Search Results

Search found 3358 results on 135 pages for 'ssl'.

Page 21/135 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • Using HttpClient with SSL and certificates

    - by ChrisCM
    While I've been familiar with HTTPS and the concept of SSL, I have recently begun some development and found I am a little confused. The requirement was that I write a small Java application that runs on a machine attached to a scanner. When a document is scanned this is picked up and the file (usually PDF) sent over the internet to our application server that will then process it. I've written the application using Apache Commons libraries and HTTPClient. The second requirement was to connect over SSL, requiring a certificate. Following guidance on the HTTPclient page I am using AuthSSLProtocolSocketFactory from the contributions page. The constructor can take a keystore, keystore password, truststore and truststore password. As an initial test our DBA enabled SSL on one of our development webservers and provided me with a .p12 file which when I imported into IE allows me to connect successfully. I am a bit confused between keystores and truststores and what steps I need to take using the keytool. I tried importing the p12 into a keystore file but get the error: keytool error: java.lang.Exception: Input not an X.509 certificate I followed a suggestion of importing the p12 into Internet Explorer and exporting as a .cer which I can then successfully import into a keystore. When I supply this as a keystore argument of the AuthSSLProtocolSocketFactory I get a meaningless errror, but if I try it as a truststore it seems like it reads it fine but ultimately I get Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate I am unsure if I have missed some steps, I am misunderstanding SSL and mutual authentication altogether or this is mis-configuration on the server side. Can anyone provide suggestions or point me towards resources that might help me figure this out please?

    Read the article

  • How can I do an SSL connection with PHP

    - by Anth0
    Hi, I need to develop a PHP class to communicate with Apple servers in order to do Push notification (APNS). I have the certificate (.pem) and I tried to follow various tutorials found on Internet but I'm still getting error trying to connect to ssl://gateway.sandbox.push.apple.com:2195 with stream socket : $apnsHost = 'gateway.sandbox.push.apple.com'; $apnsPort = 2195; $apnsCert = 'apns-dev.pem'; $streamContext = stream_context_create(); stream_context_set_option($streamContext, 'ssl', 'local_cert', $apnsCert); $apns = stream_socket_client('ssl://'.$apnsHost.':'.$apnsPort, $error, $errorString, 2, STREAM_CLIENT_CONNECT, $streamContext); A telnet on this URL works so port 2195 is opened. Openssl is activated on PHP since I get "Registered Stream Socket Transports : tcp, udp, ssl, sslv3, sslv2, tls" with a phpinfo(). My certificate is well read (PHP is_readable(certif.pem) returns true on the file) Is there anything else to activate in Apache or PHP to get it work ?

    Read the article

  • SSL connection using Java standalone app

    - by Marquinio
    I have created a standalone executable JAR program that needs to send private information over a SSL connection. I was not able to establish the SSL connection using certificates. Was getting this: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path `building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target` So I found some code somewhere that creates a trust manager that does not validate certificate chains: // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) { } } }; That did the trick and I was able to establish SSL connection without any certificates. My concern is if the data will still be encrypted when exchanging private information. This is an execute JAR file that clients will be downloading to their computers. So is a certificate really necessary for this case? Thanks.

    Read the article

  • Staring Shotgun with Thin as server using SSL

    - by Bryan Paronto
    I have a Facebook app I'm developing locally. I've configure everything correctly to SSL development with Thin. I know that using a shotgun.rb file, I can pass options to Thin to get it to start in SSL mode, but I'm not exact sure how to pass these options. I'm thinking something like: Thin:Server::options[:ssl] = true Thin:Server::options[:ssl_cert_path] = /path/to/cert/ Restarting thin constantly is getting old, so I'd really like to be able to use shotgun in development.

    Read the article

  • SSL and Tomcat using Java

    - by Marquinio
    Hello all, I'm new to SSL connections so here goes my question. I have a desktop Java program in a JAR file. This JAR sends sensitive information over the internet to a remote Tomcat server. Of course I need to encrypt the data. If I purchase an SSL cerfiticate say from Verisign, will the data sent over SSL be automatically encrypted? I mean in my JAR, will I still need to do extra work like use Java encryption extensions API to manually encrypt my data over the SSL connection? Thank you.

    Read the article

  • High performance SSL client with connection pooling session caching etch on Windows

    - by Yucong Sun
    Hi there, I'm looking for a fast SSL socket client basically talks SSL with remote service and I need features like connection pooling/limiting so that my other client calling this ssl socket can basically issue as many as requests and it will handle it peacefully. I looked into openssl s_client, but it says it's only for testing purpose, is there a handy tool avaiable? STunnel seems to be okay, but don't have that connection limiting option I need. Cheers.

    Read the article

  • SSL Certificate error: verify error:num=20:unable to get local issuer certificate

    - by Brian
    I've been trying to get an SSL connection to an LDAPS server (Active Directory) to work, but keep having problems. I tried using this: openssl s_client -connect the.server.edu:3269 With the following result: verify error:num=20:unable to get local issuer certificate I thought, OK, well server's an old production server a few years old. Maybe the CA isn't present. I then pulled the certificate from the output into a pem file and tried: openssl s_client -CAfile mycert.pem -connect the.server.edu:3269 And that didn't work either. What am I missing? Shouldn't that ALWAYS work?

    Read the article

  • AWS RDS (SQL Server): SSL Connection - The target principal name is incorrect

    - by AX1
    I have a Amazon Web Services (AWS) Relational Database Service (RDS) instance running SQL Server 2012 Express. I've installed Amazon's aws.amazon.com/rds certificate in the client machine's Trusted Root Certification Authorities store. However, when I connect to the RDS instance (using SQL Server Management Studio 2012) and check off "Encrypt Connection", I get the following error: A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.) (Microsoft SQL Server) What does this mean, and how can I fix it? Thanks!

    Read the article

  • Supermicro IPMI SSL

    - by churnd
    I have a Supermicro X9SCA-F serverboard and I'm trying to secure Super Doctor III IPMI by using SSL. I generated my own certs (done this many times before), uploaded via the web interface, then it said it needed to restart & I clicked OK, but it never came back up. Right now it's not listening on port 80 or 443 it seems. I also power cycled the box a few times (shutting down & physically removing power for 5 mins), but that didn't seem to help either. Before I did this, it was working fine, so I'm not sure what may have happened?

    Read the article

  • Using SSL on slapd

    - by Warren
    I am setting up slapd to use SSL on Fedora 14. I have the following in my /etc/openldap/slapd.d/cn=config.ldif: olcTLSCACertificateFile: /etc/pki/tls/certs/SSL_CA_Bundle.pem olcTLSCertificateFile: /etc/pki/tls/certs/mydomain.crt olcTLSCertificateKeyFile: /etc/pki/tls/private/mydomain.key olcTLSCipherSuite: HIGH:MEDIUM:-SSLv2 olcTLSVerifyClient: demand and the following in my /etc/sysconfig/ldap: SLAPD_LDAP=no SLAPD_LDAPS=yes In my ldap.conf file, I have BASE dc=mydomain,dc=com URI ldaps://localhost TLS_CACERTDIR /etc/pki/tls/certs TLS_REQCERT allow However, when I connect to the localhost, ldapsearch returns the following: ldap_initialize( <DEFAULT> ) ldap_create Enter LDAP Password: ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 127.0.0.1:636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 TLS: loaded CA certificate file /etc/pki/tls/certs/978601d0.0 from CA certificate directory /etc/pki/tls/certs. TLS: loaded CA certificate file /etc/pki/tls/certs/b69d4130.0 from CA certificate directory /etc/pki/tls/certs. TLS certificate verification: defer TLS: error: connect - force handshake failure: errno 0 - moznss error -12271 TLS: can't connect: . ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) What do I have incorrect?

    Read the article

  • Using SSL with Openfire

    - by Dan
    I'm having a rough time getting SSL configured properly on an Openfire install. Quite honestly, I just don't know what to do. It seems convoluted on the steps necessary to get a cert imported. Has anyone out there successfully done this? I'm running Openfire 3.6.4 on Server2003 R2. I have a signed UC cert which is ready to roll, I just don't know what to do with it. I've been through tons of tutorials on converting from .crt to .der to .pem, using openssl and java tools, but its only getting more confusing as I go.

    Read the article

  • Good low-cost SSL certificate providers

    - by phenry
    We need an SSL certificate to facilitate remote access and administration by a small number of employees. I don't want to have to train a bunch of non-technical users to install a self-published cert on their home computers, so I'd prefer to purchase one from a well-trusted provider. We won't be using it for any kind of e-commerce or things like that, so it seems hard to justify paying the prices demanded by some of the big-name providers. Who are some good low-cost providers to consider? What are the important differences between the offerings that are available at different price points? (And is the certificate business really as much of a racket as it seems?)

    Read the article

  • IIS requesting certificates even though set to ignore

    - by lupefiasco
    I have a web site in IIS 6 with directory security set to Require secure channel (SSL) and Require 128-bit encryption. Also, the Client certificates setting is set to "Ignore client certificates". When I hit https://servername/resource in Internet Explorer and Chrome , I am prompted for a certificate. I can cancel the prompt, and the resource will load, but I don't want to see this prompt at all. I looked at the virtual directories and resources within the web site, and they all have the ignore client certificates setting on. Could there be another setting, perhaps in the metbase, that is overriding the web site's directory security settings?

    Read the article

  • IIS 6 SSL Restore from PFX without Deleting Pending Request

    - by Sev
    I requested a new SSL certificate from a certificate authority, but until they process it my site is losing business. Before doing so, I had backed up the original certificate to a PFX file. Now when I try to restore the backup, it forces me to delete it, or process the request. Since the new one isn't ready yet, is there any way to restore the backup, without deleting the request? Or will it cause any issues if I delete the request to install the new one when it comes in? Server is IIS 6

    Read the article

  • archiva/jetty with nginx ssl proxy: getting http responses

    - by numb3rs1x
    I've been banging my head against this for awhile now. I have an archiva repository server I'm trying to proxy through nginx with ssl offloading. archiva has a jetty server built in that is listening on port 8008 of the localhost. I'm able to get to the archiva server through the proxy, but it wants to return http responses and not https responses. I thought that setting the following headers was supposed to tell the server to respond with https: proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_redirect off; I also tried "proxy_redirect default;". It seems that the jetty/archiva server is not recognizing these or there needs to be something more. I've been scouring forums and as far as I can tell, everything is set as it should be. I'm not sure where else to check at this point. Has anyone had any success with this?

    Read the article

  • Open Source project that does SSL Inspection

    - by specs
    I've been assigned to research out and spec replacing our old and decrepit http content filtering system. There are several open source filtering packages available but I've not come across one that does SSL inspection. The new system will scale to many branches of different sizes, from say 10 users to a few hundred, so purchasing an appliance for each branch isn't desirable. When we're further along, we will do custom programming as we have a few unique needs in other aspects of filtering, so if the suggestion takes a bit of customization, it won't be a problem.

    Read the article

  • Wildcard SSL Certificates with Exchange 2010?

    - by Hutch
    Is anyone using a Wildcard Cert with Exchange 2010 please? We currently have a bunch of individual whatever.domain.com SSL certificates and as several are expiring soon it would be an ideal opportunity to move to a wildcard certificate. At some point though we will be moving from Exchange 2003 to Exchange 2010, and I've read conflicting reports over whether wildcard certs work with Exchange 2010 as many guides seem to recommend a UCC/SAN certificate. Our internal DNS domain name is the same as our external domain name. Godaddy look like good VFM given they allow use on unlimited physical servers. Thanks in advance.

    Read the article

  • Implementation of SSL on SaaS App with seprate domains

    - by asifch
    Hi, We are developing a SaaS application in Asp.net, where we have used the Single application and Per Tenant Database. The application is more like a Saas e-commerce where SSL and data separation are required features. Now we want that every Tenant can have his separate top level domain names instead of the second level domains like 37Signals. So all the domains abc.com and xyz.com are using the same single app. What i need to know is how to implement and deploy the https in the application so that everything works out fine, also how should we configure the NameServer and web application on IIS so that all the domains are pointing to the one application.

    Read the article

  • Self-requests appearing on an Apache SSL site

    - by Sam Minnée
    I have an SSL site running on Apache that seems to be recieving regular self-requests of some kind. Is this something that Apache is doing? What is the reason? (ip address) - - [23/Apr/2010:14:21:00 +1200] -:443 "GET /" 400 637 "-" "-" (-) 157 (ip address) - - [23/Apr/2010:14:21:03 +1200] -:443 "GET /" 400 637 "-" "-" (-) 160 (ip address) - - [23/Apr/2010:14:21:14 +1200] -:443 "GET /" 400 637 "-" "-" (-) 147 (ip address) - - [23/Apr/2010:14:21:15 +1200] -:443 "GET /" 400 637 "-" "-" (-) 128 (ip address) - - [23/Apr/2010:14:21:16 +1200] -:443 "GET /" 400 637 "-" "-" (-) 167 (ip address) - - [23/Apr/2010:14:21:17 +1200] -:443 "GET /" 400 637 "-" "-" (-) 141 (ip address) - - [23/Apr/2010:14:21:18 +1200] -:443 "GET /" 400 637 "-" "-" (-) 166 (ip address) - - [23/Apr/2010:14:21:20 +1200] -:443 "GET /" 400 637 "-" "-" (-) 168 (ip address) - - [23/Apr/2010:14:21:21 +1200] -:443 "GET /" 400 637 "-" "-" (-) 160 (ip address) - - [23/Apr/2010:14:21:31 +1200] -:443 "GET /" 400 637 "-" "-" (-) 177 (ip address) - - [23/Apr/2010:14:21:32 +1200] -:443 "GET /" 400 637 "-" "-" (-) 103 (ip address) - - [23/Apr/2010:14:21:38 +1200] -:443 "GET /" 400 637 "-" "-" (-) 157 (ip address) - - [23/Apr/2010:14:21:39 +1200] -:443 "GET /" 400 637 "-" "-" (-) 193 (ip address) - - [23/Apr/2010:14:21:40 +1200] -:443 "GET /" 400 637 "-" "-" (-) 168

    Read the article

  • Apache Front End....Tomcat back end...SSL question

    - by Jared
    Hi Everyone, Question.... I have Apache setup as my webserver. Tomcat is hooked into Apache via mod_jk, so the user never interacts with Tomcat. I have set up SSL on the Apache Webser...I can hit it with https:// localhost When I try to access my application at ...https://localhost/app I get a directory not found error. Catch is when I go regular http... I can hit it fine... http:// localhost/app What do I have to edit for this connection to work? I have uncommented the AJP connector in server.xml I have added my virtual host to httpd.conf What am I missing? Thanks in advance. Jared

    Read the article

  • Creating self-signed SSL on IIS - Remote access problem

    - by ile
    I followed these instructions to create self-signed ssl: http://www.visualwin.com/SelfSSL/ (I opened SelfSSL and typed selfssl /T) When I access https: //localhost/ than it works, but when I try to access it remotely (i set up my router to port forward to localhost), for example https: //myip the page does not load. Also, I noticed one other thing. When I access localhost locally then I am asked to enter user/pass, but if I access remotely the I get the following warning: Under Construction The site you were trying to reach does not currently have a default page. It may be in the process of being upgraded and configured. ... I don't know if it is related with this but I hope someone know the answer. Thanks, Ile

    Read the article

  • mysql connector/net ssl shutsdown the server

    - by Simon
    Hello, when I try to connect my server throw connector/net using ssl with pfx certificate I had problem with establishing the connection. I get connection timeout. And the server probably fall down (I dont know it for sure, becouse I dont manage the server). On the Windows XP works all right, but on Windows 7 dont. Please, where is problem? In Windows 7 or on the server (mysql 5.0)? Sometimes I get "Calling interface SSPI Failed" error, but not everytime. Sometimes is only connection timeout error. Thank you a lot for any help. Regards, simon

    Read the article

  • Configuring a Unified Communications Certificate for many virtual hosts running in Jetty

    - by rrc7cz
    I have a single IP with Jetty serving up X sites on port 80. Basically you can sign up for our service, then point your domain www.mycompany.com to that IP, and Jetty will serve up your custom site. I would like to add SSL support for all sites. To simplify things, I've looked at getting a single Unified Communications Certificate to plug into Jetty and have it work for all sites. Is this possible? Has anyone done this before? Does Jetty only support traditional, single-domain certs? What issues might I run in to compared to a single-domain cert?

    Read the article

  • Apache SSL losing session over load balancer

    - by SaltyNuts
    I have two physical Apache servers behind a load balancer. The load balancer was supposed to be set up so that a user would always be sent to the same physical server after the first request, to preserve sessions. This worked fine for our web apps until we added SSL to the setup. Now the user can successfully login, see the home page, but clicking on any other internal links logs the user right out. I traced the issue to the fact that while initial authentication is performed by server 1, clicking on internal links leads to having the request sent to server 2. Server 2 does not share sessions with server 1, and the user is kicked out. How can I fix it? Do I need to share sessions between the two servers? If so, could you point me to a good guide for doing this? Thanks.

    Read the article

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >