Search Results

Search found 3358 results on 135 pages for 'ssl'.

Page 22/135 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • If I use openvpn, can vpn servers monitor my usernames/passwords?

    - by Duff
    Openvpn uses a type of encryption similar to ssl. This seems to suggest that even if I choose an incredibly shady VPN server, then my content will be secure. That is, the VPN server will be able to monitor what websites I patronize, but not the actual data I transfer. That said, I am not an expert at this type of thing. I wanted, therefore, to make sure that I understand correctly. Is it true that if I use openvpn that my username/passwords are secure, even if the VPN is untrustworthy? If not, why? (And how, if at all, can it be fixed?) Examples of things that I don't know much about that may (or may not! I honestly don't know much about this.) be related to my question are: DNS leakage, IPv6, tracking cookies, browser plugins and websites that don't support https.

    Read the article

  • Failed to configure CA certificate chain

    - by kron
    Hi All, I'm trying to setup SSL on fedora with apache. In my vhost... SSLCertificateFile /your/path/to/crt.crt SSLCertificateKeyFile /your/path/to/key.key SSLCertificateChainFile /your/path/to/DigiCertCA.crt I had it working fine with a self signed key, but can't get it to work with the DigiCertCA crt. When I run service httpd restart It fails to start. This is what I get in the logs... [Sat Jan 29 07:57:13 2011] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suex$ [Sat Jan 29 07:57:13 2011] [error] Failed to configure CA certificate chain! Any assistance would be really appreciated! Thanks

    Read the article

  • Set up SSL/HTTPS in zend application via .htaccess

    - by davykiash
    I have been battling with .htaccess rules to get my SSL setup working right for the past few days.I get a requested URL not found error whenever I try access any requests that does not do through the index controller. For example this URL would work fine if I enter the it manually https://www.example.com/index.php/auth/register However my application has been built in such a way that the url should be this https://www.example.com/auth/register and that gives the requested URL not found error My other URLs such as https://www.example.com/index/faq https://www.example.com/index/blog https://www.example.com/index/terms work just fine. What rule do I need to write in my htaccess to get the URL https://www.example.com/auth/register working? My htaccess file looks like this RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^.*$ - [NC,L] RewriteRule ^.*$ index.php [NC,L] I posted an almost similar question in stackoverflow

    Read the article

  • Switching to LDAP over SSL for Active Directory

    - by bkildow
    On our active directory server, I would like to enable LDAP over SSL as per this: http://support.microsoft.com/kb/321051. I am wondering, once this is set up, will LDAP still be listening on the standard port, 389 once this is implemented as well as the secure port? Or will the secure port completely replace the standard port as an option to connect to? Also, will there need to be any other configurations besides the steps in the article for doing this? In other words, will domain users still be able to authenticate like normal, or is there additional setup that would need to occur?

    Read the article

  • Generating my own SQL Server SSL Certificate

    - by Haoest
    I hear it's possible to make myself a test certificate with MakeCert from Windows SDK, but the beast is 1.5 GB, which I feel reluctant to download for a half-megabyte program. I do, however, have IIS Resource kit with me, which has selfssl to generate certificate for IIS. Will that work for SQL Server? Is there a more convenient way of generating myself an SSL certificate for SQL Server use? I even tried using CREATE CERTIFICATE with TSQL within SQL Server and then have it BACKUP into a file, but with no success. I must have confused the concept of certificate fundamentally. Any advice?

    Read the article

  • Apache2 SSL And Passenger Configuration Issue

    - by Aditya Manohar
    I have the following virtual hosts configuration blocks. <VirtualHost *:80> DocumentRoot /var/www/html/TestApp/public/ <Directory /var/www/html/TestApp/public/> Allow from all Options -MultiViews </Directory> </VirtualHost> NameVirtualHost *:443 <VirtualHost *:443> DocumentRoot /var/www/html/TestApp/public/ <Directory /var/www/html/TestApp/public/> Allow from all Options -MultiViews </Directory> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/server.crt SSLCertificateKeyFile /etc/pki/tls/private/server.key </VirtualHost> I trying to serve a Rails App off Passenger on Apache. The Problem: The TestApp works fine with Apache and Passenger when not using SSL When I use https://, I see the contents of /var/www/html The path to TestApp is /var/www/html/TestApp Any help will be much appreciated.

    Read the article

  • apache, shibboleth, load balancing aliase, ssl

    - by Nikolaidis Fotis
    Good morning folks Could you give me a bit of help with the following problem ? I have a dns load balancing mechanism and an alias (hostAlias) which may point to host01, or host02 I want to configure apache and shibboleth to work with that alias. What happens is ... User types : https://hostAlias (it points to host01) apache host01 : redirect to shibboleth shibboleth host01 : redirect to **https://hostAlias.cern.ch/Shibboleth.sso/ADFS** Now, there are two cases. Either this time hostAlias will point again to host01 , or it will point to host02. If it points to host02, host01 will not get the anwser and the authentication fails. Also, about ssl certificates, I guess that each host will need its own certificate. right ? Should I need a certificate with DNS aliases ? Thanks in advance !

    Read the article

  • How to use SSL on AWS EC2

    - by Aubada Taljo
    Hello I have an AWS EC2 account and I am running an instance that serves as a web host for my PHP website... This is a private website that has no UI but only URLs to be requested by my other software to get some response from the server... I want the requests (that I send to the server) to be secured so I want to use https instead of http... so what should I do to achieve that? PS: I found this link while searching... but I don't know how useful it's in my situation http://matt-darby.com/posts/690-aws-ec2-and-ssl Thanks in advance Good luck

    Read the article

  • IE8/IE7/IE6/IE5 on WinXP Use The Wrong Certificate

    - by Marco Calì
    For some reason IE8/IE7/IE6/IE5 on Windows XP, instead to use the certificate that is listed on the nginx website config, is using another certificate that is used from other websites. Checking the nging config file for the website everything is fine. A confirm of this is that all the other browsers (Chrome/Firefox/Safari/IE9) are using the correct certificate. This is the nginx configuration for the app: server { listen 80; listen 443 ssl; server_name mydomain.com; ssl_certificate /root/certs/mydomain.com/mydomain.bundle.crt; ssl_certificate_key /root/certs/mydomain.com/mydoamin.key; access_log /opt/webapps/cs_at/logs/access.log; location / { add_header P3P 'CP="CAO PSA OUR"'; proxy_pass http://127.0.0.1:20004; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $remote_addr; } }

    Read the article

  • SSL Certificate for local web server

    - by Firefly
    Is it at all possible to create a self-signed certificate for use on multiple machines on a local network which would stop the browser complaining it is not a trusted site? We have a product which is basically a computer running lighttpd to serve a web interface for configuring the computer (sort of how a router has a web interface). There can also be many of these machines running on the same network with dynamic IP's. What I basically want to do is enable SSL for extra security but I don't want people who are on the local network to be given a browser warning about the certificate not being trusted. Is this at all possible?

    Read the article

  • SSL certs or intermediate for DMZ

    - by rex
    I've been tasked with deploying and managing load balancers covering internal servers and DMZ servers. I have no experience with this, and this is a first for my organization as well. Balancers are up, running, legit. Currently we are using a self-signed cert for Exchange/OWA. I know that we should have a cert signed by a CA, but the balancer has options for SSL cert or intermediate cert, and I'm unclear on the difference, or on which we need. We will be hosting Lync, Exchange and some custom apps in the DMZ. disclaimer: Apologies up front, I'm desktop support. I recently passed my Net+. It seems that has made me the network engineer in this organization.

    Read the article

  • Two SSL certs for a domain in DirectAdmin

    - by Bart van Heukelom
    If I were to get 2 SSL certificates, one for example.com and one for www.example.com, is there a way to install them both on the site example.com in DirectAdmin? The default interface only allows installing one for both versions. If not, can I separate the 2 domains into 2 sites? One of them would only be a redirection, so there wouldn't be any duplication of site files. (Please don't answer with "one certificate should work for both". It doesn't always. This is a DirectAdmin question)

    Read the article

  • Make Exchange 2007 use the correct SSL certificate

    - by Neil
    I have an SBS 2008 server contososerver.contosodomain.local which is externally accessible with the domain remote.contoso.com and an SSL certificate for the external domain which we installed using the SBS 2008 wizard. This works great for OWA because IIS serves the remote.contoso.com certificate. I also want to turn on external POP3/IMAP4/SMTP however when I try, I get served the internal certificate that SBS generated automatically (using its internal CA) which has the alternate names remote.contoso.com, contososerver.contosodomain.local and contososerver. I tried removing this certificate from Exchange but it won't let me because it needs it for its internal receive connector. So how do I tell Exchange 2007 to use the real certificate for external POP3/IMAP4/SMTP?

    Read the article

  • Setting up SSL on Nginx, Passenger, Sinatra

    - by 12preschph
    I have a Sinatra app that runs both on locally and on Heroku. When visiting my site over HTTPS across Heroku, it will indeed work as Heroku provides this by default. How can I set up SSL to work on my localhost machine? I will enable my Sinatra app to only allow secure connections so I need to test this both in development and production. Currently, I am running the following locally: SERVER= nginx/1.6.0 + Phusion Passenger 4.0.42 Also, where is my nginx folder? I don't have it installed in the normal location (Ubuntu) so this must come custom with Passenger?

    Read the article

  • Using SSL with Openfire

    - by DanBig
    I'm having a rough time getting SSL configured properly on an Openfire install. Quite honestly, I just don't know what to do. It seems convoluted on the steps necessary to get a cert imported. Has anyone out there successfully done this? I'm running Openfire 3.6.4 on Server2003 R2. I have a signed UC cert which is ready to roll, I just don't know what to do with it. I've been through tons of tutorials on converting from .crt to .der to .pem, using openssl and java tools, but its only getting more confusing as I go.

    Read the article

  • Multi domain server with dedicated SSL's HA

    - by user3692800
    I am hosting a server with 150 domain names (websites), each of the ssl's requere dedicated IP address. So server windows 2008, with 150 IP addressees and 150 websites. I need to have high availability solution. So thinking setting up AWS but ELB will not be a solution... and max IP's I can get per instance is 12 addresses. So what can I do to have all 150 sites hosted on one instance and be HA with instance in different availability zone.

    Read the article

  • SSL issues with puppet agent at openSUSE

    - by Roman Grazhdan
    I have a master running at my vps, and it has a simple helloworld manifest which works fine with any ubuntu machine I have. It connects, exchanges keys and creates test file allright, so I'm sure it's not server issue. The agent which is running at a virtual machine with openSUSE says: err: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. This is often because the time is out of sync on the server or client I believe it's probably a broken or missing lib, since the package is not built very accurately - it wouldn't start out of the box because of wrong path to lockfile, for example. So how do I figure out what exactly is wrong here? The time is allright, I've checked it. I probably could do without SSL if it's possible, since that SUSE machines are just for training, but it's the last opportunity.

    Read the article

  • What is the 'cacert.pem' and for what to use that?

    - by user65567
    I am developing a web application on localhost with domains and sub-domains and I would like to use a HTTPS connection. On my Mac OS, in order to enable SSL, I need to set Apache correctly, so I followed some guide to accomplish part of that. Now it is time to choose a certificate in order to test HTTPS requests. I seen the cacert.pem, but I don't know how to use that and for what it is used (can you explain to me some about its usage?)... So, is it possible to use the cacert.pem (see the link) for all my domains and subdomains (maybe, as a wildcard certificate) on localhost? If so, how to do that? What certificate I have to take and use? If no, what I need to do in order to use a wildcard certificate for all my domains and subdomains on localhost? Of course those certificates must be accepted by browsers and working for HTTPS connection between my domains.

    Read the article

  • Generate a use a Openssl certificate in Tomcat

    - by Safari
    I need to enable SSL on my Tomcat and Apache so I need to generate the (self-signed) certificate using Openssl tool end, about Tomcat, I need to import the certificate using keytool. I know that is necessary to convert (openssl) certificate to Tomcat compatible format. So I need to Use OpenSSL to convert the certificate into an PKCS12 keystore an I need to Import this keystore using keytool and export as Tomcat compatible keystore. But I not understood how can I convert a my certificate (generated with Openssl) into a requested Tomcat format? is possible to explain me all the steps to reach my goal? thanks

    Read the article

  • Redirect non-www ssl traffic to www ssl (apache)

    - by The NinjaSysadmin
    Hello, I'm attempting to get a redirect which is failing, and for some reason I can't think today. I have a vHost file within HTTPD that listens on standard port 80 and port 443. I'm attempting to redirect https://domain.com/(.*) to https://www.domain.com/$1 so that the URL remains intact. My config is as follows: ServerName www.domain.com ServerAlias tempdomain.testdomain.co.uk ServerAlias domain.com My rerwrite rule I'm using is. RewriteCond %{HTTP_HOST} ^domain.com$ RewriteRule ^(.*)$ https://www.domain.com$1 [R=301,L] I've also tried removing the . and $ but nothing.. When I visit the url https://domain.com/secure.page?action=comp it doesn't redirect to https://www.domain.com/secure.page?action=comp I do also have other SSL pages, the above was just an example.. Can anyone point out my stupidity.

    Read the article

  • Activating ssl on tomcat

    - by toom
    I want to encrypt the http traffic on a tomcat instance via ssl. Therefore I followed the most simplistic approach described on various webpages. But anyway it simply does not work. Here is what I did: "keytool -genkey -alias tomcat -keyalg RSA" and I enterd "changeit" as the password (since this is the defaut chosen by tomcat) Altering $CATALINA_HOME/conf/servers.xml by uncommenting the following line Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"/ Restarting tomcat Entering https://localhost:8443 does not work. However, I can still access the page via normal http like http://localhost:8080 The logfile does not contain any suspicious information. What is going wrong here?

    Read the article

  • Controlling access to my API using SSH public key (not SSL)

    - by tharrison
    I have the challenge of implementing an API to be consumed by relatively non-technical clients -- pasting some sample code into their WordPress or homegrown PHP site is probably as much as we can ask. Asking them to install SSL on their servers ain't happening. So I am seeking a simple yet secure way to authenticate API clients. OAuth is the obvious solution, but I don't think it passes the "simple" test. Adding a client id and hashed secret as a parameter to the requests is closer -- it's not hard to do md5($secret . $client_id) or whatever the php would be. It seems to me that if client requests could use the same approach as SSH public keys (client gives us a key from their server(s) there should be some existing magic to make all of the subsequent transactions transparently work just as regular HTTP API requests. I am still working this out (obviously :-), so if I am being an idiot, it would be nice to know why. Thanks!

    Read the article

  • htaccess with wildcard SSL

    - by Ericko
    We have a Wildcard SSL Certificate that is supposed to work on any subdomain of a given domain. So in this server we have this file structure: /home/DOMAIN/public_html/subdomainx /home/DOMAIN/public_html/subdomainy etc... Now, the Certificate is installed, but when you visit any subdomain over https (example: hxxps://subdomainx.domain.com ) it points to /home/DOMAIN/public_html/index.php We need that when you visit a subdomain via https hxxps://subdomainx.domain.com That it points to the the same directory that it's http equivalent: /home/DOMAIN/public_html/subdomainx Our provider tells us that this is not possible, that the current behaviour is correct, and that to achieve this we need to do it with htaccess. I've tried a few things, incluiding this solution, that seems to be what I need: http://stackoverflow.com/questions/5365612/advice-on-configuring-htaccess-file-to-redirect-http-subdomain-to-https-equival But can't get it to work. Any tips? Thanks. Added: The server is Apache.

    Read the article

  • Firefox unable to load SSL Certificate Chain, while Chrome, IE do

    - by FryBurger
    I created a certificate for our IIS 6 by sending a request (created with openssl) to our organization's CA. I already had trouble to integrate the private key into that certificate, that has been solved, see SO question IIS 6.0 now uses the certificate (with TSL v1 and SSL v3), that is the 4th in cert hierarchy. Now, if I access the intranet site, chrome accepts the certificate, so does IE, but Firefox complains about an insecure connection and wants me to add an exceptional rule. If I look into the certificate, how FF presents it to me, I cannot see any of the three issuers. How can this be? If I connect via openssl s_client -showcerts -connect... I only see my own certificate too, which is said to be not verified. I am quite confused now. Where's the mistake and how can I make FF accept certificate without forcing our users to add that exceptionrule? Maybe do I have to add all the three issuer certificates into cert store of the win2003 server that hosts IIS 6.0 ??

    Read the article

  • Would using a self-signed SSL certificate be appropriate in this scenario?

    - by Kevin Y
    Now I realize this topic has been discussed in a few questions before (specifically this one), but I'm still a little confused about the implications of using a self-signed certificate, and how I would be affected by doing so in this case. After reading various sources, I'm still a little confused about the exact details of using one. The biggest problem with a self-signed certificate, is a man-in-the-middle attack. Even if you are 100% sure that you are on the correct website and you completely trust the site (your email server for example), you could have someone intercept the connection and present you with their own self-signed certificate. You would think that you are using a secure connection with your email server but you are really using a secure connection to an attacker's email server. – SSL Shopper So somebody could switch out my self-signed certificate with their own, and I wouldn't be able to detect it? The way this site phrases it, it makes it sound worse to install a self-signed certificate than to leave your site without a certificate at all. Self-signed certificates cannot (by nature) be revoked, which may allow an attacker who has already gained access to monitor and inject data into a connection to spoof an identity if a private key has been compromised. CAs on the other hand have the ability to revoke a compromised certificate if alerted, which prevents its further use. - Wikipedia Does this mean that the only way someone could switch out their own certificate for mine is for them to find out the private key? I suppose this is more secure, but I'm still slightly confused about what exactly results from using a self-signed certificate. Is the only issue that obnoxious security warning that pops up in your browser when directed to the site, or is there more to it? Now in my case, I want to add the an SSL certificate to a minuscule Wordpress blog I run that I don't expect anyone else will read anytime soon; I mainly started it to get into the habit of blogging, and to learn more about the process of administrating a site (ex. what to do in situations like this one). Whenever I go to the login page and there's an HTTP:// instead of HTTPS://, I cringe a little. Submitting my password feels like I'm shouting my password out loud with hundreds of people listening. I don't plan on adding any other authors to the site, so I am the only person who would ever need to login. This isn't a site I'm trying to get page views from, or one that handles e-commerce or any sensitive info like that, simply my username and password to login with. One of the concerns (that I've gathered so far) of a self-signed certificate is that non-technical users might be scared by the security warning, but this would not be an issue in my case. TL;DR: If scaring visitors away isn't a concern (which it isn't in my case), is it acceptable to use a self-signed certificate for the purpose of encrypting my Wordpress blog's password, or are there added security issues I should be aware of? Essentially, I'm wondering whether adding a self-signed certificate will be safer than leaving my login page the way it is now, or if it adds the potential for more security breaches than leaving it sans-SSL.

    Read the article

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >