Search Results

Search found 5875 results on 235 pages for 'https'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 13/235 | < Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >

  • part of google search appliance drawing from http instead of https

    - by mcgyver5
    we are using the google search appliance in our web app. It is used by several other parts of our organization but we are using it on a web app that uses https. So, we followed google's instructions to get all the google code via https so that users don't get the annoying "This page contains both secure and insecure items" popup. Most of the google code has behaved and come to us as https, but there is a part of it pulling from http://www.google.com/cse full URL = http://www.google.com/cse?q=searchTerma&cx=001025153263958516519%3Aj2323tveixc&cof=FORID%3A11%3BNB%3A1&ie... that causes the insecure items warning to popup. This popup occurs in the results page and the above URL is the only non-secure request I can find.

    Read the article

  • Switch to https

    - by Mike
    I'm looking to use an .htaccess file to use mod_rewrite to switch the protocol from http:// to https:// when someone hits my website. For instance, once someone goes to: http://www.mywebsite.com/ I'd like the browser to switch to: http*s*://www.mywebsite.com/ The same goes for the http://mywebsite.com/ - https://mywebsite.com This is the following code I've been using and I've experienced some odd things so if anyone could provide me with information if this is the right way to do it, or if you have a better way, please provide it. Thanks in advance. RewriteEngine On RewriteCond %{SERVER_PORT} !=443 RewriteRule ^(.*)$ https://www.ebaillv.com/$1 [R=301,L]

    Read the article

  • Need advise on linking apache and tomcat

    - by hsnm
    I have been searching this for hours with no luck. I have a web server that uses https on Apache2. I also have installed tomcat7 on the same server to run some Java webapp on it. I need to keep my https port 443 on Apache but forward the requests to the Java webapp to tomcat. I tried to use mod_jk to redirect the requests to tomcat but I failed. Most tutorials talk about redirecting plain http requests not https. I also could not let tomcat use https on 8443. I'm following the steps here but facing errors. The question: Can I redirect https traffic to tomcat without installing https on tomcat? Is there a good tutorial you can recommend to me?

    Read the article

  • How to specify Multiple Secure Webpages with .htaccess RewriteCond

    - by Patrick Ndille
    I have 3 pages that I want to make secure on my website using .htaccess -login.php -checkout.php -account.php I know how to make just one work page at a time using .htaccess RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] I and trying to figure out how to include the other 2 specific pages to make them also secure and used the expression below but it didn't work RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteCond %{REQUEST_URI} /checkout.php RewriteCond %{REQUEST_URI} /account.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] Can someone help me the right expression that will work with multiple pages? The second part of the code is that, if https is already on and a user move to a page that Is not any of the pages i specified about, I want that it should get back to http. how should I write the statement for it to redirect back to http if its not any of the pages above? I have my statement like this but its not working RewriteCond %{HTTPS} on RewriteRule !(checkout|login|account|payment)\.php http://%{HTTP_HOST}%{REQUEST_URI} [L,R] Any thoughts?

    Read the article

  • Debate: Can a HTTPS connection be hijacked with a man-in-the-middle kind of attack?

    - by Iulian Serbanoiu
    Hi, I'm wondering if the company I work for can see what I'm doing when I'm using a HTTPS connection - gmail for example. My case: I'm using gmail from work but I need to enter a password for a proxy when accesing the first web page - the password is asked inside the browser. I receive from the proxy a certificate which I must accept in order to make the Internet connection work. So the question is: Can https data exchange, between gmail and browser, be tracked? Thanks, Iulian

    Read the article

  • Using Java, Need to establish an https connection via proxy.

    - by Zombies
    I need to establish and send/read over/from an https connection (to a website of course) but through an http proxy or SOCKS proxy. A few other requirements supports blocking (I can't use non-blocking/nio) isn't set as an environment or some other global scope property (there are multiple threads accessing) I was looking into HttpCore components but I did not see any support for blocking https.

    Read the article

  • Can I have HTTPS and HTTP for a single instance of an application?

    - by Sivakanesh
    I'm planning a web application that will have its own server behind the corporate firewall. There will be two sets of users, internal and external to the organisation. Internal users will be located inside of the firewall as same as the application server and the external users are outside over the internet. All users will be authenticated via a login by the web application. I would like a setup where the external users will be required to access whole of the application using SSL and the internal users via standard http connection. I would like to know, if it is possible to setup a single instance the application so that it can be accessed via SSL for external (over the internet) users AND over http for internal users? Thanks

    Read the article

  • ESB Toolkit 2.0 EndPointConfig (HTTPS with WCF-BasicHttp and the ESB Toolkit 2.0)

    - by Andy Morrison
    Earlier this week I had an ESB endpoint (Off-Ramp in ESB parlance) that I was sending to over http using WCF-BasicHttp.  I needed to switch the protocol to https: which I did by changing my UDDI Binding over to https:  No problem from a management perspective; however, when I tried to run the process I saw this exception: Event Type:                     Error Event Source:                BizTalk Server 2009 Event Category:            BizTalk Server 2009 Event ID:   5754 Date:                                    3/10/2010 Time:                                   2:58:23 PM User:                                    N/A Computer:                       XXXXXXXXX Description: A message sent to adapter "WCF-BasicHttp" on send port "SPDynamic.XXX.SR" with URI "https://XXXXXXXXX.com/XXXXXXX/whatever.asmx" is suspended.  Error details: System.ArgumentException: The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via    at System.ServiceModel.Channels.TransportChannelFactory`1.ValidateScheme(Uri via)    at System.ServiceModel.Channels.HttpChannelFactory.ValidateCreateChannelParameters(EndpointAddress remoteAddress, Uri via)    at System.ServiceModel.Channels.HttpChannelFactory.OnCreateChannel(EndpointAddress remoteAddress, Uri via)    at System.ServiceModel.Channels.ChannelFactoryBase`1.InternalCreateChannel(EndpointAddress address, Uri via)    at System.ServiceModel.Channels.ChannelFactoryBase`1.CreateChannel(EndpointAddress address, Uri via)    at System.ServiceModel.Channels.ServiceChannelFactory.ServiceChannelFactoryOverRequest.CreateInnerChannelBinder(EndpointAddress to, Uri via)    at System.ServiceModel.Channels.ServiceChannelFactory.CreateServiceChannel(EndpointAddress address, Uri via)    at System.ServiceModel.Channels.ServiceChannelFactory.CreateChannel(Type channelType, EndpointAddress address, Uri via)    at System.ServiceModel.ChannelFactory`1.CreateChannel(EndpointAddress address, Uri via)    at System.ServiceModel.ChannelFactory`1.CreateChannel()    at Microsoft.BizTalk.Adapter.Wcf.Runtime.WcfClient`2.GetChannel[TChannel](IBaseMessage bizTalkMessage, ChannelFactory`1& cachedFactory)    at Microsoft.BizTalk.Adapter.Wcf.Runtime.WcfClient`2.SendMessage(IBaseMessage bizTalkMessage)  MessageId:  {1170F4ED-550F-4F7E-B0E0-1EE92A25AB10}  InstanceID: {1640C6C6-CA9C-4746-AEB0-584FDF7BB61E} I knew from a previous experience that I likely needed to set the SecurityMode setting for my Send Port.  But how do you do this for a Dynamic port (which I was using since this is an ESB solution)? Within the UDDI portal you have to add an additional Instance Info to your Binding named: EndPointConfig  Then you have to set its value to:  SecurityMode=Transport Like this:    The EndPointConfig is how the ESB Toolkit 2.0 provides extensibility for the various transports.  To see what the key-value pair options are for a given transport, open up an itinerary and change one of your resolvers to a “static” resolver by setting the “Resolver Implementation” to Static.  Then select a “Transport Name” ”, for instance to WCF-BasicHttp.  At this point you can then click on the “EndPoint Configuration” property for to see an adapter/ramp specific properties dialog (key-value pairs.)    Here’s the dialog that popped up for WCF-BasicHttp:   I simply set the SecurityMode to Transport.  Please note that you will get different properties within the window depending on the Transport Name you select for the resolver. When you are done with your settings, export the itinerary to disk and find that xml; then find that resolver’s xml within that file.  It will look like endpointConfig=SecurityMode=Transport in this case.  Note that if you set additional properties you will have additional key-value pairs after endpointConfig= Copy that string and paste it into the UDDI portal for you Binding’s EndPointConfig Instance Info value.

    Read the article

  • Google CDN - using http vs https

    - by HorusKol
    All the examples of accessing google's CDN use https:// in the URL (including on Google itself) - but this has caused a problem when testing in Safari (certificate problem and also different domain). <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script> I have switched to calling it over http instead, but just wondering if this is a mistake or security issue?

    Read the article

  • SSL on site which asks API via HTTPS

    - by Larry Cinnabar
    For example I have a site site.com. It has its own http json api: api.site.com. API has authorisation and it runs under https. Now, I need to make visualization of some functionality of json api - so I need to make a profile section on site.com: Authorisation form, and user profile section with actions. All actions will be done via cURL requests to https://api.site.com. Have I use SSL on site.com too?

    Read the article

  • Is my current htaccess setting hurting SEO?

    - by user656002
    I have a site that I have redirecting to https. I do this to leverage wildcard SSL for my password protected pages. Everything seems to work fine with testing. For example, whether you type in http or www, you always get redirected to the SSL https... That said, I have about 200-300 external backlinks -- many high quality, yet google webmaster (along with SEOMoz), shows I have just 4... Huh? I'm embarrassed to say I just discovered this. This has led me to hypothesize that maybe my settings in htaccess is messed up, so google isn't recognizing a link because it's recorded on another site as http, instead of https. Maybe? At any rate, here is my simple htaccess setting for 301 www to http (The https redirect must be done inside the virtual host file--I think). I don't have anything in the htaccess file for https RewriteCond %{HTTP_HOST} ^www\.example\.com$ [NC] RewriteRule ^(.*)$ http://example.com/$1 [L,R=301] Like I said, everything works fine for redirect over https, so I'd rather not screw up what works. On the other hand something is very wrong with google finding all my back links, so I need to fix something... I'm just wondering that maybe google isn't picking up a my backlinks from other websites recording me as http because I'm at https. Maybe google doesn't care and it's some other issue. Am I barking up the right tree? If so any quick fixes? Thanks as always!

    Read the article

  • Which SSL do I need?

    - by Maik Klein
    I need to buy a ssl certificate. Now there are so many different alternatives with a huge price range. I know the very basic differences of browser compatibility and security level. But I need a "cheap" ssl certificate. My homepage looks like this http://www.test.com Now if I go to the loginpage i should switch to https like this https:/www.test.com/login I am also considering to secure the whole site if the user has singed in. Now there are sites which are offering SSl for 7$/year. Would this do the job? Or would you recommend me to get something more expensive like this one? I want to add paypal support in a later version of my website and I don't want to save money on the wrong end. What would you recommend me?

    Read the article

  • Redirecting traffic to a https site

    - by Saif
    In our mail server there are multiple virtual email domain hosted. User can use webmail.example.com (this is the first apache virtualhost) to check mail or they can use mail.THEIR-DOMAIN.com. If the put mail.THEIR-DOMAIN.com apache shows the webmail.example.com as it is the first virtualhost and mail.THEIR-DOMAIN.com doesn't exist. Recently we imposed https for webmail.example.com and added this mod_rewrite rule: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} But now users not getting the default webmail page as they were getting before. How can we redirect all request coming to the URL "mail.ANY-DOMAIN.com" to "https://webmail.example.com"? I've tried the following but it didn't work: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (mail.*) https://webmail.example.com Thanks for your help in advance.

    Read the article

  • Safari can’t establish a secure connection to the server

    - by gdelfino
    I realize there is another question with the same title, but my situation is very different. The problem started on three of my computers after upgrading from Leopard to Snow Leopard. I can login to gmail and facebook using https with no problem. I can not login to https://identi.ca/main/login or https://seminars.wolfram.com/ or https://panopticlick.eff.org with Safari, works fine with Firefox. Already tried "Safari Reset..." Any ideas?

    Read the article

  • How do I configure a site in IIS 7 for SSL with a wildcard certificate?

    - by michielvoo
    We have an Windows 2008 server with IIS 7 to test sites we develop for our clients. Each site has a binding on a subdomain: clienta.example.com clientb.example.com clientc.example.com (* Using example.com to protect the innocent) For one of these sites we now have to test if it works over https. So I have created a wildcard certificate request with *.example.com as the common name. I have received the certificate (issued by PositiveSSL SA) and completed the request. The certificate is now installed in IIS. Now I have added an https binding to the second site with the following settings: type: https IP address: All Unassigned Port: 443 Host name: clientb.example.com SSL certificate: *.example.com Browsing the site over regular http works fine. When I try to browse the site over https I get the following errors (depending on the browser used): Chrome This webpage is not available Error 102 (net::ERR_CONNECTION_REFUSED): Unknown error. Firefox Unable to connect Firefox can't establish a connection to the server at clientb.example.com Firebug says Status: Aborted Internet Explorer Internet Explorer cannot display the webpage I have checked Failed Request Tracing, and according to the log the request was completed with status 200. I have run the SSL Diagnostics Tool with the following result: System time: Fri, 04 Mar 2011 14:04:35 GMT Connecting to 192.168.2.95:443 Connected Handshake: 115 bytes sent Handshake: 3877 bytes received Handshake: 326 bytes sent Handshake: 59 bytes received Handshake succeeded Verifying server certificate, it might take a while... Server certificate name: *.example.com Server certificate subject: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.example.com Server certificate issuer: C=GB, S=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=PositiveSSL CA Server certificate validity: From 2-3-2011 1:00:00 To 2-3-2012 0:59:59 1:00:00 To 2-3-2012 0:59:59 HTTPS request: GET / HTTP/1.0 User-Agent: SSLDiag Accept:*/* HTTPS: 85 bytes of encrypted data sent HTTPS: 533 bytes of encrypted data received Status: HTTP/1.1 404 Not Found HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Fri, 04 Mar 2011 14:04:35 GMT Connection: close Content-Length: 315 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"> <HTML><HEAD><TITLE>Not Found</TITLE> <META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD> <BODY><h2>Not Found</h2> <hr><p>HTTP Error 404. The requested resource is not found.</p> </BODY></HTML> HTTPS: server disconnected Final handshake: 37 bytes sent successfully Q: What can I do to make this work?

    Read the article

  • How to get a *.cer file to add a self-signed HTTPS certificate as trusted for Java

    - by pako
    I'm connecting to a HTTPS website with a self-signed certificate using a Java applet. The applet can't open the HTTPS connection - it returns the following exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target So the problem is that I need to add the certificate as "trusted" for Java. I read that I should use the following command: keytool -import -alias abc -file ABCCA.cer Am I correct? How do I retrieve the *.cer file? The server is running Debian 5. I'm using Windows 7 and Java 6 on the client machine.

    Read the article

  • Is there a way for IIS6 to do http and https together in the same site?

    - by puffpio
    The site needs to be accessible both from HTTP and HTTPS (in case the client wants the form submissions to be secure or not) The site is hosted in IIS6 and ideally I'd like to be able to just have one website in there and it can handle both http and https..is this possible? alternatively i was thinking maybe creating a "secure" subdirectory in the site and duplicating everything in there as well..is that feasible? this is further complicated that it is using asp.net 3.5's routing ability to do url rewrites so even if I create a secure subdirectory, i dunno if it will actually pick up that it's supposed to be SSL approved

    Read the article

  • Need only to change links from https to http to access files with no SSL?

    - by spirytus
    I have SSL enabled for subdomain.mydomain.com so I can access files via https://subdomain.mydomain.com. Now please tell me if I'm right.. if I have file somwhere in subdomain.mydomain.com called index.php I can securely access it via: https://subdomain.mydomain.com/someFolder/index.php but I can also access it via http://subdomain.mydomain.com/someFolder/index.php This time communication won't be encrypted though. So now it comes down to links only if I access files in subdomain.mydomain.com securely or not? I will have another related question (and many more probably), but will post it as separate topic to keep things clean :)

    Read the article

  • PHP - login to a remote server, trough my own server, with HTTPS, cookies and proxy, and downloading the html

    - by Yunga Mohani
    Hello, so what i am trying to do is this: login to the other server with a PHP on my own server (either with my username and pass/or with my cookies) then have access to the page i want to display/download i want to write a PHP script that is located on my own server, that automatically does a login to another server, that uses HTTPS and a web form for login. after the login i have access to that page that i am trying to download. i dont know if it would be possible to login and download the html only with the cookies that i have in my browser through a previous login, or if i need to do the login in my php script through some https login method. can i do any of this with curl or fsocksopen or what would be the best way to realize this? thanks in advance!

    Read the article

  • Problem with redirecting *.domain.com & domain.com to www.domain.com for HTTPS

    - by Mat E.
    We have a site I'll call acme.com. Most of the time you see http://www.acme.com and sometimes we redirect you to https://www.acme.com. We want to redirect anyone going to http://acme.com or http://*.acme.com to http://www.acme.com, and the same for https. (It's mainly to avoid the alert you get if you go to https://acme.com instead of https://www.acme.com) Our vhost file is at the end of the post. It works nicely except for one strange behavior: http://acme.com - successfully redirects to http://www.acme.com http://www.acme.com - successfully does not redirect http://foo.acme.com - successfully redirects to http://www.acme.com https://acme.com - successfully redirects to https://www.acme.com https://www.acme.com - successfully does not direct https://foo.acme.com - ERROR - redirects to http://www.acme.com It's this last result I can't fathom. I've tried a lot of trial and error solutions from Google & Stack Overflow but nothing seems to change it. Even if we swap the order of the configurations (so that 443 is before 80) it still redirects https://foo.acme.com to http://www.acme.com We are running Apache/2.2.12 on Ubuntu. Here's the configuration file: <VirtualHost *:80> ServerName www.acme.com ServerAlias acme.com *.acme.com ServerSignature On DocumentRoot /var/www/acme.com/public RailsEnv 'production' PassengerHighPerformance on <Directory /var/www/acme.com/public> AllowOverride all Options -MultiViews </Directory> SSLEngine Off CustomLog /var/log/apache2/acme.log combined ErrorLog /var/log/apache2/acme-error.log # Possible values include: debug, info, notice, warn, error, crit, alert, emerg. LogLevel warn RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^[^\./]+\.[^\./]+$ RewriteRule ^/(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L] </VirtualHost> <VirtualHost *:443> ServerName www.acme.com ServerAlias acme.com *.acome.com DocumentRoot /var/www/acme.com/public RailsEnv 'production' PassengerHighPerformance on <Directory /var/www/acme.com/public> AllowOverride all Options -MultiViews </Directory> SSLCertificateFile /etc/ssl/certs/www.acme.com.crt SSLCertificateKeyFile /etc/ssl/private/acme.com.private.key SSLCACertificateFile /etc/ssl/certs/EV_intermediate.crt SSLEngine On CustomLog /var/log/apache2/ssl-acme.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" ErrorLog /var/log/apache2/ssl-acme-error.log # Possible values include: debug, info, notice, warn, error, crit, alert, emerg. LogLevel warn RewriteEngine On RewriteCond %{HTTPS} on RewriteCond %{HTTP_HOST} ^[^\./]+\.[^\./]+$ RewriteRule ^/(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L] </VirtualHost>

    Read the article

  • Apache: Setting up a reverse proxy configuration with SSL with url rewriting

    - by user1172468
    There is a host: secure.foo.com that exposes a webservice using https I want to create a reverse proxy using Apache that maps a local http port on a server internal.bar.com to the https service exposed by secure.foo.com Since it a web service I need to map all urls so that a path: https://secure.foo.com/some/path/123 is accessible by going to: http://internal.bar.com/some/path/123 Thanks. I've gotten this far: <VirtualHost *:80> ServerName gnip.measr.com SSLProxyEngine On ProxyPass / https://internal.bar.com/ </VirtualHost> I think this is working except for the url rewriting. Some resources I've found on this are: Setting up a complex Apache reverse proxy Apache as reverse proxy for https server

    Read the article

  • Apache: redirect to https before AUTH for server-status

    - by Putnik
    I want to force https and basic auth for server-status output (mod_status). If I enable auth and user asks for http://site/server-status apache first asks for pass, then redirects to httpS, then asks for pass again. This question is similar to Apache - Redirect to https before AUTH and force https with apache before .htpasswd but I cannot get it work because we are speaking not about generic folder but Location structure. My config (shortly) is as follows: <Location /server-status> SSLRequireSSL <IfModule mod_rewrite.c> RewriteEngine on RewriteBase /server-status RewriteCond %{HTTPS} off RewriteCond %{SERVER_PORT} 80 RewriteRule ^ - [E=nossl] RewriteRule (.*) https://site/server-status} [R=301,L] </IfModule> SetHandler server-status Order deny,allow Deny from all Allow from localhost ip6-localhost Allow from 1.2.3.0/24 Allow from env=nossl AuthUserFile /etc/httpd/status-htpasswd AuthName "Password protected" AuthType Basic Require valid-user Satisfy any </Location> I assume Allow from env=nossl should allow everyone with RewriteCond %{HTTPS} off and server port 80, then force it to redirect but it does not work. Please note, I do not want force to SSL the whole site but /server-status only. If it matters the server has several sites. What am I doing wrong? Thank you.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >