ssl certificate - Page 142

What's the role of the brackets in the following piece of code?

- by Emanuil

This is the tracking code for Google Analytics: var _gaq = _gaq || []; _gaq.push(["_setAccount", "UA-256257-21"]); _gaq.push(["_trackPageview"]); (function() { var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true; ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s); })(); You can see that the function in the second paragraph is inside brackets. Why do you think is that?

Read the article

Has anyone managed to get jdotnetservices working on Android ?

- by Bert

I am trying to use jdotnetservices (http://www.jdotnetservices.com/), which is a java SDK for Windows Azure AppFabric, in an Android application. I have had to make some tweaks but only minor ones because jdotnetservices is written to target Java 1.6 and Android uses 1.5. I can get it to compile and run OK but I'm getting errors when I try to access the service bus ACS. Specifically, if I try to get a token from the service bus ACS I get this : Hostname mysolution-sb.accesscontrol.windows.net was not verified. Can anyone give me some pointers as to why this might be ? I can browse to the url of the ACS from Android : https://mysolution-sb.accesscontrol.windows.net/wrapv0.9 which gives me a certificate error, could this be why ? Any way round this ?

Read the article

What are best practices for securing the admin section of a website?

- by UpTheCreek

I'd like to know what people consider best practice for securing the Admin sections of websites, specifically from an authentication/access point of view. Of course there are obvious things, such as using SSL and logging all access, but I'm wondering just where above these basic steps people consider the bar to be set. For example: Are you just relying on the same authentication mechanism that you use for normal users? If not, what? Are you running the Admin section in the same 'application domain'? What steps do you take to make the admin section undiscovered? (or do you reject the while 'obscurity' thing)

Read the article

What's the role of the parentheses in the following piece of code?

- by Emanuil

This is the tracking code for Google Analytics: var _gaq = _gaq || []; _gaq.push(["_setAccount", "UA-256257-21"]); _gaq.push(["_trackPageview"]); (function() { var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true; ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s); })(); You can see that the function is inside parentheses. Why do you think is that?

Read the article

Send post to a different domain using JS

- by Lior

Hello, I'd like a post request to be sent once a certain text input field is changed, using javascript. So here is my current code: <input name="message" onchange="$.ajax({type: \"POST\", url: \"http://example.com/example.php\", data: \"message=\" + document.getElementsByName(\"message\")[0].value});" /> Now, it's working on a regular connection, but it's not working on a secured connection (SSL). I mean, the page is secured, but the request is sent to a non secured page. Is there a solution?

Read the article

Android:How to avoid XML verification failed error and Upgrading to 2.x SDK successfully?

- by user187532

Hi, I have setup for Android development with 1.5 SDK on Mac O.S X - Eclipse 3.5. I want to upgrade the SDK, so as i followed to choose Window-Android SDK and AVD Manager from Eclipse. But it throws error as follows: XML verification failed for https://dl-ssl.google.com/android/repository/repository.xml. Error: cvc-elt.1: Cannot find the declaration of element 'sdk:sdk- repository'. Failed to fetch URL I tried "http" instead of https, but still getting the same error. I don't know why such crap error comes. If i see Android website, http://developer.android.com/intl/zh-CN/sdk/index.html its confusing. Could someone guide me easily to update Android SDK to 2.x or later without uninstalling my current setup environment. Thanks. I appreciate your kind suggestions.

Read the article

How to communicate/share a session between pages over HTTP and HTTPS

- by spirytus

What is common practice for coding web applications where part of the site has to be secured (e.g. checkout section) and part not necessarily, let's say homepage? As far as I know sharing sessions in between HTTP and HTTPS parts of the site is not easily possible (or is it?). What would be common approach if I wanted to display on HTTP page like homepage, shopping cart data (items) that users ordered on HTTPS pages? How those two parts of the site would communicate if necessary? Also isn't it security flaw in popular shopping carts as it seems that many of these have only checkout pages secured (SSL) and the rest not? I'm using PHP if it makes any difference.

Read the article

Xcode 3.2 says the version of iPhone OS isn't supported when my iPhone OS is version 3.1.3

- by fr0man

I just went through the whole certificate/keychain/provisioning/appID/profile/DNA test process to get my app running on my iPhone. Turns out my iPhone OS was out of date (3.0.1 I think), so I updated it. Now it says The version of iPhone OS on “Stefanie's phone” does not match any of the versions of iPhone OS supported for development with this copy of Xcode. Please restore the device to a version of the OS listed below. If necessary, the latest version of Xcode is available here. OS Installed on Stefanie's phone 3.1.3 (7E18) Xcode Supported iPhone OS Versions 3.1.2 (7D11) 3.1.1 (7C146) 3.1.1 (7C145) 3.1 (7C144) 3.0.1 (7A400) 3.0 2.2.1 2.2 2.1.1 2.1 2.0.2 (5C1) 2.0.1 (5B108) 2.0 (5A347) But I have Xcode 3.2.1, which is supposed to support iPhone OS 3.1.3. What am I doing wrong? I have a cruddy internet connection (HughesNet), so I can't upgrade the Xcode SDK without it taking literally days.

Read the article

how can I send messages to/from a Websphere Message Broker from an embedded C client (no JVM)?

- by queBurro

What are my options for pubsubing (or point to point but pubsub is better) messages to and from an IBM message broker from an embedded headless C/C++ linux client that doesn't have a JVM? Ideally we want large file transfer (2GB once per day off of the client) encryption (SSL) reliable ('assured' delivery / QoS2, maybe QoS1 would do) The client in question currently only has exes and some bash scripts, I've been playing with MQTTv3 and RSMB, but for that I'd have to chomp the large files up (and reassemble back home) and I don't want to get into that if there's a transport that will do this for me? I've looked at MQTTv5 (but our client's got no JVM); JMS (no JVM) and XMS? which again looks like it gives me a C API but then needs the JVM to be installed on the client (or am I wrong?) any clues or hints would be appreciated, cheers

Read the article

Implementing a 'Send Feedback' feature in a Java desktop application

- by William

I would like to implement a 'Send Feedback' option in a Java desktop application. One which will pop up a box for the user to enter a comment, then send it to us along with a screenshot of the application window. How would be the best way to communicate the data to us? Two obvious solutions spring to mind: Email - I'm thinking that the application would connect to an SMTP server set-up by us, with the username/password somehow hidden in the code. SMTP over SSL for security (not of the data being sent, but of the SMTP username/password). Web service - pretty self explanatory. Which of these would be best, or is there a better alternative?

Read the article

Is it possible to use HTTPS certificates for licensing?

- by Ton van den Heuvel

I am working on an application with multiple clients and a server running various web-services for the clients. To implement licensing I am thinking about using HTTPS as a protocol for the web-services using certificates that are issued by our company. By influencing the expiration date of a certificate for a client we can prevent them from using our software after their license term. It this possible and does it make sense to you? Additional information: I am planning on using Qt/C++ for the clients, and the Twisted framework for the web-services.

Read the article

cannot access localhost using ip

- by Robert

I have done a small web development project using eclipse. It runs well when I try running it on browser with url localhost:8080/myproject/home.html. But if I want to access it on another machine (laptop, mobile, etc. using the same wifi) it is not possible; it is not able to connect. After Googling for a while found out that I have to use the IP address instead of 'localhost'. So I tried 10.0.0.4:8080/myproject/home.html, but still does not work. In fact i am unable to open that url on the same machine (where localhost:8080/myproject/home.html works fine). I also added a new Inbound rule in control panel firewall settings, allowing access to all ports for protocol TCP. Still have problem in running application with the url 10.0.0.4:8080/myproject/home.html (both on same machine as well as laptop and mobile). FYI i am using Eclipse Indigo, Apache tomcat 6.0 and server.xml file contents is as below: <?xml version="1.0" encoding="UTF-8"?> <Server port="8005" shutdown="SHUTDOWN">  <Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>  <Listener className="org.apache.catalina.core.JasperListener"/>  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"/> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>  <GlobalNamingResources>  <Resource auth="Container" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" name="UserDatabase" pathname="conf/tomcat-users.xml" type="org.apache.catalina.UserDatabase"/> </GlobalNamingResources>  <Service name="Catalina">    <Connector port="8080" protocol="HTTP/1.1" address="10.0.0.4" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>   <Engine defaultHost="localhost" name="Catalina">      <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>  <Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true" xmlNamespaceAware="false" xmlValidation="false">     <Context docBase="myproject" path="/myproject" reloadable="true" source="org.eclipse.jst.jee.server:myproject"/></Host> </Engine> </Service> </Server>

Read the article

nginx improperly forwards to https, adds two trailing slashes when rewriting

- by Kevin

I'm using nginx as a proxy for a django project on mod_wsgi and to serve the static content. I have two domain names for it: asdf-example.com and asdfexample.com. I want to use rewrites to redirect everything to www.asdf-example.com They're not quite working the way they should: asdf-example.com forwards to https:// www.asdf-example.com, which fails because I'm not using SSL. Though asdf-example.com/search forwards to http://.... asdfexample.com and www.asdfexample.com both forward to www.asdf-example.com//, which looks weird. My config file: server { listen 80; server_name asdf-example.com asdfexample.com; if ($host ~* ^asdf-example\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } if ($host ~* ^asdfexample\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } if ($host ~* ^www\.asdfexample\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } ... Thanks

Read the article

Web services Authentication Jungle

- by redben

I have been doing some research lately about best approaches to authenticating web services calls (REST SOAP or whatever). But none of the Approaches convinced me... But i still can't a make a choise... Some talk about SSL and http basic authentication -login/password- which just seems weird for a machine (i mean having to assign a login/password to a machine, or is it not ?). Some others say API keys (seems like these scheme is more used for tracking and not realy for securing). Some say tokens (like session IDs) but shouldn't we stay stateless (especially if in REST style) ? In my use case, when a remote app is calling one of our web services, i have to authenticate the calling application obviously, and the call must - if applicable - tell me which user it impersonates so i can deal with authorization later. Any thoughts ?

Read the article

Paypal Payflow pro library

- by John Stewart

I already have an express checkout integrated with my Codeigniter application. Now I want to integrate seamless paypal where I collect the CC information and pass it to Paypal (via backend) and once everything is approved, my application shows that to the user. All this with out ever going to Paypal's website. I know that Paypal gives a bunch of sample code but they have so many different products that advertise to do the same thing. Is there any wrapper library in PHP that I can use for handling all this? What sort of design decision is involved in migrating to such system? Would I need SSL certificates for this?

Read the article

Converting LDAP from Tomcat to GlassFish

- by Jon

Hi, I have a simple web-app that is developed in Netbeans(6.8) and works fine in Tomcat(6) using LDAP(Active Directory). I need to convert this to an EE (JSF2), so I am moving from Tomcat to GlassFish(v3). I have changed the web files to xhtml and configured the xml files. However, I cannot get the GlassFish LDAP configuration to authenticate. I am attaching my old web.xml and server.xml (from Tomcat) snippets and the portions of the new web.xml, sun-web.xml, and the GlassFish configuration. If anyone can help me figure out where I am missing the piece that will allow a user to be authenticated, I would appreciate it. (btw, I am not using roles, just authenticating against the LDAP db is good enought.) As it is right now, my app will prompt me to enter a user when I try to access a file in the 'protected' area and the GlassFish server throws an exception when it fails to authenticate. Because it works under Tomcat, I know I have the right information, I just don't know how to format it to get GlassFish to pass it along. Thanks. TOMCAT FILES: - Tomcat server.xml: web.xml: <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <description>Authentication Required</description> <url-pattern>/faces/protected/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> * BASIC Please enter your user name and password: GLASSFISH FILES: (I enabled the Security Manager on the Security panel, set the Default Realm to 'LDAPRealm', and added "-Djava.naming.referral=follow" JVM options.) - domain.xml: <auth-realm name="certificate" classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" /> <auth-realm classname="com.sun.enterprise.security.auth.realm.ldap.LDAPRealm" name="LdapRealm"> <property description="()" name="search-bind-password" value="xxxxxxxx" /> <property description="()" name="search-bind-dn" value="cn=xxxxxxxx,ou=Administrators,ou=Information Technology,ou=ITTS,ou=Administrative,ou=xxx,dc=xxxxxx,dc=xxx" /> <property name="jaas-context" value="ldapRealm" /> <property name="base-dn" value="ou=xxx,dc=xxxxxx,dc=xxx" /> <property name="directory" value="ldap://xxxx.xxxxxx.xxx:389" /> <property name="search-filter" value="(&(objectClass=user)(sAMAccountName=%s))" /> </auth-realm> -web.xml: <security-constraint> <display-name>protected</display-name> <web-resource-collection> <web-resource-name>ProtectedArea</web-resource-name> <description/> <url-pattern>/faces/protected/*</url-pattern> </web-resource-collection> <auth-constraint> <description/> <role-name>*</role-name> </auth-constraint> </security-constraint> <security-role> <description/> <role-name>*</role-name> </security-role> <login-config> <auth-method>FORM</auth-method> <realm-name>LDAPRealm</realm-name> <form-login-config> <form-login-page>/faces/login.xhtml</form-login-page> <form-error-page>/faces/loginError.xhtml</form-error-page> </form-login-config> </login-config> sun-web.xml: Here is the exception that it throws: SEVERE: SEC1113: Exception in LdapRealm when trying to authenticate user. javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: User yyyyyyy not found. at com.sun.enterprise.security.auth.realm.ldap.LDAPRealm.findAndBind(LDAPRealm.java:450)

Read the article

How to send news letters in zend

- by Sherif

i am trying to send something like news letter Via Zend_Mail but after 12 mail i got this message Fatal error: Maximum execution time of 30 seconds exceeded in C:\Program Files\Zend\Apache2\htdocs\forga\library\Zend\Mail\Protocol\Abstract.php on line 321 my Code is like: $smtpHost = 'smtp.gmail.com'; $smtpConf = array( 'auth' = 'login', 'ssl' = 'tls', 'port' = '587', 'username' ='[email protected]', 'password' = 'xxxxxxxx' ); $transport = new Zend_Mail_Transport_Smtp($smtpHost, $smtpConf); foreach($users as $user) { $mail = new Zend_Mail(); $mail-setFrom("[email protected]", 'Forga'); $mail-setSubject($subject); if($html=='on') $mail-setBodyHtml($message); else $mail-setBodyText($message); $mail-addto($user); $transport-send($mail); }

Read the article

OpenSSL: SessionTicket TLS extension problem

- by rursw1

Hello, I'm using an application which uses OpenSSL for client TLS side. We upgrade the OpenSSL version from 0.9.8e to 0.9.8k. And then TLS doesn't work... Wireshark shows that the new version (with OpenSSL 0.9.8k) sends the client hello packet with a SessionTicket extension - and the server side responds with a fatal internal error. The previous version sends an almost identical hello packet, but without the SessionTicket ext. When I replaced TLSv1_client_method with SSLv23_client_method, everything worked fine - the sent client hello packet was a SSLv2 one (In the sniffer) without any extension (as it wasn't TLS but SSL?) Is there a better way to disable this extension or to solve the problem in another way? Thanks in advance, rursw1

Read the article

changing src reference based upon https

- by spody

I'm adding a facebook comment widget to a website. I'm placing this widget in a file that is included on everypage. The navigation is relatively linked so it switches back and forth from http and https. But for some reason the comment widget only shows up if both the src linked file and webpage is secure or both the src linked file and webpage is NOT secure. The widget does not display of the src file is secure and the webpage is not secure. So... I've tried this but doesn't work. if (window.location.protocol == 'https:') script.setAttribute('src', 'https://ssl.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php'); } else { script.setAttribute('src', 'http://static.ak.connect.facebook.com/connect.php/en_US') }

Read the article

will the desktop appstore icon be appear only after approval ?

- by hib

hello all , I am just going to submit my iphone application . But I just have a doubt . when I test my application with adhoc certificate the application icon come nicely in the device homescreen . but I haven't got it for desktop app store (i.e iTunes). I have read that I have to submit another 57 by 57 icon for the desktop icon . Question :So this 57 by 57 icon will come in my itunes after I will upload through iTunes Connect and my application is approved ? and will I have to include it in the binary or itunes connect uploading will make it work. thanks .

Read the article

Allowing New Users to Invite Their Gmail Contacts

- by John

Hello, For my site, I would like to give new users the option to invite all of their Gmail contacts to join. What is the basic step-by-step process to set this up? (Also, is it necessary to buy an SSL for this?) Thanks in advance, John EDIT: My site has a basic login where users set up a username and password. I would like to give users the option to invite their Gmail contacts right after they create their new profile. I would also like to give them the option to invite their Gmail contacts anytime they want.

Read the article

Code Signing Identity does not match in my keychain, for mac app store developing?

- by larntin

hi, 1, I already download the "Apple Worldwide Developer Relations Certification Authority",and add it into my keychain. 2, My team leader already had created two Cers for Mac App store developing, I download and add it into my keychain. 3, I used two methods to sign my add, but failed all. First, add code sign section in my .xcodeproj(3.2.5). Second, I used script: productbuild --component ./bin/MAS_Release/MyApp.app /Applications --sign "3rd Party Mac Developer Application: My Company Co., Ltd." --product ./src/MyApp/MyApp-Info.plist MyApp.pkg But it failed with information: Code Signing Identity '3rd Party Mac Developer Application: My Company Co., Ltd.' does not match any valid, non-expired, code-signing certificate in your keychain. I observed that my certifications in keychain don't have small trangle. how make the small trangle absence?(when I'am importing the Cers from my Agent, it don't have the trangle absence)

Read the article

Using java class HttpsURLConnection

- by KB22

Hi all, I have a small piece of code which basically impements a HTTP-Client, i.e. it POSTS request and works with re RESPONSE. As long as HTTP is concenerned everthing work well. For some reason I now have to support HTTPS too. So here is briefly what I do in order to get a connection opened: URL url = new URL(serverAddress); HttpsURLConnection httpsConn = (HttpsURLConnection) url.openConnection(); This fails, stating: sun.net.www.protocol.https.HttpsURLConnectionImpl cannot be cast to com.sun.net.ssl.HttpsURLConnection I guess this is kinda trivial, but I just don't get what I'm doing wrong in this one... Googled it, and the code just looks right - not? any ideas are appreciated! thanks, K

Read the article

file_get_contents() returns "failed to open stream" when hitting HTTPS

- by TMC

file_get_contents() is returning "failed to open stream" when I call it on an HTTPS URL. Warning: file_get_contents(https://google.com) [function.file-get-contents]: failed to open stream: No error in E:\\htdocs\callback3.php on line 5 Same call will work with a non-SSL URL. At first, I thought it was a security issue with my webhoster, but I have verified with phpinfo() that allow url open is indeed allowed. I have also tried this code and verified it works: Anyone have any ideas why file_get_contents() is failing with an HTTPS URL? update: People correctly pointed out this was an HTTPS issue. My webhoster claims this should work, and has no idea how to resolve this. Anyone have specific directions I can give them for their IIS7 setup?

Read the article

Can you create a HIPAA compliant Amazon S3 Web Application?

- by xkingpin

I am facing some questions when trying to design an S3 application using ASP.NET MVC and trying to stay HIPAA compliant. My initial plan was to require an SSL connection to my web server, encrypt the images on my server, then send them to s3 using my private keys. Here's my obvious concerns: You cannot store unencrypted images in any temporary file cache when client views images within the browser. Even if I setup an ashx to generically handle the image in memory, couldn't this get stored in cache? Saying the images will be encrpyted because you will be connecting to my server via https still does not guarantee all browsers will not cache data. It's not possible to even consider the "Query String" with expiration option since data will be encrypted before being stored on disk at s3, and will again be decrypted at my server in memory. I think my only option would be to write/purchase some sort of ActiveX component that will not expose the image as a simple html image source or write my app as a client side WinForm application.

Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

Page 142/170 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149 | Next Page >

- by Emanuil

- by Bert

- by UpTheCreek

- by Emanuil

- by Lior

- by user187532

- by spirytus

- by fr0man

- by queBurro

- by William

- by Ton van den Heuvel

- by Robert

- by Kevin

- by redben

- by John Stewart

- by Jon

- by Sherif

- by rursw1

- by spody

- by hib

- by John

- by larntin

- by KB22

- by TMC

- by xkingpin

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149 | Next Page >