a remote system. The behaviour of the application is governed by this configuration and not by the 'web.config'. The application uses its host name as a key to retrieve the configuration. Currently it is a manual process to create an identical IIS site for each instance of the application, differing only by the bindings. My thought, if it were possible, is that it would be nice to have one IIS site that effectively works as a template for an arbitrary number of dynamic sites. Whenever it is accessed by a unique host name a new instance of the site would be launched, and all further requests to that host name would go to that instance just as though I had created the site by hand. I use IIS regularly, but only for fairly straightforward site hosting. I'd like to know if this could be configured with vanilla IIS 7, but would also welcome answers that require a plugin or 3rd party product. Programming/architectural suggestions about changes to the app wouldn't really be appropriate for serverfault.

    Read the article

  • Has anyone seen an HTTP 500 error when HTTPS traffic going through Pound Proxy forwards to an HTTP page?

    - by scientastic
    We have Varnish as our load balancer and reverse proxy cache for normal HTTP traffic. For HTTPS traffic, we use Pound proxy to unwrap the SSL and forward to Varnish, which then forwards to the back-end servers. This is used for our "checkout" process to encrypt credit card info in transition. However, on the last stage of checkout, users are always getting an HTTP 500 (Internal Server) error. It doesn't seem to be due to our back-end app server, by all tests I've tried. Does anyone know anything about how that transition works-- the transition back from HTTPS to HTTP and the interaction between Pound and Varnish-- and why it might cause 500 errors?

    Read the article

  • How do communcations through ports works

    - by user71866
    I was studying socket programming and certain questions came to my mind. These are some beginner level doubts Is it mandatory to to use well known port for a particular application. For example if i am using ssl, can i design a server to listen on 1000 rather than 443. For http we are connecting to port 80 from some other arbitrary port. Whys no port 80 to port 80 communcation. how a server responds to connections coming to it from different ports to its port 80. how many connections are possible to a particul

    Read the article

  • where are the default ulimit values set? (linux, centos)

    - by nomercysir
    I have two CentOS (5) servers with nearly identical specs. When I login and do: ulimit -u on one machine, I get unlimited and on the other, 77824 When I run a cron like * * * * * ulimit -u > ulimit.txt I get the same results (unlimited, 77824). I am trying to determine where these are set so that I can alter them. They are not set in any of my profiles (.bashrc, /etc/profile, etc .. these wouldn't affect cron anyway) nor in /etc/security/limits.conf (which is empty). I have scoured google and even gone so far as to do grep -Ir 77824 / but nothing has turned up so far. I don't understand how these machines could have come preset with different limits. I am actually wondering not for these machines, but for a different (CentOS 6) machine which has a limit of 1024, which is far too small. I need to run cron jobs with a higher limit and the only way I know how to set that is in the cron job itself. That's ok, but I'd rather set it system wide so it's not as hacky. Thanks for any help. This seems like it should be easy (NOT) EDIT -- SOLVED Ok, I figured this out. It seems to be an issue either with CentOS 6 or perhaps my machine configuration. On the CentOS 5 configuration, I can set in /etc/security/limits.conf: * - nproc unlimited and that would effectively update the accounts and cron limits. However, this does not work in my CentOS 6 box. Instead, I must do: myname1 - nproc unlimited myname2 - nproc unlimited ... And things work as expected. Maybe the UID specification works to, but the wildcard (*) definitely DOES NOT here. Oddly, wildcards DO work for the 'nofile' limit. I still would love to know where the default values are actually coming from, because by default, this file is empty and I couldn't see why I had different defaults for the two CentOS boxes, which had identical hardware and were from the same provider.

    Read the article

  • Route SOAP request through external server

    - by sanbornm
    I need to integrate with a SOAP Web Service that requires that the requests come from a whitelisted IP address. As I often do development from all over the place it is quite annoying to ask for a new whitelisted IP each time. I have a remote server that is whitelisted. How can I route my SOAP request (I can change the endpoint in the WSDL) to my remote machine and have that forwarded to the Web Service? My remote server is used for other things so it needs to only forward a specific port, not all traffic. Oh, and the Web Service expects SSL.

    Read the article

  • proxy: no HTTP 0.9 request (with no host line)

    - by TestPlanManagement.com
    I'm getting a bunch of these errors in my error.log: [client 1.2.3.4] proxy: no HTTP 0.9 request (with no host line) on incoming request and preserver hose set forcing hostname to be www.mydomain.com for uri / My config is essentially: ProxyRequests Off <VirtualHost 1.2.3.4:80> ServerName www.mydomain.com DocumentRoot "c:/apache/htdocs" ProxyPreserveHost On ProxyPass / http://172.1.1.1/ </VirtualHost> <VirtualHost 1.2.3.4:443> ServerName www.mydomain.com DocumentRoot "c:/apache/htdocs" # SSL Stuff ProxyPreserveHost On ProxyPass / http://172.1.1.1/ </VirtualHost> Anyone have an idea how to eliminate those warnings?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 119 120 121 122 123 124 125 126 127 128 129 130  | Next Page >