Search Results

Search found 6253 results on 251 pages for 'apache2 ssl'.

Page 14/251 | < Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >

  • How to validate SSL certificate chain in ruby with net/http

    - by maledictus
    How can I verify the certificates of a site like https://processing.ukash.com/ in ruby with net/http? https = Net::HTTP.new('processing.ukash.com', 443) https.use_ssl = true https.verify_mode = OpenSSL::SSL::VERIFY_NONE Works so far, but how do I verify that it's the right cert now? I saved the certificate from within firefox, but the resulting .pem file has many certificates in it and net/http doesn't seem to like it.

    Read the article

  • SSL Not Working on other network

    - by Yan
    Hi I am running windows server 2003 standard and have installed the ssl cert for the company website . Attempting to access the website securely outside of our network the page does not load. Thanks in advance!

    Read the article

  • SSLException: HelloRequest followed by an unexpected handshake message

    - by mseebach
    I'm trying to connect to a webservice over SSL using Apache Commons HttpClient 3.1, using this: String url = "https://archprod.service.eogs.dk/cvronline/esb/LegalUnitGetSSLServicePort"; HttpClient client = new HttpClient(); PostMethod post = new PostMethod(url); StringRequestEntity entity = new StringRequestEntity(requestXml, "application/soap+xml", "utf-8"); post.setRequestEntity(entity); client.executeMethod(post); String response = post.getResponseBodyAsString(); And I get this exception: javax.net.ssl.SSLException: HelloRequest followed by an unexpected handshake message at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1623) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:198) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:188) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloRequest(ClientHandshaker.java:286) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:114) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:525) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:465) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:746) at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75) at java.io.BufferedInputStream.fill(BufferedInputStream.java:218) at java.io.BufferedInputStream.read(BufferedInputStream.java:237) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(HttpMethodBase.java:1973) at org.apache.commons.httpclient.HttpMethodBase.readResponse(HttpMethodBase.java:1735) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1098) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) A request to the same URL on the same machine, using curl, works fine - and if I change the URL to e.g. https://www.verisign.com, it works fine in Java, too. So it appears to be the specific combination of Java and that host, not a general problem. Ubuntu 10.04 beta, Sun JDK 1.6.0_19 (same problem in Ubuntu's bundled OpenJDK 6b18~pre4). Any ideas what's going wrong? Thanks!

    Read the article

  • Debian Apache2 SSL Issues - Error code: ssl_error_rx_record_too_long

    - by Tone
    I'm setting up apache on Debian lenny and having issues with SSL. I've been through numberous tutorials and i had this working on Ubuntu server, but for the life of me can't get anywhere with Debian. Port 80 (http) works fine, but port 443 (https) gives me the following error (in firefox) - homeserver is my hostname and my dhcp assigned ip is 192.168.1.109. I have a feeling it's something with my config and not with the cert/key generation. An error occurred during a connection to homeserver. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) Anyone see any issues with the following config files? /etc/apache2/sites-available/default-ssl <IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin webmaster@localhost ServerName homeserver DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/error.log LogLevel warn CustomLog /var/log/apache2/ssl_access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> SSLEngine on SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost> </IfModule> /etc/apache2/ports.conf NameVirtualHost *:80 Listen 80 Listen 443 #<IfModule mod_ssl.c> # SSL name based virtual hosts are not yet supported, therefore no # NameVirtualHost statement here #Listen 443 #</IfModule> /etc/hosts 127.0.0.1 localhost 127.0.0.1 homeserver #192.168.1.109 homeserver #tried this but it didn't work # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts

    Read the article

  • ssl_error_rx_record_too_long and Apache SSL

    - by Subimage
    I've got a customer trying to access one of my sites, and they keep getting this error ssl_error_rx_record_too_long They're getting this error on all browsers, all platforms. I can't reproduce the problem at all. My server and myself are located in the USA, the customer is located in India. I googled on the problem, and the main source seems to be that the SSL port is speaking in HTTP. I checked my server, and this is not happening. I tried the solution mentioned here, but the customer has stated it did not fix the issue. Can anyone tell me how I can fix this, or how I can reproduce this??? PS: If you can reproduce the problem with the following URL please let me know! THE SOLUTION Turns out the customer had a misconfigured local proxy! Hope that helps anyone finding this question trying to debug it in the future.

    Read the article

  • installing apache2 in debian problem

    - by user40245
    i installed apache2 in debian lenny but when i give the command sudo /etc/init.d/apache2 reload it gives me a statement saying Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName . how can i change the server name? and how can i make it accessible , from another system?

    Read the article

  • Choosing a low cost wildcard SSL cert (PsotiveSSL, RapidSSL, or other)?

    - by Malcolm
    I'm looking to put in place a wildcard SSL certificate for a server that will be providing REST style web services to multiple subdomains. We use NameCheap.com for our DNS services and they offer a choice of 2 very competitively priced wildcard certs: PositiveSSL Wildcard $129.99/yr RapidSSL Wildcard $148.88/yr Is there any reason to choose one of these branded certs over the other? Or are there problems with these low cost certs that we should aware of? If so, what SSL vendor/products do you recommend and why do you recommend them? Thank you, Malcolm

    Read the article

  • If I re-key a SSL certificate for a 2nd/backup server, does the original still work?

    - by Matt
    We have a production server with a wildcard SSL certificate. I'm in the process of creating a backup/failover server that will host the same domains, and therefore will also need the SSL certificate. The certificate on the primary server was installed with the private key non-exportable, so I am unable to export the certificate for installation on the failover server. My question then is - if I re-key the certificate from Go Daddy, does the original certificate installed on the primary server cease to be valid? As an aside, the original (primary) server is IIS 6, the failover is IIS 7 (once the failover is operational, we'll likely upgrade the primary).

    Read the article

  • Good articles to read on SSL and HTTPS?

    - by Igor Romanov
    I had a problem with accepting invalid SSL certificate in my iPhone program. That problem is solved now, however I came to understanding that I have very abstract idea on how exactly the whole thing is working: how web browser is verifying that received certificate is really for host it communicates to and not faked by same party in the middle? if browser talks to some 3rd party (CA?) to do certificate check? and many other questions... Would someone please recommend good source of information with in-depth enough description of how all parts click together?

    Read the article

  • SSL certificate for FTPS, is it the same as for HTTPS?

    - by BlackTigerX
    This question is about "FTP over SSL", if I understand correctly FTPS and HTTPS are just the standard FTP and HTTP protocols running on top of SSL, is this correct? The actual question is: is the certificate that you use for FTPS the exact same that you can use for HTTPS? or are there any differences? To give you some context, I need to get a certificate for an FTPS server, I know I can generate one but it needs to be from an certificate authority, I just need to make sure that I can use the same type of certificate that we use here for HTTPS, otherwise need to know what type of certificate I need to get

    Read the article

  • How do i get Safari to ignore the SSL Certificate error?

    - by Tangopop
    In IE 6, 7, 8 and Firefox 3.6.3 and 3.0.5 i have installed a local SSL Certificate on the machine i am testing on and i have gotten the browser to igonre the SSL error (which is off one of my Web Test servers) Now i am tryin to do the same thing within safari 4 and with no luck. Basically i am running some automated scripts to test my website before they go live and i need to be able to ignore these errors as they will all run autonomosly. This is the error screen i am trying to avoid: http://library.bowdoin.edu/news/images/ezproxy-err/safari.jpg As i say i have installed the certificate locally and the IE 7 browser on the same machine works fine.

    Read the article

  • PHP does not work over ssl connections

    - by Haluk
    Hi, I just got my ssl certificate to work for the first time. For some reason when I connect to my website using https my browser tries to download the php file. I have the following line in my httpd.conf. Isn't this the line which makes sure php files are run using php? AddType application/x-httpd-php .php What else do I need to change so that I can get the php files to work over the https connection. Thanks!

    Read the article

  • Can't copy Ilias-folder via FQDN, but via ip-address?

    - by Lars
    I have an Ilias-Installation, which is available through two virtual hosts: the FQDN and the ip-address. The first server is ssl only, the second plain http. Both configuration files look the same except for the SSL-part: SSLEngine on SSLCertificateFile /etc/apache2/ssl/ilias.pem In the Ilias-Webinterface, I can copy a folder on the plain http. But if I try to copy the same folder on the ssl virtual host, I get the notice, that the copy was started (rough german translation here), but the folder does not show up. There are no errors in the error-logs of php or the webserver and as said, no differences beside the ssl-part. The guys at an ilias-forum did not have an idea, either. Any ideas in here?

    Read the article

  • GeoTrust SSL brand name used by re-sellers

    - by Christopher
    I feel like a I got the bait-and-switch from my web host provider since they advertise "GeoTrust SSL" for $99. I purchased it, thinking the certificate is issued from geotrust.com, but then I get an email from Comodo saying they are providing it. My host provider says they get a discount by using Comodo. I purchased the certificate with the understanding it would be issued by GeoTrust. I called the host provider and they said they usually expect it from GeoTrust, but someone from email support responded saying the product name is "GeoTrust SSL" but they use Comodo to get a discount. I think this is bogus and unfair trade practice. However, searching for "GeoTrust" on google brings up a ton of websites selling "GeoTrust" certificates. How can companies get away with this? Since the host provider is part of BBB I plan to inform my host to update the purchase page on their website to state clearly that... "This certicate is provided at a discount and may be issued by a provider other than GeoTrust.com, such as Comodo.com" Any feedback on this is appreciated.

    Read the article

  • Upgraded to Ubuntu 13.10 - Apache not able to start

    - by 0R10N
    I updated to Ubuntu 13.10 (from Ubuntu 13.04) last weekend, and now Apache is not being able to start. It was working perfectly well until the upgraded, and I haven't changed anything myself. When I ran a restart this is what I get apache2: Syntax error on line 260 of /etc/apache2/apache2.conf: Could not open configuration file /etc/apache2/conf.d/: No such file or directory So, I created the directory, and then I get this: * Starting web server apache2 * * The apache2 configtest failed. Output of config test was: [Wed Oct 30 11:17:42.921934 2013] [proxy_html:notice] [pid 2496] AH01425: I18n support in mod_proxy_html requires mod_xml2enc. Without it, non-ASCII characters in proxied pages are likely to display incorrectly. AH00526: Syntax error on line 84 of /etc/apache2/apache2.conf: Invalid command 'LockFile', perhaps misspelled or defined by a module not included in the server configuration Action 'configtest' failed. The Apache error log may have more information. Thanks!

    Read the article

  • SSL with nginx on subdomain not working

    - by peppergrower
    I'm using nginx to serve three sites: example1.com (which redirects to www.example1.com), example2.com (which redirects to www.example2.com), and a subdomain of example2.com, call it sub.example2.com. This all works fine without SSL. I recently got SSL certs (from StartSSL), one for www.example1.com, one for www.example2.com, and one for sub.example2.com. I got them set up and everything seems to work (I'm using SNI to make all this work on a single IP address), except for sub.example2.com. I can still access it fine over non-SSL, but on SSL I just get a timeout. If I go directly to my server's IP address, I get served the SSL certificate for sub.example2.com, so I know nginx is loading the certificate properly...but somehow it doesn't seem to be listening for sub.example2.com on port 443, even though I told it to. I'm running nginx 1.4.2 on Debian 6 (squeeze); here's my config for sub.example2.com (the other domains have similar configs): server { server_name sub.example2.com; listen 80; listen 443 ssl; ssl_certificate /etc/nginx/ssl/sub.example2.com/server-unified.crt; ssl_certificate_key /etc/nginx/ssl/sub.example2.com/server.key; root /srv/www/sub.example2.com; } Does anything look amiss? What am I missing? I don't know if it matters, but StartSSL lists the base domain as a subject alternative name (SAN); not sure if that would somehow pose problems, if both subdomains list the same SAN.

    Read the article

  • Configure one IIS site to handle two separate SSL certificates using external Load Balancing or SSL Acceleration Servers

    - by bmccleary
    I have one web application on our server that needs to be referenced by two different domain names, both of which have their own SSL certificates. The application is exactly the same for both domains, but we have to keep the two domain names for legal reasons. The problem is that, since both domains need to have their own SSL certificate, that inside of our IIS 7.5 configuration we have to have two separate IIS applications (both pointing to the same physical location) with their own unique IP address and SSL certificate installed. Now, I know that, due to the nature of SSL communications, that this is by design and that you can't assign more than one SSL certificate per IP address and domain name. My question is… is there any way around this limitation and keep one web application in IIS and have it service two SSL certificates based on host name? I know that with the basic IIS configuration that this is not possible, but I was thinking that with some sort of combination of external load balancing and/or SSL acceleration servers/services that we could have these servers process the SSL request and leave IIS clean to have one single application. I am not familiar at all with these technologies, hence the reason I am asking if it is theoretically possible. If not, does anyone else know how to achieve this?

    Read the article

  • MySQL ODBC + SSL with only the SSL Cipher option?

    - by sdek
    Does anybody know how I can have an SSL encrypted connection over MySQL ODBC without the cert options? So I asked my web host to setup a MySQL+SSL connection so that we can access our website's database via ODBC or MySQL Query Browser (or the likes). I am able to get an encrypted connection with the standard mysql client and MySQL Query Browser, but I can't get the ODBC connection to work. Looking for a little help... The way they set it up is a little different from the way I have read about on the interweb. The host didn't setup a cert, or at least I don't think so - I don't need to specify any cert options in my connection. I just need to specify the ssl cipher. Here is how I connect with the mysql client: mysql -h myhost.com -u myuser --ssl-cipher=3DES -p That works to get an encrypted connection. At least I am pretty sure it works because when I run mysql> \s I get SSL: Cipher in use is EDH-RSA-DES-CBC3-SHA Also, when I put EDH-RSA-DES-CBC3-SHA into the SSL Cipher field of MySQL Query Browser (without specifying any other SSL options) it connects just fine. But then when I try to do the same thing with my MySQL ODBC 3.5.1 and 5.1 I get a generic error. Here is the error from the 5.1 Driver. Connection Failed: [HY000] [MySQL][ODBC 5.1 Driver]SSL connection error

    Read the article

  • SSL certificate exception problem in Firefox

    - by Baztoune
    Hi there, and thanks in advance for your help or any tip that could get me out of here. I work on a JEE app with a JBoss server and an Apache. I'm not really familiar with SSL connections and certificates, I understand the basic, but I have to deal with it. So on my local configuration (localhost) I have my connection certificate configured on JBoss and Apache, and a USER_DEV.P12 file, which I import in my certificates in Firefox. I have the same configuration on a distant test server (test-server), and a USER_TEST.P12 which I also import in Firefox. When I access https://localhost/ or https://test-server/ Firefox asks me to add an exception, which is normal. After that, I select the appropriated user certificate, and can use my application normally. But for the second (let's say https://test-server/), Firefox rises me a sec_error_reused_issuer_and_serial error. Of course I googled it and founded the Mozilla help, So when I delete the "server" in my certificate manager, I can access again my second domain, but the same problem occurs for the first one. To shorten the problem, my 2 client/server certificate couples are OK but I can't have 2 certificate exceptions at the same time in Firefox for my 2 different servers/users, even though the names, server address, and MD5 are different. I notified the serial is the same (01), but it's working on my colleague's computer. So am I doing something wrong? Do I have to deal with it manually each time (or with Firefox profiles)? Thanks for your help. Bastien.

    Read the article

  • Setup SSL (self signed cert) with tomcat

    - by Danny
    I am mostly following this page: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html I used this command to create the keystore keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/tomcat6/keystore and answered the prompts Then i edited my server.xml file and uncommented/edited this line <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/etc/tomcat6/keystore" keystorePass="tomcat" /> then I go to the web.xml file for my project and add this into the file <security-constraint> <web-resource-collection> <web-resource-name>Security</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> When I try to run my webapp I am met with this: Unable to connect Firefox can't establish a connection to the server at localhost:8443. * The site could be temporarily unavailable or too busy. Try again in a few moments. * If you are unable to load any pages, check your computer's network connection. If I comment out the lines I've added to my web.xml file, the webapp works fine. My log file in /var/lib/tomcat6/logs says nothing. I can't figure out if this is a problem with my keystore file, my server.xml file or my web.xml file.... Any assistance is appreciated I am using tomcat 6 on ubuntu.

    Read the article

  • first time setting up ssl, running into a strange problem, tutorials haven't been too helpful

    - by pedalpete
    This is my first time trying to set-up an ssl for one a site, and I'm running it on a server that has 3 other sites already hosted. I'm running apache2.?? and the install came with an ssl.conf page. The ssl.conf has the following settings LoadModule ssl_module modules/mod_ssl.so Listen 443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl <VirtualHost *:443> ServerAdmin [email protected] DocumentRoot /var/www/html/securesite ServerName securesite.com ErrorLog logs/securesite-error_log CustomLog logs/securesite-access_log common SSLEngine on SSLCertificateFile /etc/httpd/ssl.crt/securesite.com.crt SSLCertificateKeyFile /etc/httpd/ssl.key/server.key SSLCertificateChainFile /etc/httpd/ssl.crt/gd_bundle.crt </VirtualHost> When I run 'apachectl configtest', I don't get any errors, but running 'apachectl -k restart', I get 'httpd not running, trying to start'. I have two questions 1) Is there an error in the way I'm defining my virtualhost for 443?? the rest of my entries point to <VirtualHost *:80. When I comment out the above entry, apache runs fine. 2) do I need to set-up a redirect from port 80 for secure site? Because most users are going to go to http: or www. , and I need to send them to https: does apache do this automatically? or do i need to create an entry with a redirect?

    Read the article

  • Failed to start apache Can't open /etc/apache2/envvars

    - by bumperbox
    i have had this problem a couple of times now and i am not sure what is causing it Failed to start apache : .: 45: Can't open /etc/apache2/envvars when i look at a dir listing, i get these question marks next to envvars, does anyone know what that means? os is ubuntu 10 if that helps drwxr-xr-x 7 root root 4096 Jan 29 11:56 . drwxr-xr-x 83 root root 4096 Feb 4 10:34 .. -rw-r--r-- 1 root root 8113 Sep 29 01:52 apache2.conf -rw-r--r-- 1 root root 8027 Oct 3 22:26 apache2.conf.dpkg-old drwxr-xr-x 2 root root 4096 Jan 29 11:56 conf.d ?????????? ? ? ? ? ? envvars -rw-r--r-- 1 root root 0 Oct 3 22:25 httpd.conf ?????????? ? ? ? ? ? magic drwxr-xr-x 2 root root 4096 Jan 29 11:56 mods-available drwxr-xr-x 2 root root 4096 Jan 29 10:18 mods-enabled ?????????? ? ? ? ? ? ports.conf drwxr-xr-x 2 root root 4096 Jan 29 11:56 sites-available drwxr-xr-x 2 root root 4096 Jan 29 11:55 sites-enabled UPDATE Just heard back from the hosting company, they move my VPS to a new hardware node last night, and something at their end wasn't quite right which caused the issue

    Read the article

< Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >