Search Results

Search found 890 results on 36 pages for 'openssl'.

Page 19/36 | < Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26  | Next Page >

  • SSL certificate for Oracle Application Server 11g

    - by Easter Sunshine
    I was asked to get an SSL certificate for an "Oracle Application Server 11g" which has a soon-to-expire certificate. Brushing aside the fact that 10g seems to be the newest version, I got a certificate from InCommon, as I usually do without problem (except this is the first time I supplied Oracle Application Server 11g as the software type on the CSR form). On the email containing links to download the certificate, it mentioned: Certificate Details: SSL Type : InCommon SSL Server : OTHER I forwarded the email over to the person responsible for installing it and got a reply that the server type must be Oracle Application Server for the certificate to work (the CN is the same as before). They were unable to install this certificate (no details provided to me) and mentioned they had this issue previously with Thawte when they didn't supply Oracle Application Server as the server type. I don't see any significant difference between the currently installed certificate (working) and the new one I just got signed by InCommon (not working). $ openssl x509 -in sso-current.cer -text shows, with irrelevant information ommitted. Data: Version: 3 (0x2) Signature Algorithm: sha1WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/[email protected] Validity Not Before: Oct 1 00:00:00 2009 GMT Not After : Nov 28 23:59:59 2012 GMT Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 CRL Distribution Points: Full Name: URI:http://crl.thawte.com/ThawteServerPremiumCA.crl X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Authority Information Access: OCSP - URI:http://ocsp.thawte.com Signature Algorithm: sha1WithRSAEncryption and $ openssl x509 -in sso-new.cer -text shows Data: Version: 3 (0x2) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=Internet2, OU=InCommon, CN=InCommon Server CA Validity Not Before: Nov 8 00:00:00 2012 GMT Not After : Nov 8 23:59:59 2014 GMT Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: keyid:48:4F:5A:FA:2F:4A:9A:5E:E0:50:F3:6B:7B:55:A5:DE:F5:BE:34:5D X509v3 Subject Key Identifier: 18:8D:F6:F5:87:4D:C4:08:7B:2B:3F:02:A1:C7:AC:6D:A7:90:93:02 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.5923.1.4.3.1.1 CPS: https://www.incommon.org/cert/repository/cps_ssl.pdf X509v3 CRL Distribution Points: Full Name: URI:http://crl.incommon.org/InCommonServerCA.crl Authority Information Access: CA Issuers - URI:http://cert.incommon.org/InCommonServerCA.crt OCSP - URI:http://ocsp.incommon.org Nothing jumps out at me as the reason one would not work so I don't have a specific request for the signer for what to do differently when re-signing.

    Read the article

  • Tortoise won't display Status Icons

    - by dean20007
    I updated my Tortoise SVN client today to TortoiseSVN 1.6.8, Build 19260 - 32 Bit , 2010/04/16 20:20:11 Subversion 1.6.11, apr 1.3.8 apr-utils 1.3.9 neon 0.29.3 OpenSSL 0.9.8k 25 Mar 2009 zlib 1.2.3 However, I now don't see any Status icons for any folders/files. The client still works as expected but it is a bit frustrating to not see a visual status. Has anyone else had this issue?

    Read the article

  • DNS Name lookup (was SSH) Not Working After Snow Leopard Upgrade

    - by petercardona
    I think this started with the Snow Leopard update. Cleaned out the .ssh directory, still having the issue. ~: uname -a Darwin california-example-com.local 10.0.0 Darwin Kernel Version 10.0.0: Fri Jul 31 22:47:34 PDT 2009; root:xnu-1456.1.25~1/RELEASE_I386 i386 ~: ssh -V OpenSSH_5.2p1, OpenSSL 0.9.8k 25 Mar 2009 ~: ls -l ~/.ssh ~: nslookup nevada Server: 10.94.62.3 Address: 10.94.62.3#53 Name: nevada.example.com Address: 10.94.62.3 ~: ssh nevada ssh: Could not resolve hostname nevada: nodename nor servname provided, or not known

    Read the article

  • Scientific Linux - mysql and apache fail to start on reboot

    - by Derek Deed
    Both mysqld and httpd fail to restart following a reboot of the server, although chkconfig --list shows both daemons set to on for run levels 2,3,4 & 5 All control is being exectuted via Webmin Reboot server – MySQl and Apache not running MySQL Database Server MySQL version 5.1.69 MySQL is not running on your system - database list could not be retrieved. ________________________________________ Click this button to start the MySQL database server on your system with the command /etc/rc.d/init.d/mysqld start. This Webmin module cannot administer the database until it is started. Apache Webserver Apache version 2.2.15 Start Apache Search Docs.. Global configuration Existing virtual hosts Create virtual host Select all. | Invert selection. Default Server Defines the default settings for all other virtual servers, and processes any unhandled requests. Address Any Port Any Server Name Automatic Document Root /var/www/drupal Virtual Server Processes all requests on port 443 not handled by other virtual servers. Address Any Port 443 Server Name Automatic Document Root /var/www/drupal Select all. | Invert selection. chkconfig --list mysqld mysqld 0:off 1:off 2:on 3:on 4:on 5:on 6:off chkconfig --list httpd httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off Manually Restart Apache chkconfig --list httpd httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off Manually Restart MySQL chkconfig --list mysqld mysqld 0:off 1:off 2:on 3:on 4:on 5:on 6:off Everything now running okay; but no difference in the chkconfig outputs above. I tried: chkconfig --levels 235 httpd on /etc/init.d/httpd start and the same for mysqld but no change in operation. Log files show that the shutdown has been completed successfully; but there is no indication of the service restarting until it is executed manually: 131112 13:59:15 InnoDB: Starting shutdown... 131112 13:59:16 InnoDB: Shutdown completed; log sequence number 0 881747021 131112 13:59:16 [Note] /usr/libexec/mysqld: Shutdown complete 131112 13:59:16 mysqld_safe mysqld from pid file /var/run/mysqld/mysqld.pid ended 131112 14:09:52 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql 131112 14:09:52 InnoDB: Initializing buffer pool, size = 8.0M 131112 14:09:52 InnoDB: Completed initialization of buffer pool And the Apache logs: [Tue Nov 12 13:59:13 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Tue Nov 12 13:59:13 2013] [notice] Digest: generating secret for digest authentication ... [Tue Nov 12 13:59:13 2013] [notice] Digest: done [Tue Nov 12 13:59:14 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations [Tue Nov 12 13:59:14 2013] [notice] caught SIGTERM, shutting down [Tue Nov 12 14:27:13 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Tue Nov 12 14:27:13 2013] [notice] Digest: generating secret for digest authentication ... [Tue Nov 12 14:27:13 2013] [notice] Digest: done [Tue Nov 12 14:27:13 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations Is anyone able to shed any light on this problem?

    Read the article

  • Intermittent 400 bad request header field is missing ':' with Apache and SSL

    - by David Tinker
    Apache is returning rare intermittent 400 "bad request header field is missing ':' olhuaqv3o1t29flvr0 (random string)" errors. This seems to be related to https access and happens from Firefox, IE, Chrome etc. I am using a certificate from rapidssl. Apache/2.2.14 (Ubuntu) DAV/2 SVN/1.6.6 mod_jk/1.2.28 PHP/5.3.2-1ubuntu4.5 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k Anyone know how to fix this?

    Read the article

  • JavaScript-based applications and text browsers

    - by Vi
    How to use complex AJAX applications with a lot of menus and with X.509 authentications in non-GUI mode with simple browsers? For example, I can login to Webmoney from console using links/lynx/link2 (but not w3m), entering captcha (using aaxine) and do operations there, but can't login not using X.509 certificate (even if I try to separate SSL part using "socat tcp-l:... openssl:...:443,cert=extracted_from_firefox.pem") Is there some program that behaves like fully-fledged browser (build DOM/execute JS/Support all features except of actually displaying things), but without GUI and dependencies on GUI libraries?

    Read the article

  • how do i install intermediate certificate

    - by getmizanur
    I have installed private key (pem encoded) and public key certificate (pem encoded) on amazon load balancer however when i check the ssl with site test tool (http://www.networking4all.com/en/support/tools/site+check/), i get the following error Error while checking the SSL Certificate!! Unable to get the local issuer of the certificate. The issuer of a locally looked up certificate could not be found. Normally this indicates that not all intermediate certificates are installed on the server. i converted crt file to pem using these command from this tutorial openssl x509 -in input.crt -out input.der -outform DER openssl x509 -in input.der -inform DER -out output.pem -outform PEM during setting up of amazon load balancer only option i left out was certificate chain (pem encoded) however this was optional. could this be cause of my issue? and if so i how do i create certificate chain? for the last question i have tried googling however i'm getting more confused than before. please help many thanks in advance. UPDATE @all thanks for the helpful advice. if you make request to verisign they will give you a certificate chain however this chain includes public crt, intermediate crt and root crt. make sure to remove the public crt from your certificate chain (which is the top most certificate) before adding it to your certification chain box of your amazon load balancer. if you are making https request from an android app then above instruction may not work for older android os such as 2.1 and 2.2. to make it work on older android os [https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657&actp=LIST&viewlocale=en_US]. on this link click on "retail ssl" tab and then click on "secure site" "CA Bundle for Apache Server". copy and past these intermediate certs into certificate chain box. just incase if you have not found it here is the direct link [https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR1409] if you are using geo trust certificates then solution is much the same for android devices however you need to copy and past their intermediate certs for android. PS: sorry for the long urls however "new users can only post a maximum of two hyperlinks"

    Read the article

  • DNS Name lookup (was SSH) Not Working After Snow Leopard Upgrade

    - by Peter Cardona
    I think this started with the Snow Leopard update. Cleaned out the .ssh directory, still having the issue. ~: uname -a Darwin california-example-com.local 10.0.0 Darwin Kernel Version 10.0.0: Fri Jul 31 22:47:34 PDT 2009; root:xnu-1456.1.25~1/RELEASE_I386 i386 ~: ssh -V OpenSSH_5.2p1, OpenSSL 0.9.8k 25 Mar 2009 ~: ls -l ~/.ssh ~: nslookup nevada Server: 10.94.62.3 Address: 10.94.62.3#53 Name: nevada.example.com Address: 10.94.62.3 ~: ssh nevada ssh: Could not resolve hostname nevada: nodename nor servname provided, or not known

    Read the article

  • Connection closed by remote host followed by Connection refused

    - by Khosrow
    All of a sudden my ssh connection to server has been damaged. Here is what's happened: $ ssh -vvv -p <PORT> -l <USER> <HOST> OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /home/khosrow/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to <HOST> [<IP>] port <PORT>. debug1: Connection established. debug1: identity file /home/khosrow/.ssh/identity type -1 debug1: identity file /home/khosrow/.ssh/id_rsa type -1 debug1: identity file /home/khosrow/.ssh/id_dsa type -1 ssh_exchange_identification: Connection closed by remote host I've recently updated the box with yum update and sshd got updated as well. I honestly don't know if this caused any damages or not. But it's prompted that /etc/ssh/sshd_config was stored as /etc/ssh/sshd_config.rpmnew which was quite normal. I've seen similar posts while googling, but almost all of them suggests that I should check /etc/hosts.allow and /etc/hosts.deny, which in my case, I can't. I can not connect to the box to see what's going on there. I rebooted the box, through web interface of server provider, and it even got worse. I'm now getting this: $ ssh -vvv -p <PORT> -l <USER> <HOST> OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /home/khosrow/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to <HOST> [<IP>] <PORT>. debug1: connect to address <IP> port <PORT>: Connection refused ssh: connect to host <HOST> port <PORT>: Connection refused with both <CUSTOM_PORT> and default 22 ports. I would really appreciate if anyone could help me on this.

    Read the article

  • Ubuntu + SSL ports + AVAST

    - by jurajvt
    I have an interesting problem with communication via standard SSL ports. Fresh installed Ubuntu 14.04 server + Postfix + Dovecot, SASL authentication provided by Dovecot, self-signed certificate generated trough the Dovecot script mkcert.sh. Redirected ports on ZyWALL USG 200. I can send and receive e-mails from outside with standard ports 25 and 110, but not over 587. I am connecting to my server from machine with Windows 8.1 + VMWare Player + Ubuntu 14.04 Desktop + ssh. On Windows host I have installed Avast! antivirus. When I am trying to telnet from virtual machine to server over 587, it refused connection. But when I turn on Avast! it let me in to message Connected to... Same with nmap. When Avast! is turned on it is show me all SSL ports. When I turned it off, only standard ports appeared. OpenSSL shows me CONNECTED(00000003). But outside virtual machine directly in Windows 8.1 using nmap with zenmap there are not opened SSL ports in both Avast! states. From other external linux machines are problems with touching SSL ports same - refused. I have turned on submission in master.cf and 587 port is correctly listening on 0.0.0.0 in process master.pid which belongs to Postfix. I can telnet, or nmap over port 587 to my domain directly from server. Other ports like 995, 993 are OK on localhost, too. It is true, that I can't send emails via 587 anyway (Avast! turned on/off), but I can see ports opened. It is possible, that I have simply bad certificate and Avast! has right one, so with turned it on I can see opened ports? EDIT: To be more clear, I can't see or using port 587 everywhere from outside (tried Thunderbird, telnet, openssl, nmap, putty, swaks; both from Linux or Windows machines) and that is my problem. It was only by chance that I saw opened ports when Avast! is turned on.

    Read the article

  • Getting an error when using 'make' command (installing aircrack-ng on Ubuntu 12.04)

    - by Mohd Arafat Hossain
    I followed instructions from here http://securit.se/en/2012/03/kompilera-reaver-ubuntu-12-04/. I edited the 'common.mak' file successfully and when I type in make I get this error mohd-arafat-hossain@TUD:~/aircrack-ng-1.1$ make make -C src all make[1]: Entering directory `/home/mohd-arafat-hossain/aircrack-ng-1.1/src' make -C osdep make[2]: Entering directory `/home/mohd-arafat-hossain/aircrack-ng-1.1/src/osdep' Building for Linux make[3]: Entering directory `/home/mohd-arafat-hossain/aircrack-ng-1.1/src/osdep' make[3]: `.os.Linux' is up to date. make[3]: Leaving directory `/home/mohd-arafat-hossain/aircrack-ng-1.1/src/osdep' make[2]: Leaving directory `/home/mohd-arafat-hossain/aircrack-ng-1.1/src/osdep' gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=0 -Iinclude -c -o aircrack-ng.o aircrack-ng.c In file included from aircrack-ng.c:65:0: crypto.h:12:26: fatal error: openssl/hmac.h: No such file or directory compilation terminated. make[1]: *** [aircrack-ng.o] Error 1 make[1]: Leaving directory `/home/mohd-arafat-hossain/aircrack-ng-1.1/src' make: *** [all] Error 2 What am I supposed to do now?

    Read the article

  • Why isn't SSL/TLS built into modern Operating Systems?

    - by Channel72
    A lot of the basic network protocols that make up the infrastructure of the Internet are built in to most major Operating Systems. Things like TCP, UDP, and DNS are all built into Linux, UNIX and Windows, and are made available to the programmer through low-level system APIs. But when it comes to SSL or TLS, one has to turn to a third-party library such as OpenSSL or Mozilla NSS. SSL is a relatively old protocol, and it's basically an industry standard as ubiquitous as TCP/IP, so why isn't it built into most Operating Systems?

    Read the article

  • Getting fingerprint from Apache certificate (combined with key)

    - by Alois Mahdal
    I have just created a certificate for my Apache SSL host using: make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/ssl/private/myhost.crt Now that is the correct way to get the fingerprint out of it? (So I can keep it in other place for visual comparison---in case I need to connect and really don't trust the network?) openssl sha1 /etc/ssl/private/myhost.crt returns different SHA1 than Opera tells me about the cert. Is this because it's combined with the key? (...or am I spoofed already? :-)).

    Read the article

  • Why do some opensouce libraries lack comments?

    - by entropy
    I don't know if this happens to most Opensource libraries, but many of I know and use (for example OpenSSL, Webkit, ...) they all lack comments, or contain very few comments. Not to mention their very few documents, it is hard to read their source code. We can hardly understand what a member variable means, or what this function does. This seems to be against coding standard practice Why is that? How can people collaborate to these opensource with very few comments?

    Read the article

  • Benchmarks Using Oracle Solaris 11

    - by Brian
    The following is a list of links to recent benchmarks which used Oracle Solaris 11. Oracle TimesTen In-Memory Database Performance on SPARC T4-2 World Record Performance on PeopleSoft Enterprise Financials Benchmark on SPARC T4-2 SPARC T4 Servers Running Oracle Solaris 11 and Oracle RAC Deliver World Record on PeopleSoft HRMS 9.1 SPEC CPU2006 Results on Oracle's Sun x86 Servers SPARC T4-4 Beats 8-CPU IBM POWER7 on TPC-H @3000GB Benchmark SPARC T4-2 Delivers World Record SPECjvm2008 Result with Oracle Solaris 11 SPARC T4-2 Server Beats Intel (Westmere AES-NI) on ZFS Encryption Tests SPARC T4 Processor Beats Intel (Westmere AES-NI) on AES Encryption Tests SPARC T4 Processor Outperforms IBM POWER7 and Intel (Westmere AES-NI) on OpenSSL AES Encryption Test SPARC T4-1 Server Outperforms Intel (Westmere AES-NI) on IPsec Encryption Tests SPARC T4-2 Server Beats Intel (Westmere AES-NI) on SSL Network Tests SPARC T4-2 Server Beats Intel (Westmere AES-NI) on Oracle Database Tablespace Encryption Queries

    Read the article

  • 302 Redirect Issue for Joomla 2.5.7 version site

    - by DDD
    For my site i am using Joomla 2.5.7 version and FB comments tools for the articles in the site. i am getting the 302 redirect problem for the FB comments for the Articles to which i post. I have checked the url's here http://www.webconfs.com/http-header-check.php and got the following result with 302 redirect. for http://www.fijoo.com HTTP/1.1 302 Moved Temporarily = Date = Wed, 21 Nov 2012 09:46:39 GMT Server = Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.6 Perl/v5.10.1 X-Powered-By = PHP/5.3.16 Set-Cookie = =en-GB; expires=Wed, 21-Nov-2012 10:46:40 GMT LOCATION = / Content-Length = 0 Connection = close Content-Type = text/html How to overcome this anyone please help.

    Read the article

  • Disable automatic starting of sshd?

    - by b.long
    Simple question here; what's the correct way to stop the sshd service from starting when the OS boots ? I'm not sure if this answer is correct, so I'm hoping some guru(s) can help me out! What I'd like is a configuration that (after boot) allows me to start the service using sudo service ssh start when necessary. Version info: me@home:~$ ssh -V OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012 me@home:~$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 12.04.1 LTS Release: 12.04 Codename: precise

    Read the article

  • Async ignored on AJAX requests on Nginx server

    - by eComEvo
    Despite sending an async request to the server over AJAX, the server will not respond until the previous unrelated request has finished. The following code is only broken in this way on Nginx, but runs perfectly on Apache. This call will start a background process and it waits for it to complete so it can display the final result. $.ajax({ type: 'GET', async: true, url: $(this).data('route'), data: $('input[name=data]').val(), dataType: 'json', success: function (data) { /* do stuff */} error: function (data) { /* handle errors */} }); The below is called after the above, which on Apache requires 100ms to execute and repeats itself, showing progress for data being written in the background: checkStatusInterval = setInterval(function () { $.ajax({ type: 'GET', async: false, cache: false, url: '/process-status?process=' + currentElement.attr('id'), dataType: 'json', success: function (data) { /* update progress bar and status message */ } }); }, 1000); Unfortunately, when this script is run from nginx, the above progress request never even finishes a single request until the first AJAX request that sent the data is done. If I change the async to TRUE in the above, it executes one every interval, but none of them complete until that very first AJAX request finishes. Here is the main nginx conf file: #user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 64; # configure temporary paths # nginx is started with param -p, setting nginx path to serverpack installdir fastcgi_temp_path temp/fastcgi; uwsgi_temp_path temp/uwsgi; scgi_temp_path temp/scgi; client_body_temp_path temp/client-body 1 2; proxy_temp_path temp/proxy; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; # Sendfile copies data between one FD and other from within the kernel. # More efficient than read() + write(), since the requires transferring data to and from the user space. sendfile on; # Tcp_nopush causes nginx to attempt to send its HTTP response head in one packet, # instead of using partial frames. This is useful for prepending headers before calling sendfile, # or for throughput optimization. tcp_nopush on; # don't buffer data-sends (disable Nagle algorithm). Good for sending frequent small bursts of data in real time. tcp_nodelay on; types_hash_max_size 2048; # Timeout for keep-alive connections. Server will close connections after this time. keepalive_timeout 90; # Number of requests a client can make over the keep-alive connection. This is set high for testing. keepalive_requests 100000; # allow the server to close the connection after a client stops responding. Frees up socket-associated memory. reset_timedout_connection on; # send the client a "request timed out" if the body is not loaded by this time. Default 60. client_header_timeout 20; client_body_timeout 60; # If the client stops reading data, free up the stale client connection after this much time. Default 60. send_timeout 60; # Size Limits client_body_buffer_size 64k; client_header_buffer_size 4k; client_max_body_size 8M; # FastCGI fastcgi_connect_timeout 60; fastcgi_send_timeout 120; fastcgi_read_timeout 300; # default: 60 secs; when step debugging with XDEBUG, you need to increase this value fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 128k; # Caches information about open FDs, freqently accessed files. open_file_cache max=200000 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 2; open_file_cache_errors on; # Turn on gzip output compression to save bandwidth. # http://wiki.nginx.org/HttpGzipModule gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_http_version 1.1; gzip_vary on; gzip_proxied any; #gzip_proxied expired no-cache no-store private auth; gzip_comp_level 6; gzip_buffers 16 8k; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript; # show all files and folders autoindex on; server { # access from localhost only listen 127.0.0.1:80; server_name localhost; root www; # the following default "catch-all" configuration, allows access to the server from outside. # please ensure your firewall allows access to tcp/port 80. check your "skype" config. # listen 80; # server_name _; log_not_found off; charset utf-8; access_log logs/access.log main; # handle files in the root path /www location / { index index.php index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root www; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9100 # location ~ \.php$ { try_files $uri =404; fastcgi_pass 127.0.0.1:9100; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } # add expire headers location ~* ^.+.(gif|ico|jpg|jpeg|png|flv|swf|pdf|mp3|mp4|xml|txt|js|css)$ { expires 30d; } # deny access to .htaccess files (if Apache's document root concurs with nginx's one) # deny access to git & svn repositories location ~ /(\.ht|\.git|\.svn) { deny all; } } # include config files of "enabled" domains include domains-enabled/*.conf; } Here is the enabled domain conf file: access_log off; access_log C:/server/www/test.dev/logs/access.log; error_log C:/server/www/test.dev/logs/error.log; # HTTP Server server { listen 127.0.0.1:80; server_name test.dev; root C:/server/www/test.dev/public; index index.php; rewrite_log on; default_type application/octet-stream; #include /etc/nginx/mime.types; # Include common configurations. include domains-common/location.conf; } # HTTPS server server { listen 443 ssl; server_name test.dev; root C:/server/www/test.dev/public; index index.php; rewrite_log on; default_type application/octet-stream; #include /etc/nginx/mime.types; # Include common configurations. include domains-common/location.conf; include domains-common/ssl.conf; } Contents of ssl.conf: # OpenSSL for HTTPS connections. ssl on; ssl_certificate C:/server/bin/openssl/certs/cert.pem; ssl_certificate_key C:/server/bin/openssl/certs/cert.key; ssl_session_timeout 5m; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; # Pass the PHP scripts to FastCGI server listening on 127.0.0.1:9100 location ~ \.php$ { try_files $uri =404; fastcgi_param HTTPS on; fastcgi_pass 127.0.0.1:9100; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } Contents of location.conf: # Remove trailing slash to please Laravel routing system. if (!-d $request_filename) { rewrite ^/(.+)/$ /$1 permanent; } location / { try_files $uri $uri/ /index.php?$query_string; } # We don't need .ht files with nginx. location ~ /(\.ht|\.git|\.svn) { deny all; } # Added cache headers for images. location ~* \.(png|jpg|jpeg|gif)$ { expires 30d; log_not_found off; } # Only 3 hours on CSS/JS to allow me to roll out fixes during early weeks. location ~* \.(js|css)$ { expires 3h; log_not_found off; } # Add expire headers. location ~* ^.+.(gif|ico|jpg|jpeg|png|flv|swf|pdf|mp3|mp4|xml|txt)$ { expires 30d; } # Pass the PHP scripts to FastCGI server listening on 127.0.0.1:9100 location ~ \.php$ { try_files $uri /index.php =404; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass 127.0.0.1:9100; } Any ideas where this is going wrong?

    Read the article

  • Import .pem public and private keys to JKS keystore

    - by Rolf
    Hi, I have public and private keys in separate .pem files that I would need to get into a JKS keystore somehow. Tried using the -import command in KeyTool for this, which gives an "not an X.509 certificate" error. I'm guessing the solution has to do with OpenSSL, but I'm not entirely sure what to do with it. Would really appreciate any help with this, since I'm completely clueless with everything crypto-related. Thanks in advance, --Rolf

    Read the article

  • How do I use m2crypto to validate a X509 certificate chain in a non-SSL setting

    - by Brock Pytlik
    I'm trying to figure out how to, using m2crypto, validate the chain of trust from a public key version of a X509 certificate back to one of a set of known root CA's when the chain may be arbitrarily long. The SSL.Context module looks promising except that I'm not doing this in the context of a SSL connection and I can't see how the information passed to load_verify_locations is used. Essentially, I'm looking for the interface that's equivalent to: openssl verify pub_key_x509_cert Is there something like that in m2crypto? Thanks.

    Read the article

  • How do I export a PFX Code Signing Key to SPC and PVK under Windows 7?

    - by Greg Finzer
    I have a code signing key in PFX format that I need to export into SPC and PVK files. I tried to install the OpenSSL from Shining light but the install fails under Windows 7. http://www.shininglightpro.com/products/Win32OpenSSL.html Here are the instructions I am using from Comodo as a basis: https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1089 Anyone know of an alternate way to do this?

    Read the article

  • How to use SSL Web Services in a Rails application

    - by Mathieu
    Hi, I having a hard time to consume this webservice https://www.arello.com/webservice/verify.cfc?wsdl in my rails application. I successfully generated the ruby files with the wsdl2ruby.rb but when un run the generated script I get the following error: at depth 0 - 20: unable to get local issuer certificate OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I also tried to connect via this script but same issue require 'http-access2' client = HTTPAccess2::Client.new() client.ssl_config.set_trust_ca('/arello.cert') puts client.get('https://www.arello.com/webservice/verify.cfc?wsdl').content Any ideas? Thanks

    Read the article

  • Ruby Sqlite3 connection issues.

    - by James Moore
    Hello, I am receiving the error: uninitialized constant SQLite3::Driver::Native::Driver::API within my application, however I have installed: ctionmailer-2.3.5 activerecord-jdbcsqlite3-adapter-0.9.6-java jruby-openssl-0.6 rails-2.3.5 actionpack-2.3.5 activeresource-2.3.5 mysql-2.8.1 sqlite3-ruby-1.2.5 activerecord-2.3.5 activesupport-2.3.5 pcaprub activerecord-jdbc-adapter-0.9.6-java jdbc-sqlite3-3.6.3.054 rack-1.0.1 However, it still cannot connect am I missing something? Thank you very much.

    Read the article

< Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26  | Next Page >