Search Results

Search found 1499 results on 60 pages for 'wildcard certificates'.

Page 13/60 | < Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >

  • Websphere MQ Authentication and Key Certificates

    - by user171523
    I would like to authenticate the user against the MQ Series before user places the Queue message in Queue manager. I am using the IBM MQ Series V7. I would like to know how does the authentication and Key certificate works in terms of validation. It will be great if i can get any helpful links on the same.

    Read the article

  • 1 domain.. 2 server and 2 applications

    - by basit.
    i have a site like twitter.com on server one and on server two i have forum, which path is like domain.com/forum on server one i wanted to implement wild card dns and put main domain on it. but on server two i wanted to keep forum separate, i cant give sub-domain forum.domain.com, because all its links are already put in search engines and link back to domain.com/forum. so i was wondering, how can i put domain and wild card dns on server one and still able to give path on server 2 for domain.com/forum (as sub-folder). any ideas? do you think htaccess can do that job? if yes, then how?

    Read the article

  • Using HttpClient with SSL and certificates

    - by ChrisCM
    While I've been familiar with HTTPS and the concept of SSL, I have recently begun some development and found I am a little confused. The requirement was that I write a small Java application that runs on a machine attached to a scanner. When a document is scanned this is picked up and the file (usually PDF) sent over the internet to our application server that will then process it. I've written the application using Apache Commons libraries and HTTPClient. The second requirement was to connect over SSL, requiring a certificate. Following guidance on the HTTPclient page I am using AuthSSLProtocolSocketFactory from the contributions page. The constructor can take a keystore, keystore password, truststore and truststore password. As an initial test our DBA enabled SSL on one of our development webservers and provided me with a .p12 file which when I imported into IE allows me to connect successfully. I am a bit confused between keystores and truststores and what steps I need to take using the keytool. I tried importing the p12 into a keystore file but get the error: keytool error: java.lang.Exception: Input not an X.509 certificate I followed a suggestion of importing the p12 into Internet Explorer and exporting as a .cer which I can then successfully import into a keystore. When I supply this as a keystore argument of the AuthSSLProtocolSocketFactory I get a meaningless errror, but if I try it as a truststore it seems like it reads it fine but ultimately I get Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate I am unsure if I have missed some steps, I am misunderstanding SSL and mutual authentication altogether or this is mis-configuration on the server side. Can anyone provide suggestions or point me towards resources that might help me figure this out please?

    Read the article

  • Choosing a low cost wildcard SSL cert (PsotiveSSL, RapidSSL, or other)?

    - by Malcolm
    I'm looking to put in place a wildcard SSL certificate for a server that will be providing REST style web services to multiple subdomains. We use NameCheap.com for our DNS services and they offer a choice of 2 very competitively priced wildcard certs: PositiveSSL Wildcard $129.99/yr RapidSSL Wildcard $148.88/yr Is there any reason to choose one of these branded certs over the other? Or are there problems with these low cost certs that we should aware of? If so, what SSL vendor/products do you recommend and why do you recommend them? Thank you, Malcolm

    Read the article

  • WCF Certificates without Certificate Store

    - by Kane
    My team is developing a number of WPF plug-ins for a 3rd party thick client application. The WPF plug-ins use WCF to consume web services published by a number of TIBCO services. The thick client application maintains a separate central data store and uses a proprietary API to access the data store. The thick client and WPF plug-ins are due to be deployed onto 10,000 workstations. Our customer wants to keep the certificate used by the thick client in the central data store so that they don't need to worry about re-issuing the certificate (current re-issue cycle takes about 3 months) and also have the opportunity to authorise the use of the certificate. The proposed architecture offers a form of shared secret / authentication between the central data store and the TIBCO services. Whilst I don’t necessarily agree with the proposed architecture our team is not able to change it and must work with what’s been provided. Basically our client wants us to build into our WPF plug-ins a mechanism which retrieves the certificate from the central data store (which will be allowed or denied based on roles in that data store) into memory then use the certificate for creating the SSL connection to the TIBCO services. No use of the local machine's certificate store is allowed and the in memory version is to be discarded at the end of each session. So the question is does anyone know if it is possible to pass an in-memory certificate to a WCF (.NET 3.5) service for SSL transport level encryption? Note: I had asked a similar question (here) but have since deleted it and re-asked it with more information.

    Read the article

  • Why can't I use SSL certs imported via Server Admin in a custom Apache install?

    - by morgant
    I've got a couple of Mac OS X 10.6.8 Server web servers that run a custom AMP255 (Apache 2.x, MySQL 5.x, and PHP 5.x) stack installed using MacPorts. We've got a lot of Mac OS X Server servers and generally install SSL certs via Server Admin and they "just work" in the built-in services, however, these web servers have always had SSL certs installed in a non-standard location and used only for Apache. Long story short, we're trying to standardize this part of our administration and install certs via Server Admin, but have run into the following issue: when the certs are installed via Server Admin and referenced in our Apache conf files, Apache then prompts for a password upon trying to start. It does not seem to be any password we know, certainly not the admin or keychain passwords! We've added the _www user to the certusers (mainly just to ensure they have the proper access to the private key in /etc/certificates/). So, with the custom installed certs we have the following files (basically just pasted in from the company we purchase our certs from): -rw-r--r-- 1 root admin 1395 Apr 10 11:22 *.domain.tld.ca -rw-r--r-- 1 root admin 1656 Apr 10 11:21 *.domain.tld.cert -rw-r--r-- 1 root admin 1680 Apr 10 11:22 *.domain.tld.key And the following in the VirtualHost in /opt/local/apache2/conf/extra/httpd-ssl.conf: SSLCertificateFile /path/to/certs/*.domain.tld.cert SSLCertificateKeyFile /path/to/certs/*.domain.tld.key SSLCACertificateFile /path/to/certs/*.domain.tld.ca This setup functions normally. If we use the certs installed via Server Admin, which both Server Admin & Keychain Assistant show as valid, they're installed in /etc/certificates/ as follows: -rw-r--r-- 1 root wheel 1655 Apr 9 13:44 *.domain.tld.SOMELONGHASH.cert.pem -rw-r--r-- 1 root wheel 4266 Apr 9 13:44 *.domain.tld.SOMELONGHASH.chain.pem -rw-r----- 1 root certusers 3406 Apr 9 13:44 *.domain.tld.SOMELONGHASH.concat.pem -rw-r----- 1 root certusers 1751 Apr 9 13:44 *.domain.tld.SOMELONGHASH.key.pem And if we replace the aforementioned lines in our httpd-ssl.conf with the following: SSLCertificateFile /etc/certificates/*.domain.tld.SOMELONGHASH.cert.pem SSLCertificateKeyFile /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem SSLCertificateChainFile /etc/certificates/*.domain.tld.SOMELONGHASH.chain.pem This prompts for the unknown password. I have also tried httpd-ssl.conf configured as follows: SSLCertificateFile /etc/certificates/*.domain.tld.SOMELONGHASH.cert.pem SSLCertificateKeyFile /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem SSLCertificateChainFile /etc/certificates/*.domain.tld.SOMELONGHASH.concat.pem And as: SSLCertificateFile /etc/certificates/*.domain.tld.SOMELONGHASH.cert.pem SSLCertificateKeyFile /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem SSLCACertificateFile /etc/certificates/*.domain.tld.SOMELONGHASH.chain.pem We've verified that the certificate is configured to allow all applications access it (in Keychain Assistant). A diff of the /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem & *.domain.tld.key files shows the former is encrypted and the latter is not, so we're assuming that Server Admin/Keychain Assistant is encrypting them for some reason. I know I can create an unencrypted key file as follows: sudo openssl rsa -in /etc/certificates/*.domain.tld.SOMELONGHASH.key.pem -out /etc/certificates/*.domain.tld.SOMELONGHASH.key.no_password.pem But, I can't do that without entering the password. I thought maybe I could export an unencrypted copy of the key from Keychain Admin, but I'm not seeing such an option (not to mention that the .pem options are greyed out in all export options). Any assistance would be greatly appreciated.

    Read the article

  • Exclude string from wildcard in bash

    - by Peter O'Doherty
    Hi, I'm trying to adapt a bash script from "Sams' Teach Yourself Linux in 24 Hours" which is a safe delete command called rmv. The files are removed by calling rmv -d file1 file2 etc. In the original script a max of 4 files can by removed using the variables $1 $2 $3 $4. I want to extend this to an unlimited number of files by using a wildcard. So I do: for i in $* do mv $i $HOME/.trash done The files are deleted okay but the option -d of the command rmv -d is also treated as an argument and bash objects that it cannot be found. Is there a better way to do this? Thanks, Peter #!/bin/bash # rmv - a safe delete program # uses a trash directory under your home directory mkdir $HOME/.trash 2>/dev/null # four internal script variables are defined cmdlnopts=false delete=false empty=false list=false # uses getopts command to look at command line for any options while getopts "dehl" cmdlnopts; do case "$cmdlnopts" in d ) /bin/echo "deleting: \c" $2 $3 $4 $5 ; delete=true ;; e ) /bin/echo "emptying the trash..." ; empty=true ;; h ) /bin/echo "safe file delete v1.0" /bin/echo "rmv -d[elete] -e[mpty] -h[elp] -l[ist] file1-4" ;; l ) /bin/echo "your .trash directory contains:" ; list=true ;; esac done if [ $delete = true ] then for i in $* do mv $i $HOME/.trash done /bin/echo "rmv finished." fi if [ $empty = true ] then /bin/echo "empty the trash? \c" read answer case "$answer" in y) rm -i $HOME/.trash/* ;; n) /bin/echo "trashcan delete aborted." ;; esac fi if [ $list = true ] then ls -l $HOME/.trash fi

    Read the article

  • Red Hat - Accept Self-Signed Certificates

    - by user552788
    Hi: Is there a way I can get a Red Hat Linux box to trust a self-signed certificate? e.g. wget https://example.com - gives an error that certificate is untrusted as 'https://example.com' has a self-signed certificate; with wget '--no-check-certificate' can over-ride checking of the certificate. But I would like to get the Red Hat to implicitly trust the self-signed certificate - is there a way to do this? Thanks.

    Read the article

  • Widespread misinterpretation of DNS rules in resolving wildcards

    - by Dominic Sayers
    [EDITED to add: This problem has gone away on its own. I believe Cloudflare's name resolution may have been to blame. See my own answer below] Here is a snippet of my zone file *.example.com. 300 IN CNAME proxy.herokuapp.com. foo.example.com. 300 IN A 111.111.111.111 If I dig @8.8.8.8 foo.example.com I get the answer I expect: ;; ANSWER SECTION: foo.example.com. 30 IN A 111.111.111.111 The same is true of all other public DNS servers I've tried. However, when I try to set up a check with Pingdom to a URL on foo.example.com it instead sends the traffic to my Heroku app referenced by the *.example.com RR. The same is true of checks set up on New Relic, Errplane and traffic generated by the Heroku app itself. So on the one side, all public DNS servers interpret the zone file one way. Yet four service providers all interpret it a different way, one that differs to the standard suggested by RFC 4592. My question is: are these reputable, mature service providers all wrong? Or is it little me?

    Read the article

  • how to offer subdomain hosting with bandwidth calculation per user

    - by Ke
    Hi, Im a php developer and I would like to offer subdomain hosting,but need also to be able to calculate bandwidth for each subdomain. For the subdomains creation I will use catch-all and wildcards etc to easily set these up. The one thing im a bit stumped on is how to calculate bandwidth for each subdomain, is this possible within php? or are there better solutions for this perhaps using folders or something? Also a script will be loaded under the subdomain, this will vary per user. Is it worth giving each user a new folder and their own script, or more easy to manage one script for all users? Any considerations here? Cheers Ke

    Read the article

  • Nginx - Redirect any Subdomain to File without Rewriting

    - by Waffle
    Recently I have switched from Apache to Nginx to increase performance on a web server running Ubuntu 11.10. I have been having issues trying to figure out how certain things work in Nginx compared to Apache, but one issue has been stumping me and I have not been able to find the answer online. My problem is that I need to be able to redirect (not rewrite) any sub-domain to a file, but that file needs to be able to get the sub-domain part of the URL in order to do a database look-up of that sub-domain. So far, I have been able to get any sub-domain to rewrite to that file, but then it loses the text of the sub-domain I need. So, for example, I would like test.server.com to redirect to server.com/resolve.php, but still remain as test.server.com. If this is not possible, the thing that I would need at the very least would be something such as going to test.server.com would go to server.com/resolve.php?=test . One of these options must be possible in Nginx. My config as it stands right now looks something like this: server { listen 80; ## listen for ipv4; this line is default and implied listen [::]:80 default ipv6only=on; ## listen for ipv6 root /usr/share/nginx/www; index index.php index.html index.htm; # Make site accessible from http://localhost/ server_name www.server.com server.com; location / { # First attempt to serve request as file, then # as directory, then fall back to index.html try_files $uri $uri/ /index.html; } location /doc { root /usr/share; autoindex on; allow 127.0.0.1; } location /images { root /usr/share; autoindex off; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # #error_page 500 502 503 504 /50x.html; #location = /50x.html { # root /usr/share/nginx/www; #} # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { fastcgi_pass unix:/tmp/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } server { listen 80 default; server_name *.server.com; rewrite ^ http://www.server.com/resolve.php; } As I said before, I am very new to Nginx, so I have a feeling the answer is pretty simple, but no examples online seem to deal with just redirects without rewrites or rewriting with the sub-domain section included. Any help on what to do would be most appreciated and if any one has a better idea to accomplish what I need, I am also open to ideas. Thank you very much.

    Read the article

  • ISPConfig - Unexisting subdomain address goes to an existing one

    - by xperator
    I am running Nginx/ISPConfig setup for about 6-7 months. Never had a problem and everything is smooth. But I just noticed that if browse to "blab.example.com", the page opens one of my wordpress blogs on the other domain. No matter what name I use for subdomain, Anything that I enter randomly "b53ks.example.com" still goes to that blog page. I have 3 or 4 different domain names and websites on the same server. But I think I misconfigured somewhere and that might be the cause of this. Lets say I have these domains: example-1.com, example-2.com, another-example.com If I go to anything.example-1.com or serverfault.example-2.com, or google.another-example.com the returned page is my blog at blog.example-1.com Note : I didn't set any subdomain in ISPConfig. Instead, I used "Add new website" for making a subdomain.

    Read the article

  • The rules to connect a web service trough the SSL and Certificates

    - by blgnklc
    There is a web service running on tomcat on a server. It is built on Java Servlet. It is listening others to call itself on a SSL enabled http port. so its web service adreess looks like: https://172.29.12.12/axis/services/XYZClient?wsdl On the other hand I want to connect the web service above from a windows application which is built on .NET frame work. Finally, when I want to connect the web service from my computer; I get some specific erros; Firstly I get; Proxy authentication error; then I added some new line to my code; Dim cr As System.Net.NetworkCredential = New System.Net.NetworkCredential("xname", "xsurname", "xdomainname") Dim myProxy As New WebProxy("http://mar.xxxyyy.com", True) myProxy.Credentials = cr Secondly, after this modifications It says that bad request. I did not get over this error. Moreover I did try to connect the web server on the same computer. I copied my executable program to the computer where the web service runs. The error was like; The underlying connection was closed: Could not establish trust relationship for SSL/TLS secure channel PS: When I try to connect to web service by using Internet Explorer; I see firstly some warnings about accepting an unknown certificate and I click take me to web service an I get there clearly. I want to know what are the basic elements to connect a web service, could you please tell me the requirements that I have to use on my windows project. regards bk

    Read the article

  • SHA2 Certificates in Windows 2003 CA

    - by rursw1
    Hi all, Is it possible to create a certificate template that uses SHA-2 (sha256, sha224, sha384, sha512), from a Windows server 2003 CA? I know how to do it in Windows server 2008 based CA, with the new version (version 3) - it is possible to specify the hash algorithm (Under the "Cryptography" tab of the template properties). But is it possible in 2003 based CA? Thanks.

    Read the article

  • Where are AnkhSVN CA certificates stored?

    - by Roger Lipscombe
    My Subversion repository is available over HTTPS. I've got a self-signed CA root certificate, and the server uses a certificate signed with that. The CA root certificate is stored in Trusted Root Certification Authorities, which means that (for example) Internet Explorer recognises it. AnkhSVN, on the other hand, reports "There are some problems with this server's certificate". So: what is AnkhSVN using as its certificate store? It doesn't appear to be the Windows one. And how do I put my CA root certificate in there?

    Read the article

  • Why can't I see all of the client certificates available when I visit my web site locally on Windows 7 IIS 7?

    - by Jay
    My team has recently moved to Windows 7 for our developer machines. We are attempting to configure IIS for application testing. Our application requires SSL and client certificates in order to authenticate. What I've done: I have configured IIS to require SSL and require (and tried accept) certificates under SSL Settings. I have created the https binding and set it to the proper server certificate. I've installed all the root and intermediate chain certificates for the soft certificates properly in current user and local machine stores. The problem When I browse to the web site, the SSL connection is established and I am prompted to choose a certificate. The issue is that the certificate is one that is created by my company that would be invalid for use in the application. I am not given the soft certificates that I have installed using MMC and IE. We are able to utilize the soft certs from our development machines to our Windows 2008 servers that host the application. What I did: I have attempted to copy the Root CA to every folder location for the Current User and Location Machine account stores that the company certificate's root is in. My questions: Could I be mishandling the certs anywhere else? Could there be a local/group policy that could be blocking the other certs from use? What (if anything) should have to be done differently on Windows 7 from 2008 in regards to IIS? Thanks for your help.

    Read the article

  • Nginx: Forward all Subdomains

    - by mgutt
    My code doesn't work with second level tld's like domain.co.uk The strainge thing is, that it works in php with preg_match() ^^ Here is my conf: # add www. if ($host ~ ^(?!www)) { rewrite ^/(.*)$ http://www.$host/$1 permanent; } # remove subdomain if ($host ~ "^www\.(.*)\.(.*\.([a-z]{2,4}|[a-z]{2}\.[a-z]{2}))") { set $host_without_sub $2; rewrite ^/(.*)$ http://www.$host_without_sub/$1 permanent; }

    Read the article

  • Understanding Security Certificates (and thier pricing)

    - by John Robertson
    I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones?

    Read the article

  • Exclude notes based on attribute wildcard in XSL node selection

    - by C A
    Using cruisecontrol for continuous integration, I have some annoyances with Weblogic Ant tasks and how they think that server debug information are warnings rather than debug, so are shown in my build report emails. The XML output from cruise is similar to: <cruisecontrol> <build> <target name="compile-xxx"> <task name="xxx" /> </target> <target name="xxx.weblogic"> <task name="wldeploy"> <message priority="warn">Message which isn't really a warning"</message> </task> </target> </build> </cruisecontrol> In the cruisecontrol XSL template the current selection for the task list is: <xsl:variable name="tasklist" select="/cruisecontrol/build//target/task"/> What I would like is something which selects the tasklist in the same way, but doesn't include any target nodes which have the attribute name="*weblogic" where * is a wildcard. I have tried <xsl:variable name="tasklist" select="/cruisecontrol/build//target[@name!='*weblogic']/task"/> but this doesn't seem to have worked. I'm not an expert with XSLT, and just want to get this fixed so I can carry on the real development of the project. Any help is much appreciated.

    Read the article

< Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >