ssl certificate - Page 129

OpenSSL missing during ./configure. How to fix?

- by P K

I was trying to install node.js and found OpenSSL support missing during ./configure. How can I fix it? Is it a mandatory step? # ./configure Checking for gcc : ok Checking for library dl : not found Checking for openssl : not found Checking for function SSL_library_init : not found Checking for header openssl/crypto.h : not found /home/ec2-user/node-v0.6.6/wscript:374: error: Could not autodetect OpenSSL support. Make sure OpenSSL development packages are installed. Use configure --without-ssl to disable this message.

Read the article

Why would you use EAP-TTLS instead of PEAP?

- by Ivan Macek

As I understood EAP-TTLS and PEAP share same level of security when implemented in wireless networks. Both only provide server side authentication via certificate. The drawback of EAP-TTLS can be non native support in Microsoft Windows so every user has to install additional software. The benefit of EAP-TTLS can be support for less secure authentication mechanisms (PAP, CHAP, MS-CHAP) but why would you need them in modern and properly secure wireless system? What are you opinions? Why should I implement EAP-TTLS instead of PEAP? Let's say that I have most Windows users, medium Linux users and least iOS, OSX users.

Read the article

How to get a service to listen on port 80 on Windows Server 2003

- by Miky D

I've coded a custom windows service that listens on TCP port 80 but when I try to install it on a Windows Server 2003 machine it fails to start because some other service is already listening on that port. So far I've disabled the IIS Admin service and the HTTP SSL service but no luck. When I run netstat -a -n -o | findstr 0.0:80 it gives me the process id 4 as the culprit, but when I look at the running processes that process id points to the "System" process. What can I do to get the System process to stop listening on port 80 and get my service to listen instead? P.S. I should point out that the service runs fine if I install it on my Windows XP or Windows 7 development boxes. Also, I should specify that this has nothing to do with it being a service. I've tried starting a regular application that attempts to bind to port 80 on the Windows Server 2003 with the same outcome - it fails because another application is already bound to that port.

Read the article

HTTP/1.1 503 Service Unavailable Exchange 2003 OWA

- by toups

Receiving HTTP/1.1 503 Service Unavailable when trying to access exchange web access. Server 2003 & Exchange 2003 Have tried: Deleting virtual directories and rebuilding them in IIS Restarting Dismounting & mounting the public folder store & mailbox store It's not AppPoolQueueLength Restarting all services (all proper ones are running) Making it use ssl or not (regular http) -- same thing for both Installing IIS & exchange 2003 on a new 2003 box as a new FE server, OWA on that gets same error. Not sure why it's getting a 503... was working without an issue and randomly is stuck at this no matter what; ll users can still successfully connect and use via outlook, only the web access is having issues. Any suggestions would be appreciated.

Read the article

Using mod_wsgi with mpm_itk: socket permission issue

- by djechelon

I'm using mod_itk as MPM for increased security in shared environment. I also have a Firefox Sync Server within one of the VHosts I host. That vhost is restricted to a certain user via AssignUserId user group. The problem is that the socket /var/run/wsgi...whatever.sock is chmodded srwx------ and owned by Apache's wwwrun. While I configured the vhost with WSGIProcessGroup sync WSGIDaemonProcess sync user=djechelon group=djechelon processes=1 threads=5 I still get the error that Apache wants to access a socket that is not accessible and because of this gets an error. Is it possible to configure mod_wsgi in order to create different sockets with different owners for different applications or to chmod its socket in a different way (less secure)? Currently, I'm running Firefox Sync as the only WSGI application. Moving it to a vhost that doesn't AssignUserId could solve this problem but will force me to change URL (and buy an additional SSL certificate), so I wouldn't consider this

Read the article

CA and VPN setup

- by Raj

We are a small comany about 20 employees. We have some off site some i houser servers. Where should I install CA? On a domain controller or VM? can I obtain my own certificate for MS VPN? Where should I install MS vpn server? can I install on VM CA server? Do I need to open any ports on Firewall? Please send me or direct me to a web site where I can get setip by step installation instructions. Thanks.

Read the article

Oracle Advanced Security Options is Blank

- by mak4pi

I just installed Oracle DB 10gR2 with Oracle Advanced Security, but cannot see the algorithms. [user@db-1] adapters Installed Oracle Net transport protocols are: IPC BEQ TCP/IP SSL RAW Installed Oracle Net naming methods are: Local Naming (tnsnames.ora) Oracle Directory Naming Oracle Host Naming Oracle Names Server Naming Installed Oracle Advanced Security options are: Where are all the algorithms for Oracle Advanced Security options please? I checked the $ORACLE_HOME/bin/adapters file and it's looking for naea256i, naemd5i, etc. in the naetab.so file, but none of these are listed in the naetab.so file. What's wrong with the naetab.so file? Thanks.

Read the article

How to share files between cPanel accounts?

- by Darren

I am setting up a multi-site/multi-store Magento installation, and I want each site to have its own cPanel account so I can setup the SSL and dedicated IP properly. I have tried to create a linux group called 'magento' and changed the files I need to share to that group (even added the users to that group), however when I try to access files through my scripts on those accounts it doesn't acknowledge the files exist. I first made a soft symbolic link which didn't work and then including them to their real location but it didn't work. Am I missing a step in allowing which users can access which files? I added the users to the magento group and like I said changed the group of the files I need to share to them but it's still not working. Thanks, Darren

Read the article

What is an SSH key?

- by acidzombie24

I signed up for github and notice the ssh key option which looked interesting. I originally expected something like an ssl key (name, co name, etc). After going through it i notice i only put a password and it is always myuser@comp-name (this is windows). Why? I thought it was a user/pass id and i can create separate keys for separate purpose for privacy reasons. Now i see i am required to use one to create a repository. Also i see something about a 'private key file' when looking at options. What exactly is an SSH Key and how can i create a separate user without creating a separate login in windows.

Read the article

how to connect public web server to internal LAN

- by DefSol

I have a VPS which is my public web server for all my clients. It's running server 2008 and I would like to have it connect via secure connection to my internal LAN. I would like this to be a route so access is bi-derectional. Have read about Server & Domain isolation, but am concerned this may prevent public views to the webs sites on the server. I currently have a PPTP tunnel, but I'm wanting better security (IPSec or SSL etc) and it's not given my bi derectional access. (In fact my backups aren't copying accross but this could be an acl issue) The goal is to provide easy/automated backups of data & sql db's to my internal LAN, as well as a means to provision new sites & db's from a workflow occuring internally. Internal lan is windows based with ISA 2006 at the perimeter. Thanks

Read the article

OpenLDAP server logs filled with "TLS negotiation failure"

- by WildVelociraptor

I recently migrated an old OpenLDAP setup to a newer server, with a more robust certificate setup. Currently, most hosts are required to verify the cert matches the host: tls_checkpeer yes TLS_REQCERT always In the server logs, there are multiple occurences of: Nov 6 10:45:08 <servername> slapd[1773]: conn=2785646 fd=35 closed (TLS negotiation failure) These errors appear from multiple hosts, but there don't seem to be any issues actually logging into those servers with an LDAP account. Does anyone know what would cause these errors? The server is running Ubuntu 12.04.2, and OpenLDAP version 2.4.28. The cert was generated using GnuTLS.

Read the article

mystery Internet traffic to port 445

- by Ben Collver

Recently, I noticed traffic from the office network to TCP port 445 on the Internet [a]. Below are the Linux firewall log entries to Facebook's network [b] and Google's network [c]. I would like to identify the source of this traffic. My first guess is that Facebook and Google might be using multiple TCP ports for SSL load balancing. However, I could not confirm this based on the web proxy logs. What else might it be? [a] http://support.microsoft.com/kb/204279 [b] Sep 4 08:30:03 firewall01 kernel: IN=eth0 OUT=eth2 SRC=10.0.0.131 DST=69.171.237.34 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=14287 DF PROTO=TCP SPT=51711 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 [c] Aug 28 06:02:41 firewall01 kernel: IN=eth0 OUT=eth2 SRC=10.0.0.115 DST=173.194.33.47 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=4558 DF PROTO=TCP SPT=49294 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0

Read the article

Shibboleth + IIS and Pound Reverse Proxy

- by boburob

Having a bit of a problem getting Shibboleth (SSO) working with ADFS and Pound. The main problem seems to be that: The website address will be https://website.domain.com Pound will then terminate the SSL and forward the traffic to the webserver on a different port (http://server.domain.com:8888) I have set up Shibboleth to protect the address http://server.domain.com:8888, which allows me to retrieve metadata and it all seems to be working fine. However the problem seems to be that ADFS is configured to protect the https website, so when Shibboleth attempts to recieve information from ADFS I get nothing except the following error: A token request was received for a relying party identified by the key 'https://msstagrevproxy.cwpintranet.com/shibboleth', but the request could not be fulfilled because the key does not identify any known relying party trust. Key: https://msstagrevproxy.cwpintranet.com/shibboleth I am not really sure how I can work around this as to retrieve the metadata from Shibboleth I have to use the https address but this does not actually exist in Shibboleth or IIS. Has anyone had any experience with this before or using any other SSO with a reverse proxy that works?

Read the article

How to automatically enter username and password for network location in batch file?

- by Phoenix Logan

I have a batch file that copies files to a network location on WebDAV. The address looks something like this: \\xxxxxxxxx.net@SSL@2078\DavWWWRoot When I restart my computer, the batch file doesn't work and says "Access denied". Before a restart, it works, but it doesn't after the computer restarts. The problem is that it requires me to put in the username and password used to access the server. I have to browse to the server in File Explorer and sign in first. Even if I select the "Remember password" check box, it doesn't work. How can I get it to automatically sign in? I don't want to have to do this every time.

Read the article

How to setup external mail addresses without external autodiscover tries?

- by Tarnschaf

We have a little Exchange/Outlook installation here that fetches the mails from our provider with POP3. Now to be able to send emails outside our organisation, I added another SMTP address to the Exchange User: [email protected] (Default / Reply Address) [email protected] Sending email works using the default address. But now there is an error message each time we start Outlook. Outlook tries to autodiscover using autodiscover.ourcompany.com which doesn't exist. Our autodiscover files are placed on our local server. I think all the servers are discovers, because everything works as expected. Everything except the error message on each Outlook start. (The error message is actually because of an invalid certificate but I don't see why Outlook should contact an external host at all!) So how can I solve this? Forcing Autodiscover on every Outlook client to use the local hosts? Or ist there an even better way?

Read the article

mod_access for lighttpd causes a 403 error for all POST requests

- by Sam

I have found on my debian server that running the lighttpd module mod_access is causing the server to response with a 403 to all POST requests. It's very odd as I have two servers, one is running as I'd expect and the other keeps returning these 403's. They are running identical configs for lighttpd and php. My lighttpd.conf is: https://gist.github.com/4269500 There is also one other custom conf: https://gist.github.com/4269508 I've opened up the servers for requests until I get this fixed, the server that works is http://mercury.isitup.org/ and the one that fails is http://venus.isitup.org/. After working out that disabling mod_access resolves the problem I greped all my lighttpd configs for uses of it (docs). Disabling each line I found didn't help, leading me to think this is perhaps some default behaviour (or bug?)... Has anyone come across this before or know what configuration value I've got wrong? Versions Debian: Debian GNU/Linux 6.0.6 (squeeze) Lighttpd: lighttpd/1.4.28 (ssl) PHP: PHP 5.3.19-1~dotdeb.0 with Suhosin-Patch (cli)

Read the article

Mikrotik server networks and Cain & Abel

- by user269742

I'm connected to the internet via a mikrotik server network. Recently, I read about that scaring application named Cain & Abel and all the capabilities it offered for malicious users. I don't know if anyone on my network is using or even aware of such application but my questions are: 1- How to protect myself from this program? 2- How to know if someone using such application against me? 3- Is Tor Bundle capable of protecting me from Cain & Abel? 4- If I filled my e-mail password via SSL page, Can Cain & Abel collect it? 5- Is it safe to use SKYPE or Yahoo Messenger voice chat if some one using Cain & Abel on my network?

Read the article

racoon-tool doesn't generate full racoon.conf file in /var/lib/racoon/racoon.conf

- by robthewolf

I am using ipsec-tools/racoon to create my VPN. I am using racoon-tool to configure racoon.conf but when I run racoon-tool reload it only generates the first section - Global items. When I run racoon-tool I get: # racoon-tool reload Loading SAD and SPD... SAD and SPD loaded. Configuring racoon...done. This is the entire file /var/lib/racoon/racoon.conf # # Racoon configuration for Samuel # Generated on Wed Jan 5 21:31:49 2011 by racoon-tool # # # Global items # path pre_shared_key "/etc/racoon/psk.txt"; path certificate "/etc/racoon/certs"; log debug; I cannot find anywhere a solution as to why this is happening. Please help

Read the article

RemoteApp: Logging in as user x disconnects user y

- by onik

I'm having a pretty bizarre problem with a Terminal Services server used for RemoteApp. In our network the server works as it should, but at a client's office if two users log in simultaneously, the first one gets disconnected as the other one connects. The users belong to the same group but have individual users. The similar configuration works fine for all other clients. About the server, it's Windows 2008 R2 x64, no AD, SSL encrypted connections. Event viewer shows no useful information. Any hints where to start debugging? Do you need more info about the setup?

Read the article

Need help configurating my Tomcat server

- by gablin

I just reinstalled my entire server, and now I can't seem to get my JSP-based website to work on Tomcat anymore. I use the same server.xml file, which worked perfectly before the reinstallation, but no longer. Here's the content of the server.xml file which worked before:  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />  <Listener className="org.apache.catalina.core.JasperListener" />  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />  <GlobalNamingResources>  <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources>  <Service name="Catalina">    <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost">      <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>        <Host name="www.rebootradio.nu"> <Alias>rebootradio.nu</Alias> <Context path="" docBase="D:/services/http/rebootradio.nu" debug="1" reloadable="true"/> </Host> </Engine> </Service> </Server> The JSP site doesn't use any WAR files or anything like that; there's just a default.jsp in the specified folder D:/services/http/rebootradio.nu which loads the site. As I said, this configuration worked before, but now with the latest verion of XAMPP and Tomcat it doesn't work anymore. All I get is a 404 message saying The requested resource () is not available.

Read the article

Windows replacement for HAProxy

- by GrayWizardx

It does not appear that there is a similar question to this already posted, so I will go ahead and ask. I am working on a project that could benefit from having two - four servers handling incoming requests to a backend webservice. The service does not require SSL but does need to support occassional long running processes (upto 120 secs). This project does not at present have the funding to purchase a hardware load balancing solution. I have previously used HAProxy as a solution for this, and found it very simple and straightforward. Is there a similar product for windows (server 2003 or 2008) which provides similar configuration options and runs as a lightweight service? For reasons outside my control I cannot setup a Linux machine (physical or virtual) and so I am looking for behaviour that can be deployed on a windows machine. I can only find Perlbal which appears to fall into this category. So as not to keep this open indifenitely I will give credit to the only answer.

Read the article

vsftpd: refusing to run with writable root inside chroot

- by MrROY

I want to setup a anonymous only ftp server (able to upload files). Here is my config file: listen=YES anonymous_enable=YES anon_root=/var/www/ftp local_enable=YES write_enable=YESr. anon_upload_enable=YES anon_mkdir_write_enable=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES dirmessage_enable=YES use_localtime=YES secure_chroot_dir=/var/run/vsftpd/empty rsa_cert_file=/etc/ssl/private/vsftpd.pem pam_service_name=vsftpd But when i try to connect it: kan@kan:~$ ftp yxxxng.bej Connected to yxxx. 220 (vsFTPd 2.3.5) Name (yxxxg.bej:kan): anonymous 331 Please specify the password. Password: 500 OOPS: vsftpd: refusing to run with writable root inside chroot() Login failed Can anyone help ?

Read the article

webmin not working on port 10000

- by Ali

Hi, I posted a similar question yesterday but can't seem to find that post. I have installed webmin on my server which has SSL and its service is running but I am unable to open it in browser. I thought may be the port is blocked by server's firewall so I entered port 10000 (TCP - inbound) in APF but still no luck. When I use https://localhost:10000 on server to access webmin then it works fine but not remotely. Why is such a simple thing so hard to run? Thanks

Read the article

Puppet apache module causing 'Error 400 on SERVER: Invalid parameter identifier'

- by Andy Shinn

I am receiving the following error when trying to use the latest puppetlabs-apache module from github (https://github.com/puppetlabs/puppetlabs-apache): Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid parameter identifier at /etc/puppet/environments/apache_update/modules/apache/manifests/mod.pp:40 on node zordon.mydomain.com Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run My node config looks like: node 'zordon.mydomain.com' { include template::common include template::puppetagent include template::lamp User::Create sudo::conf { 'joe': priority = 60, content = 'joe ALL=(ALL) NOPASSWD: ALL', require = User::Create['joe'], } } The template::lamp class is what uses apache module: class template::lamp { include myfirewall Firewall Firewall class { 'apache': } class { 'apache::mod::php': } class { 'apache::mod::ssl': } class { 'mysql::server': } } It looks like serverfault markup is getting garbled on Puppet realize statements. The User::Create and Firewall lines are just realizing a user and 2 firewall rules. I have verified that the /var/lib/puppet/lib/puppet/type/a2mod.rb type has the identifier parameter and it is the same MD5 as the server. I am using Puppet 3.0.1 on both agent and master. Any idea what may cause this?

Read the article

Google App Engine says "Must authenticate first." while trying to deploy any app

- by Oleksandr Bolotov

Google App Engine says "Must authenticate first." while trying to deploy any app: me@myhost /opt/google_appengine $ python appcfg.py update ~/sda2/workspace/lyapapam/ Application: lyapapam; version: 1. Server: appengine.google.com. Scanning files on local disk. Scanned 500 files. Scanned 1000 files. Initiating update. Email: <my_email_was_here>@gmail.com Password for <my_email_was_here>@gmail.com: Error 401: --- begin server output --- Must authenticate first. --- end server output --- We are getting this message with any appliation and under any developer account avialable to us That's what we have installed: App Engine SDK - 1.3.2 PIL - 1.1.7 Python - 2.5.5 pip - 0.6.3 ssl - 1.15 wsgiref - 0.1.2 So, what can it be? Is it well known problem?

Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

Page 129/170 | < Previous Page | 125 126 127 128 129 130 131 132 133 134 135 136 | Next Page >

- by P K

- by Ivan Macek

- by Miky D

- by toups

- by djechelon

- by Raj

- by mak4pi

- by Darren

- by acidzombie24

- by DefSol

- by WildVelociraptor

- by Ben Collver

- by boburob

- by Phoenix Logan

- by Tarnschaf

- by Sam

- by user269742

- by robthewolf

- by onik

- by gablin

- by GrayWizardx

- by MrROY

- by Ali

- by Andy Shinn

- by Oleksandr Bolotov

< Previous Page | 125 126 127 128 129 130 131 132 133 134 135 136 | Next Page >