Search Results

Search found 689 results on 28 pages for 'tls psk'.

Page 18/28 | < Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >

• Redirect an Apache2 SSL VirtualHost with mod_alias

  - by Jeff

  I want to make sure there aren't any odd behaviors that I don't know about when redirecting a SSL VirtualHost with mod_alias Redirect as outlined by Apache here. My code seems to work, but since SSL virtual hosts are restricted to just one IP address, I want to make sure there aren't any problems eluding me. Explicitly not using TLS. I'm stuck with Apache 2.2 for now. <VirtualHost *:443> ServerName example.com SSLEngine On Redirect 301 / https://www.example.com/ </VirtualHost> <VirtualHost *:443> ServerName www.example.com SSLEngine On # Do stuff # </VirtualHost> So I guess my question is, should SSL VirtualHost redirection with mod_alias Redirect work the same as non-SSL redirection?

  Read the article

• PCI scan findings and problems with week ciphers on ports 993,443,995,465

  - by user64991

  From PCI scan results: Synops is : The remote service encrypts traffic using a protocol with known weaknesses . Description : The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients . See also : http://www.schneier.com/paper-ssl.pdf Solution: Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. Risk Factor: Medium / CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N) I have tried to change SSLProtocol all -SSLv2 to SSLProtocol -ALL +SSLv3 +TLSv1 And SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW To SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT But using SSLdigger, it shows the same result. Is this the right way to do something like this?

  Read the article

• Dovecot ignoring maximum number of IMAP connections

  - by Michelle

  I have a single mailbox mail server running Dovecot/Postfix and I have two IMAP clients, Thunderbird on the PC and K9 on Android. I keep on receiving this error in my logs even after I change the 'mail_max_userip_connections' variable to 50. puppet dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10): user=<[email protected]>, method=PLAIN, rip=62.242.90.2, lip=198.29.31.229, TLS Why does it say that it is set to 10 in the log? Is that hardcoded? grep -r "mail_max_userip_connections" /etc/dovecot /etc/dovecot/conf.d/20-managesieve.conf: #mail_max_userip_connections = 10 /etc/dovecot/conf.d/20-pop3.conf: #mail_max_userip_connections = 3 /etc/dovecot/conf.d/20-imap.conf: mail_max_userip_connections = 50 I've restarted dovecot after making the changes but this error is still logged and I can't access the mailbox. Can anyone help me understand why I can't seem to raise the maximum limit?

  Read the article

• Is there a way to set up an SMTP relay that allows users of a web app to have the web app send email

  - by mic

  the web service sends out emails on behalf of the users to their customers. So [email protected] uses webservice and webservice sends emails . The emails should be appearing as coming from [email protected]. Currently what we are trying to do is to configure webservice to act as an email client for each user, each user being able to create their own profile in which they need to configure their smtp server credentials. But given that there are more options for configurations than you can shake your stick at -not to mention trying to explain to users what info to get from where, POP b4 smtp, TLS, SSL, AUTH,etc) I am wondering if there could be a different way. How, if at all could this be approached? Can I set up a postfix server to do what I need to without running into another admin. nightmare or being blocked for spamming? Thank you for your insights

  Read the article

• php-fpm not working several days,return 'No input file specified'

  - by Magic

  My server running ubuntu 64bit, nginx, php-fpm. Everything is working well. But several days after. The browser display 'No input file specified'.After I restart php-fpm. Everything run well again.But this situation occur again and again.So I must restart the php-fpm several days.Anyone know what's the problem? nginx -V output sshadmin@ubuntu:~$ nginx -V nginx: nginx version: nginx/0.9.7 nginx: built by gcc 4.4.3 (Ubuntu 4.4.3-4ubuntu5) nginx: TLS SNI support enabled nginx: configure arguments: --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module

  Read the article

• Sendmail encrypted

  - by user1948828

  I manage a website running on Apache. It has public and private areas. When people apply for an account to access the protected portions of the site, they do a TLS/SSL protected POST containing their information which is saved to a (hopefully) nonpublic directory on the server. Then I have a python script which takes URL Encoded POSTS with this user information, sends back a plaintext confirmation to the applicant, encrypts their information with a freeware java command-line utility to protect it (specifically this one: http://spi.dod.mil/ewizard.htm), base64 encodes them, puts them in a file as a mime attachment and uses sendmail to forward the file information to my (and several coworkers' scattered around the country) email account(s) on an Exchange server with Outlook clients. This has worked well for years, but is awkward because it involves manually decrypting the information on a windows box once it is received, using the above mentioned encryption utility. This significantly limits how many can be processed. I would like to be able to encrypt my information in a format that Outlook/Exchange can inherently understand and display so that these emails can be viewed simply by clicking on them. I do have company provided PKI public certs for all the people I need to send to, and am able to send/receive encrypted emails on Outlook manually, but would like to know how I can send to Outlook from apache/linux/python from the command line using the same PKI certs. Dont need to receive them, just send. Is there a utility that can do this? I had thought pgp might but I havent been able to figure it out.

  Read the article

• testing ssl cert for smtps => "secure connection could not be established with this website"

  - by cc young

  testing ssl cert on server using a web service. https, imaps and pop3s all check, but smtps yields the message "we advise you not to submit any confidential or personal data to this website because a secure connection could not be established with this website." running postfix tls logging: connect from s097.networking4all.com[213.249.64.242] lost connection after UNKNOWN from s097.networking4all.com[213.249.64.242] disconnect from s097.networking4all.com[213.249.64.242] these work correctly: telnet mydomain.net 587 openssl s_client -starttls smtp -crlf -connect mydomain.net:587 but cannot get email using ssl to log into either 587 or 564 - get same "UNKNOWN" problem. email smtp w/o ssh works fine. the test site is http://www.networking4all.com/en/support/tools/site+check/

  Read the article

• What is the correct cipher name for RC4 in Chrome?

  - by qbi

  I want to remove RC4 from Google Chrome and found the commandline option --cipher-suite-blacklist. However I wasn't able to figure out what the correct notation for RC4 is. Whatever I tried so far only brought the message: ERROR:ssl_config_service_manager_pref.cc(55)] Ignoring unrecognized or \ unparsable cipher suite: Even the names listed in ssl_cipher_suite_names.cc don't work. What should I enter to remove RC4 as a cipher for SSL/TLS? I'm working with some different versions of GNU/Linux and sometimes also with Windows. So it would be nice if the command-line argument would work under all OSes. I used the following command: chrome --cipher-suite-blacklist=TLS_RSA_WITH_RC4_128_MD5 --ssl-version-min=tls1.1 chrome --cipher-suite-blacklist=RC4 --ssl-version-min=tls1.1 chrome --cipher-suite-blacklist=0xXYZ,0xUVW --ssl-version-min=tls1.1 # XYZ and UVW are some hexadecimal numbers

  Read the article

• Testing php mail() in localhost problem

  - by Samir Ghobril

  Hey guys, recently I just installed msmtp in linux and I even send a mail from the terminal and it worked: echo -e "Subject: Test Mail\r\n\r\nThis is a test mail" |msmtp --debug --from=default -t [email protected] But in php, after editing the php.ini file to have this: sendmail_path = '/usr/bin/msmtp -t' and using this piece of code: <?php if ( mail ( '[email protected]', 'Test mail from localhost', 'Working Fine.' ) ){ echo 'Mail sent'; } else{ echo 'Error. Please check error log.'; } ?> I get the Mail sent message but don't receive a message in my inbox. Not even in the spam folder. Anything wrong I'm doing? msmtp configuration file: defaults tls on tls_starttls on tls_trust_file /etc/ssl/certs/ca-certificates.crt account default host smtp.gmail.com port 587 auth on user [email protected] password password from [email protected] logfile /var/log/msmtp.log

  Read the article

• kernel openvpn segfault

  - by Rex

  e.. I have some trouble about OPENVPN these days.. At first,I find that the OPENVPN is always down. Then I try to restart it.But after a short while,It's down again. Then I check /var/log/messages and find something below openvpn[4338]: xxx.xxx.xxx.xxx:48484 Re-using SSL/TLS context openvpn[4338]: xxx.xxx.xxx.xxx:48484 LZO compression initialized openvpn[4338]: xxx.xxx.xxx.xxx:48484 [abc.abc_] Peer Connection Initiated with xxx.xxx.xxx.xxx:48484 kernel: openvpn[4338]: segfault at 0000000000000018 rip 00002b75ca30ca2e rsp 00007fff153806a0 error 4 Obviously,OPENVPN is Down. So,I just want to know what's wrong here..... P.s. The username should be abc.abc.But it shows that is abc.abc_ Is there something wrong? CentOS 5.4 x64 Linux 2.6.18-238.9.1.el5 My English is very pool... :( Thanks~

  Read the article

• Setting up dovecot on OpenBSD

  - by Jonas Byström

  I'm a *nix n00b that just installed dovecot (the selection with no ldap, mysql or pgsql) on OpenBSD 4.0 and I want to set it up for imap use, but I'm having a hard time finding documentation that I can understand. It currently running on port 143 (checked with telnet) but from there I need to do the following: I need some accounts, the once already on the system are fine if I can get those running (seemed to be some dovecot option somehow?), or just adding a few manually is ok too. Was there some setting for this in the default /etc/dovecot.conf? passdb bsdauth {} is uncommented by default... I need to create imap folders, or subfolders. How can I do that? Hopefully not, but anything else I need to do? I want to run without certification validation and no SSL/TLS, would this work by default (client-side settings)?

  Read the article

• Cannot Enter Repro Admin Web Interface at Port 5080

  - by aqua

  I have followed the instructions on this website www.rtcquickstart.org to set up my firewall, DNS settings, TLS, and have installed the TURN server and repro proxy as instructed, and have restarted repro. However, I am not able to access the web interface of repro on port 5080, either at localhost:5080 / 127.0.0.1:5080 or at the server's IP address: IPADDRESS:5080 (I have set the server's IP for binding in repro.config). I get the browser error message: 'Unable to connect to server' whenever trying to connect to the web interface via port 5080. I initially had Apache2 installed, which loaded pages correctly at port 80 / address root, and when checked it 'listened' at port 5080 after it was configured in /etc/apache2/ports.conf, however the repro web interface still did not work at port 5080. I have tried uninstalling Apache2 in case that was conflicting with repro's web server, but the problem persists, and testing port 5080 now shows that nothing is 'listening' on port 5080. I have tried reinstalling / purging repro but it has not helped. My router is correctly set to allow all ports; port 5080 is open and forwarding correctly. I can connect to the internet and ping all websites through the server and everything else is working correctly. I would be gateful if anyone could offer advice on how to solve this problem.

  Read the article

• PHP does not allow https connections

  - by FunkyChicken

  Hey guys im running PHP 5.4.0 and I cannot cURL nor files_get_content() https connections. Using curl in a PHP script shows: [root@ns1]# /opt/php/bin/php -q test.php * About to connect() to www.google.com port 443 * Trying 74.125.225.210... * connected * Connected to www.google.com (74.125.225.210) port 443 * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none Segmentation fault Using file_get_contents() shows: Warning: file_get_contents(): Unable to find the wrapper "https" - did you forget to enable it when you configured PHP? in /test.php OpenSSL and OpenSSL-devel are installed, and PHP is also configured with cURL support for SSL connections. See: http://i.imgur.com/ExAIf.png Any idea what might be going wrong? Further info: CentOS 5.8(64) with Nginx 1.2.4

  Read the article

• Tomcat "connection interrupted" with ssl

  - by Mike Thomsen

  I can access Tomcat on port 8080, but not on 8443. When I try o get there, this is the error I get in Firefox: The connection was interrupted The connection to the.fqdn.com:8443 was interrupted while the page was loading. This is my connector: <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="want" sslProtocol="TLS" keystoreFile="C:\temp\keystore.jks" keystorePass="changeit"/> I have the CA key in the jre's cacerts file. The server cert was generated using EJBCA and should be signed properly. Any suggestions on what is going on?

  Read the article

• OpenVPN Configuration - Windows 7 client & debian server

  - by Guillaume

  I recently formatted my Windows 7 computer and lost my client's config files for OpenVPN. I recovered the certificates and default config that were left on the server but I haven't managed to make the whole thing work again. I assume the server's config and routing table are OK because it was working before (although quite some time ago). Would any of you experts be able to help? server.conf # Serveur TCP/666 mode server proto udp port 666 dev tun # Cles et certificats ca ca.crt cert server.crt key server.key dh dh1024.pem tls-auth ta.key 0 cipher AES-256-CBC # Reseau server 10.8.0.0 255.255.255.0 #push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" push "redirect-gateway def1" keepalive 10 120 # Securite user nobody group nogroup chroot /etc/openvpn/jail persist-key persist-tun comp-lzo # Log verb 3 mute 20 status openvpn-status.log log-append /var/log/openvpn.log client.conf # Client client dev tun proto udp remote *my server's ip address*:666 cipher AES-256-CBC # Cles ca ca.crt cert client1.crt key client1.key tls-auth ta.key 1 # Securite nobind persist-key persist-tun comp-lzo verb 3 Routing table on debian server when OpenVPN server is running: Destination Gateway Genmask Indic Metric Ref Use Iface 10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0 my server's ip * 255.255.255.0 U 0 0 0 eth0 default 72815.trg.dedic 0.0.0.0 UG 0 0 0 eth0 Routing table on Windows 7 client (OpenVPN not working) =========================================================================== Interface List 19...00 f0 8a 1b 6e 5c ......TAP-Win32 Adapter V9 12...90 2e 34 33 84 7b ......Atheros AR8151 PCI-E Gigabit Ethernet Controller ( NDIS 6.20) 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.11 276 192.168.1.11 255.255.255.255 On-link 192.168.1.11 276 192.168.1.255 255.255.255.255 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.11 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.11 276 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: [...] =========================================================================== Persistent Routes: None And when the link is established between my client and the server: The server's routing table stays the same. The client's becomes: =========================================================================== Interface List 19...00 f0 8a 1b 6e 5c ......TAP-Win32 Adapter V9 12...90 2e 34 33 84 7b ......Atheros AR8151 PCI-E Gigabit Ethernet Controller ( NDIS 6.20) 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 20 0.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 30 10.8.0.4 255.255.255.252 On-link 10.8.0.6 286 10.8.0.6 255.255.255.255 On-link 10.8.0.6 286 10.8.0.7 255.255.255.255 On-link 10.8.0.6 286 my server's ip 255.255.255.255 192.168.1.1 192.168.1.11 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 128.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 192.168.1.0 255.255.255.0 On-link 192.168.1.11 276 192.168.1.11 255.255.255.255 On-link 192.168.1.11 276 192.168.1.255 255.255.255.255 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 10.8.0.6 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.11 276 255.255.255.255 255.255.255.255 On-link 10.8.0.6 286 =========================================================================== Persistent Routes: None What's working: Server and client do connect to each other, SSL certificates are OK. The client gets an IP (10.8.0.6) from the server OpenVPN client is started as an administrator. But: I cannot ping the other one on either side. 'Gateway' value is empty on client's side (in the adapter's "status" window). Client has got no internet access when the link is up. Ideal configuration: I only want the client to be able to use the server's Internet access and access its resources (MySQL server in particular). I do not need or want the server to access the client's local network. The client needs to be able to access it's local network, although all Internet traffic should be redirected to the VPN link. I spent a considerable amount of time on this but it's still not working, any help would be much appreciated. Thanks :)

  Read the article

• Feeding the kernels entropy source from other machines and/or increasing its maximum size

  - by David Spillett

  We have has a little trouble with a small box that acts as a VPN end-point and mail relay for our network, caused by the available entropy for /dev/random being too low (which causes TLS connection attempts by exim to fail). The machine doesn't do anything else, so the normal feed into the entropy pool (interrupt timings from things like disk access) is not enough. As a quick hack I've set a looping script that reads from /dev/hda at a couple of Mbyte/sec which keeps it topped up. Other than buying a hardware RNG, is there a clean way of piping data for entry from elsewhere, such as a copy of the data our file server uses for its entropy source? I've spotted several tips for using rng-tools to feed it from /dev/urandom on the same machine but that "feels dirty". Also, is it possible to increase the maximum pool size? It currently seems to max out at 3585.

  Read the article

• Why does m4 error "linux-gnu.m4 - No such file or directory" appear the first time after updating sendmail.mc?

  - by Mike B

  SendMail 8.14.x | CentOS 5.x I've noticed that if I manually update /etc/mail/sendmail.mc (for example, enable TLS support), and then bounce sendmail, I get the following error: Shutting down sm-client: [ OK ] Shutting down sendmail: [ OK ] Starting sendmail: sendmail.mc:18: m4: cannot open `/usr/share/sendmail-cf/ostype/linux-gnu.mf': No such file or directory [ OK ] Starting sm-client: [ OK ] This only happens one time after I update a sendmail.mc file. If I bounce sendmail again (without making any other change), I don't see the error any more. Any idea why this happens? It doesn't cause any errors - I'm just curious.

  Read the article

• Minimize VirtualBox Hard Drive disk

  - by Aviv

  I have Ubuntu Server 10.04 TLS installed on a Virtual Machine in a VirtualBox. The size of the Hard Drive is dynamic growing hard drive and the maximum is 32GB. At the beginning i had 4GB on the Hard Drive and the size of the .vdi was 4GB. Lately the size of data on the disk is 15GB but the size of the .vdi is almost 32GB. Why is that? How can i pack / optimize / defrag the HD so it will be the same size of the data on the disk? Thanks.

  Read the article

• Which linux x86 hardware keystore?

  - by byeo

  I'm terminating SSL/TLS in my DMZ and I have to assume that machine will be hacked. At which point my certificates are compromised. Previously I've used nCipher hardware keystore/accelerator to solve this issue. These cards won't reveal the private key even to root. The card performs the encryption and decryption onboard and is hardened against physical attack. The only way to get at the keys is by attaching a smart card reader to the card itself. I'm having trouble finding information about something to recreate this approach. Is this the domain of specialist switches and firewalls these days? This old page references some of the old hardware: http://www.kegel.com/ssl/hw.html#cards

  Read the article

• Simple local smtp server - minimal setup ubuntu

  - by malatio

  What is the absolute, bare minimum, no-hassle, hopefully idiot-proof way of setting up a local smtp server? If you're going to say postfix, what are these alledgedly bare minimum, idiot proof steps to setting it up? I'm sort of amazed at how difficult it seems to find this anywhere. I need: a locally hosted smtp server that sends mail to the internet. no tls or saslauth or whatever. only allows mail to come from localhost. no relays. It seems like there should be some software package somewhere where you install, set up an account and then you have a local smtp server. I'm not a sysadmin. People say postfix is dead simple but maybe I'm doing it wrong, all the setup docs I see are quite complicated, I actually don't have a spare hour to spend debugging a mailserver. I just want to send mail to the internet. Is it really that hard?

  Read the article

• How secure is using "Normal password" for SMTP with connection type = STARTTLS?

  - by harshath.jr

  I'm using an email client for the first time - for the most part I've always used gmail via the web interface. Now I'm setting up thunderbird to connect to an email server of my own (on my own server, own domain name, etc). The server machine (and the email server on it) was preconfigured for me. Now i figured out away by which I'm able to send and receive email, but I noticed that in the outgoing and incoming servers section, the connection type was STARTTLS (and not SSL/TLS), and the Authentication Type was "Normal Password". Does this mean that the password will be sent across in plain text? I'm very paranoid about security - its the only way that it works for me. Can someone please post links that explain how SMTP (my outbound server) and IMAP (my inbound server) servers work, and what connection type means what? Thanks! PS: If this question does not belong here, please redirect me.

  Read the article

• Should `keepalive_timeout` be removed from Nginx config?

  - by Bryson

  Which is the better configuration/optimization: to explicitly limit the keepalive_timeout or to allow Nginx to kill keepalive connections on its own? I have seen two conflicting recommendations regarding the keepalive_timeout directive for Nginx. They are as follows: # How long to allow each connection to stay idle; longer values are better # for each individual client, particularly for SSL, but means that worker # connections are tied up longer. (Default: 65) keepalive_timeout 20; and # You should remove keepalive_timeout from your formula. # Nginx closes keepalive connections when the # worker_connections limit is reached. The Nginx documentation for keepalive_timeout makes no mention of the automatic killing, and I have only seen this recommendation once, but it intrigues me. This server serves exclusively TLS-secured connections, and all non-encrypted connections are immediately rerouted to the https:// version of the same URL.

  Read the article

• Remote Desktop Encryption

  - by Kumar

  My client is RDP 6.1 (On Windows XP SP3) and Server is Windows Server 2003. I have installed an SSL certificate on server for RDP. In the RDP settings (General tab), the Encryption method is set to SSL/TLS 1.0 and Encryption level is set to "Client Compatible". I have following questions In this case is it guaranteed that all communication is encrypted even when I remote login to the server? I mean pwd is encrypted Does RDP always use some kind of encryption even if there is no SSL certificate installed on the server? In this case I do not see security lock in the connection bar. When I set encryption level to "High" then I see security lock. I do believe that communication is both cases will be encrypted. Is it true? Please reply to my questions Thanks in advance Kumar

  Read the article

• Grails SSL TOMCAT

  - by user974459

  I'm implementing grails with SSL and deployed to tomcat 7.0. I have used spring security plugin for SSL. In tomcat, I added <Connector port="80" protocol="HTTP/1.1" connectionTimeout="200000000" redirectPort="443" /> <Connector port="8443" protocol="HTTP/1.1" connectionTimeout="200000000" redirectPort="443" /> <Connector port="443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="${user.home}/.keystore" keystorePass="123456" clientAuth="false" sslProtocol="TLS"/> if I type https://localhost is ok. But my app doesn't work.

  Read the article

• Activating ssl on tomcat

  - by toom

  I want to encrypt the http traffic on a tomcat instance via ssl. Therefore I followed the most simplistic approach described on various webpages. But anyway it simply does not work. Here is what I did: "keytool -genkey -alias tomcat -keyalg RSA" and I enterd "changeit" as the password (since this is the defaut chosen by tomcat) Altering $CATALINA_HOME/conf/servers.xml by uncommenting the following line Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"/ Restarting tomcat Entering https://localhost:8443 does not work. However, I can still access the page via normal http like http://localhost:8080 The logfile does not contain any suspicious information. What is going wrong here?

  Read the article

< Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >