Search Results

Search found 5507 results on 221 pages for 'mod ssl'.

Page 21/221 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28 | Next Page >

403.4 won't redirect in IE7

- by Jeremy Morgan

I have a secured folder that requires SSL. I have set it up in IIS(6) to require SSL. We don't want the visitors to be greeted with the "must be secure connection" error, so I have modified the 403.4 error page to contain the following: function redirectToHttps() { var httpURL = window.location.hostname+window.location.pathname; var httpsURL = "https://" + httpURL ; window.location = httpsURL ; } redirectToHttps(); And this solution works great for every browser, but IE7. On any other browser, if you type in http://www.mysite.com/securedfolder it will automatically redirect you to https://www.mysite.com/securedfolder with no message or anything (the intended action). But in Internet Explorer 7 ONLY it will bring up a page that says The website declined to show this webpage Most Likely Causes: This website requires you to log in This is something we don't want of course. I have verified that javascript is enabled, and the security settings have no effect, even when I set them to the lowest level I get the same error. I'm wondering, has anyone else seen this before?

Read the article
How to change libcurl SSL backend from gnutls to openssl on Ubuntu server

- by Jayesh

I am getting gnutls specific errors in my Tornado webserver while processing Google OpenID SSL responses. One of the suggestions I got from Tornado mailing list is to try OpenSSL backend instead of gnutls. But it doesn't seem to be straightforward on Ubuntu server (11.10). On Ubuntu server, gnutls is provided by libcurl3-gnutls package and openssl curl support is provided by libcurl4-openssl-dev package. (I don't know why the later is named 4 and dev, but I couldn't find any other openssl+curl package in apt-cache search). I had libcurl3-gnutls installed by default, but not libcurl4-openssl-dev. So I installed the later and restarted Torando instances. But that didn't seem to work. I still got same gnutls errors. I found old discussions on curl mailing lists regarding the problems of supporting different SSL backends to libcurl, but didn't find exactly how is it done today. So far my guess is openssl is built into libcurl and gnutls is provided through separate package (that will explain why there is no libcurl3-openssl). But how do I make libcurl to pick up openssl backend and not gnutls? Is there some option in libcurl/pycurl API to do this? I tried uninstalling libcurl3-gnutls, but apt-get prompted that it will also remove python-pycurl along with it. So that won't do.

Read the article
InstantSSL's certificate no different than a self signed certificate under Nginx with an IP accessed address

- by Absolute0

I ordered an ssl certificate from InstantSSL and got the following pair of files: my_ip.ca-bundle, my_ip.crt I also previously generated my own key and crt files using openssl. I concatenated all the crt files: cat my_previously_generted.crt my_ip.ca_bundle my_ip.crt chained.crt And configured nginx as follows: server { ... listen 443; ssl on; ssl_certificate /home/dmsf/csr/chained.crt; ssl_certificate_key /home/dmsf/csr/csr.nopass.key; ... } I don't have a domain name as per the clients request. When I open the browser with https://my_ip chrome gives me this error: The site's security certificate is not trusted! You attempted to reach my_ip, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site.

Read the article
Is this a solution for having multiple SSL certificates on the same IP

- by Saif Bechan

I am running CentOS running on a VPS. I read some guides on having multiple SSL certificates on the same system, but I can not get the basics to work. The guide I got that makes the most sense to me is the doing the following. In CentOS I can make virtual NIC's. So I made 2 virtual NIC's to start with. 192.168.10.1, 192.168.10.2. Now I work in ISP manager Pro, so this is listening on my primary ip 1.1.1.1 For each website I have them listening on 192.168.10.1:80, 192.168.10.1:443 In the hosts file I made the following 2 entries 192.168.10.1 1st.com 192.168.10.2 2nd.com Now the strange thing is that when I browser to 1st.com I do not get the website located at 192.168.10.1, I get the website located at my prim IP 1.1.1.1 Should I do something like forwarding or routing for this setup to work? And the basic question: Will this setup even work? Are the SSL certificates based on the IP adress, or are the based on the host name, 1st.com and 2nd.com.

Read the article
SSL timeout on some sites, across all browsers, on Mac OS X Snow Leopard

- by dansays

For the past several weeks, I've been receiving "Error 7 (net::ERR_TIMED_OUT): The operation timed out" when I attempt to connect to either Twitter or Paypal via SSL. I get this specific error in Google Chrome, but the same problem occurs in both Safari and Firefox. Other sites work fine, and other computers on my network can access these two sites. I have no firewall settings that would prevent me from accessing these sites over port 443. I notice that both Twitter and Paypal both have "Verisign Class 3 Extended Validation SSL CA" certificates. It is unclear whether this is related to the problem. In an effort to troubleshoot, I attempted to open the test sites referenced on Verisign's root certificate support page, which worked fine. Just to be sure, I downloaded and installed the root package file and installed all included Verisign certificates. No joy. I feel like I've hit a dead end. Any ideas? Update the first: I also cannot connect to FedEx.com, who also has a Verisign Class 3 Extended Validation cert. Update the second: Aaaaaaand it fixed itself. I did nothing. Or, I did something that worked, but in a delayed fashion. Frustrating, but a win is a win. I'll take it.

Read the article
Local SSL connections are causing redirect loop (after Ubuntu update)

- by codeinthehole

Following a recent Ubuntu update, my local websites are no longer serving their pages over SSL. For example, my .htaccess file attempts to ensure /sign-in is always served over HTTPS: RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /sign-in RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,QSA,R=301] However when I make a request to /sign-in on the domain site2-local , I get the error "The page isn't redirecting properly" with the following in /var/log/apache2/error.log [Tue Jun 08 12:20:57 2010] [info] [client 127.0.1.1] Connection to child 0 established (server site1-local:443) [Tue Jun 08 12:20:57 2010] [info] Seeding PRNG with 656 bytes of entropy [Tue Jun 08 12:20:57 2010] [info] Initial (No.1) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.2) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.3) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.4) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.5) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.6) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.7) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.8) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.9) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:20:57 2010] [info] Subsequent (No.10) HTTPS request received for child 0 (server site2-local:443) [Tue Jun 08 12:21:12 2010] [info] [client 127.0.1.1] (70007)The timeout specified has expired: SSL input filter read failed. [Tue Jun 08 12:21:12 2010] [info] [client 127.0.1.1] Connection closed to child 0 with standard shutdown (server site2-local:443) There is a connection to site1-local (another site on my machine which shares the certificate), which I don't understand. Anyone know what is causing this issue?

Read the article
apache: can't renew ssl certificate

- by Caballero

I have Godaddy SSL certificate for one website on my dedicated server running Centos 5.3 / Apache 2.2.3. I have renewed certificate on Godaddy recently, however now it's showing as expired on my website. I've re-keyed certificate since and reuploaded domain.key, domain.crt and bundle.crt (example file names) files to the server, restarted apache, but the sertificate still shows as expired. I'm running out of clues. I've tried replacing content of .crt files with jiberish and restart apache - it's still showing that certificate is expired, even though it shouldn't be picked up at all. I eventually rebooted dedicated server, still no luck. I'm using free SSL check tool http://www.digicert.com/help/ which clearly shows all the green checks except one - certificate is expired. Has someone any idea what might be causing this? Could there be some kind of caching going on here? UPDATE: after running openssl x509 -in domain.crt -noout -enddate I'm getting this output: notAfter=Jun 2 08:16:51 2013 GMT So I asume this means I have the right certificate on the server and yet the old expired one shows on the web...

Read the article
mod-rewrite: Replacing some characters in a url

- by GeorgeCalm

Is it possible to replace some forward slashes (/) of a URL to dots (.) in a RewriteRule? It doesn't have to be done exclusively with a RewriteRule, but definitely not with a script. Example 1: INPUT: /document/my/document.html OUTPUT: /document-my.document.html Example 2: INPUT: /document/depth/of/path/can/vary.html OUTPUT: /document-depth.of.path.can.vary.html

Read the article
HTTP SSL VPN Client? (alternative to Cisco's AnyConnect VPN)

- by Ian Boyd

Is there any free HTTP SSL VPN clients around, one that can act as an alternative to Cisco's own HTTP SSL VPN client (called AnyConnect)? The Cisco AnyConnect client has acknowledged problems, with no forthcoming solutions. Which is why I'm hoping for an alternative. Note: I'm only talking about the HTTP SSL VPN Client, not the HTTP SSL VPN Server. (If it were up to me they wouldn't be using Cisco at all, but it's not up to me.) Note: OpenVPN is a client that talks to their servers once you sign up for their service. It's not a generic VPN client. Note: ShrewSoft VPN is a client that uses IPsec and pre-shared keys, and was a good replacement for Cisco's old client - but not the new AnyConnect SSL VPN client. Note: Windows 7's VPN client fails to negotiate when presented with an SSL VPN connection. Note: I am looking for Windows clients only.

Read the article
mod rewrite regex

- by bbutle01

The plan is to take domain.com/chat2/roomnumber and redirect to domain.com/chat2/index.php?room_id=roomnumber. Here's my code that's NOT workin: RewriteEngine on RewriteRule ^/chat2/([a-z0-9_-]+)/$ /index.php?room_id=$1 [NC,L] RewriteRule ^/chat2/([a-z0-9_-]+)$ /index.php?room_id=$1 [NC,L] I get sent to the 404 page. I'm guessing the problem is my placement of the ^ but I'm not certain.

Read the article
Covert mod-rewrite to lighttpd for lessn url shortener

- by JonKratz

I am trying to use lessn, a url shortener by Shaun Inman, on my lighttpd server and he uses a .htaccess file for the redirect. I am not very good with Mod_Rewrite isn the first place otherwise some simple googling would have sufficed to convert this for lighttpd. As it is, I do not know what the 2nd and 3rd lines of the Mod_Rewrite are doing, so I cannot convert. I'd appreciate anyone's advice on those so I can have it working as it should. Thank you! <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule (.*) index.php?token=$1 [QSA,L] </IfModule>

Read the article
Why does httpd handle requests for wrong hostnames in SSL mode?

- by Manuel

I have an SSL-enabled virtual host for my sites at example.com:10443 Listen 10443 <VirtualHost _default_:10443> ServerName example.com:10443 ServerAdmin [email protected] ErrorLog "/var/log/httpd/error_log" TransferLog "/var/log/httpd/access_log" SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLCertificateFile "/etc/ssl/private/example.com.crt" SSLCertificateKeyFile "/etc/ssl/private/example.com.key" SSLCertificateChainFile "/etc/ssl/private/sub.class1.server.ca.pem" SSLCACertificateFile "/etc/ssl/private/StartCom.pem" </VirtualHost> Browsing to https://example.com:10443/ works as expected. However, also browsing to https://subdomain.example.com:10443/ (with DNS set) shows me the same pages (after SSL certificate warning). I would have expected the directive ServerName example.com:10443 to reject all connection attempts to other server names. How can I tell the virtual host not to serve requests for URLs other than the top-level one?

Read the article
mod rewrite help

- by Benny B

Ok, I don't know regex very well so I used a generator to help me make a simple mod_rewrite that works. Here's my full URL https://www.huttonchase.com/prodDetails.php?id_prd=683 For testing to make sure I CAN use this, I used this: RewriteRule prodDetails/(.*)/$ /prodDetails.php?id_prd=$1 So I can use the URL http://www.huttonchase.com/prodDetails/683/ If you click it, it works but it completely messes up the relative paths. There are a few work-arounds but I want something a little different. https://www.huttonchase.com/prod_683_stainless-steel-flask I want it to see that 'prod' is going to tell it which rule it's matching, 683 is the product number that I'm looking up in the database, and I want it to just IGNORE the last part, it's there only for SEO and to make the link mean something to customers. I'm told that this should work, but it's not: RewriteRule ^prod_([^-]*)_([^-]*)$ /prodDetails.php?id_prd=$1 [L] Once I get the first one to work I'll write one for Categories: https://www.huttonchase.com/cat_11_drinkware And database driven text pages: https://www.huttonchase.com/page_44_terms-of-service BTW, I can flip around my use of dash and underscore if need be. Also, is it better to end the URLs with a slash or without? Thanks!

Read the article
Is there any proper documentation for mod-evasive?

- by Question Overflow

mod_evasive20 is one of the loaded modules on my httpd server. I read good things about how it can stop a DOS attack and wanted to try it out on my localhost. A search for mod_evasive turns up a blog post by the author which briefly describes what it does. Other than that, I can't seem to find a reference or a documentation on the apache modules site. I was wondering whether it is a module recognised by Apache since there is no mention of it on its website. I have a mod_evasive.conf file sitting in the /etc/http/conf.d folder that contains the following lines: LoadModule evasive20_module modules/mod_evasive20.so <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 </IfModule> My understanding from the setting is that if I were to click refresh or send a form more than two times in a one second interval, apache will issue a 403 error and bar me from the site for 10 seconds. But that is not happening on my localhost. And I would like to know the reason. Thanks.

Read the article
MySQL SSL: bad other signature confirmation

- by samJL

I am trying to enable SSL connections for MySQL-- SSL will show as enabled in MySQL, but I can't make any connections due to this error: ERROR 2026 (HY000): SSL connection error: ASN: bad other signature confirmation I am running the following: Ubuntu Version: 14.04.1 LTS (GNU/Linux 3.13.0-34-generic x86_64) MySQL Version: 5.5.38-0ubuntu0.14.04.1 OpenSSL Version: OpenSSL 1.0.1f 6 Jan 2014 I used these commands to generate my certificates (all generated in /etc/mysql): openssl genrsa -out ca-key.pem 2048 openssl req -new -x509 -nodes -days 3650 -key ca-key.pem -out ca-cert.pem -subj "/C=US/ST=NY/O=MyCompany/CN=ca" openssl req -newkey rsa:2048 -nodes -days 3650 -keyout server-key.pem -out server-req.pem -subj "/C=US/ST=NY/O=MyCompany/CN=server" openssl rsa -in server-key.pem -out server-key.pem openssl x509 -req -in server-req.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem openssl req -newkey rsa:2048 -nodes -days 3650 -keyout client-key.pem -out client-req.pem -subj "/C=US/ST=NY/O=MyCompany/CN=client" openssl rsa -in client-key.pem -out client-key.pem openssl x509 -req -in client-req.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem I put the following in my.cnf: [mysqld] ssl-ca=/etc/mysql/ca-cert.pem ssl-cert=/etc/mysql/server-cert.pem ssl-key=/etc/mysql/server-key.pem When I attempt to connect specifying the client certificates-- I get the following error: mysql -uroot -ppassword --ssl-ca=/etc/mysql/ca-cert.pem --ssl-cert=/etc/mysql/client-cert.pem --ssl-key=/etc/mysql/client-key.pem ERROR 2026 (HY000): SSL connection error: ASN: bad other signature confirmation If I connect without SSL, I can see that MySQL has correctly loaded the certificates: mysql -uroot -ppassword --ssl=false mysql> SHOW VARIABLES LIKE '%ssl%'; +---------------+----------------------------+ | Variable_name | Value | +---------------+----------------------------+ | have_openssl | YES | | have_ssl | YES | | ssl_ca | /etc/mysql/ca-cert.pem | | ssl_capath | | | ssl_cert | /etc/mysql/server-cert.pem | | ssl_cipher | | | ssl_key | /etc/mysql/server-key.pem | +---------------+----------------------------+ 7 rows in set (0.00 sec) My generated certificates pass OpenSSL verification and modulus: openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem server-cert.pem: OK client-cert.pem: OK What am I missing? I used this same process before on a different server and it worked- however the Ubuntu version was 12.04 LTS and the OpenSSL version was older (don't remember specifically). Has something changed with the latest OpenSSL? Any help would be appreciated!

Read the article
Why isn't SSL/TLS built into modern Operating Systems?

- by Channel72

A lot of the basic network protocols that make up the infrastructure of the Internet are built in to most major Operating Systems. Things like TCP, UDP, and DNS are all built into Linux, UNIX and Windows, and are made available to the programmer through low-level system APIs. But when it comes to SSL or TLS, one has to turn to a third-party library such as OpenSSL or Mozilla NSS. SSL is a relatively old protocol, and it's basically an industry standard as ubiquitous as TCP/IP, so why isn't it built into most Operating Systems?

Read the article
What will be the impact on SEO if we remove our SSL certificate (url become http instead of https)?

- by pixeline

For some weird reason, our domain's content is returned for any https request set to any of our server's hosted domain names. https://domain.com leads to our website, with a proper SSL certificate (so, no warning). https://domain2.com, also hosted on our server but without SSL certificate, leads to a warning, and if accepted, to our website's content! The problem is that any search for our keywords in Google shows "fake websites" on top of ours, with the warning et al. It seems unsolvable so we are thinking about switching back ton nonsecure http . I'm just afraid of losing whatever indexing we have. How can i avoid that? Thanks, a.

Read the article
SEO and search result changes when switching to SSL on Joomla site?

- by jeffery_the_wind

I am thinking about purchasing an SSL certificate for a website. The most noticeable difference for the user would be the http now becomes https and there is that lock icon in most browsers. Will there be any adverse affects on the website's current SEO or recognition by search engines when I make the switch? Also this is a Joomla site, which has an option in the settings to use SSL. It is supposed to make it easier but not sure if it takes care of everything. Thanks!

Read the article
FortiClient SSL VPN Command Line Options

- by user116036

We had recently had a vendor switch to a fortinet firewall. We were given the FortinetSLVPNclient (version 4.0.2148) to use. This has some simple command line switches that allow you to connect from the commandline (cmd.exe this is on windows) but they seem to do nothing. Anyone have any luck with this or any alternative ssl vpn clients with scriptable installers? I have been through the documentation on the site and have seen my hopes dashed.

Read the article
Problem Implementing SSL with WSUS

- by JohnB

I'm working on setting up SSL on our WSUS server using a self signed certificate, but I'm running into trouble. Specifially, after running selfssl /n:CN=server.domain.local /t /v:365, and ensuring that Require Client Certificates is selected in the following directories: SimpleAuthWebService ServerSyncWebService DssAuthWebService ClientWebService APIRemoting30 I am receiving Event 120[2-5]2 upon running wsusutil.exe checkhealth. Basically, each of the directories I require the certificate on fails to work. What am I missing?

Read the article
Why apache doesn't restart after configuring SSL?

- by poz2k4444

I've installed apache2 and then configure it to work with SSL following this and this tutorials, the problem becomes when I try to restart the service, the following error throws: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443 no listening sockets available, shutting down Unable to open logs the output of netstat -anp | grep 443 just display firefox listening and anything else, how could I solve this and get the service running??

Read the article
SSL with hosted multi-tenant apps

- by ckarbass

I have a website that let's users create a subdomain app like this: https://subdomain.mydomain.com I want them to be able to have the app appear as if it's on their site, like this: https://myapp.theirdomain.com or maybe https://theirdomain.com/myapp/ I'm using Heroku and was wondering if this is realistic and how the ssl certificate would be done such that it worked on both domains? If not, can I get it at least working on their domain?

Read the article
A single SSL certificate acting as Wildcard And a multi-domain certificate

- by srinivt

Is it possible to have a single SSL cert that acts as both Wildcard as well as a multi-domain (UC) certificate? For eg. I want a single certificate to serve for both *.xyz.com and lmn.abc.com.

Read the article
How to disable SSL 2.0 on IIS 7.5?

- by John Hoge

I've seen this KB Article which Microsoft put out covering how to remove SSL 2.0 on IIS 7.0 and earlier, but I can't find anything advising on how to do the same on IIS 7.5. The registry keys mentioned on that KB article are no longer in the registry.

Read the article
self signed ssl in windows

- by Jan

I installed a self-signed ssl in a windows server. what should i do on the client so that they can establish a secure connection without any warning messages?

Read the article

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28 | Next Page >