Search Results

Search found 15441 results on 618 pages for 'ssl security'.

Page 23/618 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • Problems with self-signed SSL certificate for SSTP in Windows Server Foundation 2008

    - by John Barton
    I am trying to configure SSTP in Windows Server Foundation 2008. I want to use a self-signed SSL certificate to do authentication. When the server is running, I get the following error when trying to connect: 0x800B0109: A certificate chain processed, but terminated in a root certificate that is not trusted by the trust provider. I created the self-signed certificate in the IIS "Server Certificates" panel. From that panel, I exported the certificate, with the private key, to a .pfx file. I installed this certificate on the client computer which I tried to connect from. The certificate bound to the SSL listener in the RRAS-Security panel is present in the Trusted Root Certificate Authority stores on both machines. I've been getting super annoyed setting up certificates. Any advice here?

    Read the article

  • Security Talk Webcast: Agile Security - Develop Code Rapidly and Securely with SDL-Agile

    Find out how SDL and Agile can be made to work well together - and in many ways actually work better together than separately. Get an in-depth look at the new MSF-Agile+SDL process template for Visual Studio Team System that can help development teams integrate SDL-Agile tasks directly into their Visual Studio development environments....Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Using wildcard SSL certs (chain certificate) with mod_gnutls

    - by QWade
    I have a wildcard SSL certificate from GoDaddy that has three files: wildcard.crt gd_bundle.crt wildcard.key In setting up mod_gnutls to be used with Apache, I can get the site to come up, but it throws a warning that the SSL certificate has not been validated by a CA. When I use mod_ssl, I can stipulate a SSLCertificateChainFile directive and point it at the bd_bundle.crt file. I do not see how to do this with mod_gnutls. Any help is appreciated. I also know that mod_ssl supports SNI, so if there is not an easy answer, I will just try that. Thanks, QWade

    Read the article

  • Bugzilla with SSL

    - by Antitribu
    I have an install of Bugzilla I'm trying to implement SSL on. When I go into the parameters screen and edit SSLBASE adding in the full url: https://foo.com/bugzilla/ the editparams.cgi times out on loading and I have the following error in the apache log [Tue Mar 30 19:29:39 2010] [error] [client xxx.xx.xx.xx ] (70007)The timeout specified has expired: ap_content_length_filter: apr_bucket_read() failed, referer: http://foo.com/bugzilla/editparams.cgi On install I also received this error: WARNING: You need to set the max_allowed_packet parameter in your MySQL configuration to at least 3276750. Currently it is set to 3275776. You can set this parameter in the [mysqld] section of your MySQL configuration file. How can I force this to work? Editing other parameters (eg urlbase) work fine. The SSL site is setup and direct requests to it eg https://foo.com/bugzilla work correctly. Any ideas? Ty

    Read the article

  • Receiving SSL certificate errors only from some clients

    - by Nico M
    I am receiving SSL certificate errors from Chrome (latest version (23.0.1271.52 beta-m) and Internet Explorer 6 (not used) on my home desktop machine (Windows XP SP2). In Firefox, it works fine on this PC. My laptop and work desktop (both Windows 7) work fine. Most SSL website checking sites report that the certificate and chain up to the root CA are setup correctly, but I have come across 2 that that say I have an invalid certificate but don't give much information on what part is failing. I know it used to work properly on this desktop (in Chrome and IE) in the past, but I'm not sure what has changed that is causing the site to fail in these browsers. Can anyone provide any assistance? This is driving me nuts! Screenshot of error:

    Read the article

  • Reverse proxy with SSL and IP passthrough?

    - by Paul
    Turns out that the IP of a much-needed new website is blocked from inside our organization's network for reasons that will take weeks to fix. In the meantime, could we set up a reverse proxy on an Internet-based server which will forward SSL traffic and perhaps client IPs to the external site? Load will be light. No need to terminate SSL on the proxy. We may be able to poison DNS so original URL can work. How do I learn if I need URL rewriting? Squid/apache/nginx/something else? Setup would be fastest on Win 2000, but other OSes are OK if that would help. Simple and quick are good since it's a temporary solution. Thanks for your thoughts!

    Read the article

  • SSL for PHP on Windows Server 2003

    - by otobrglez
    Hi All! I have Windows Server 2003 R2 with Apache 2.2.4 and PHP 5.2.6. I want to access pages over https (SSL). And i get this error (Zend Framework GData): Unable to find the socket transport "ssl" - enter code here did you forget to enable it when you configured PHP? So what i did. I went to php.ini and i uncomented the line extension=php_openssl.dll I also installed Win32 OpenSSL. But nothing works. What sould i do?

    Read the article

  • Mod_rewrite display subdomain.domain.com and call domain.com/subdomain/ for SSL

    - by Jeff H.
    I have a website secured by a standard SSL certificate, securing a few different shops under different subdirectories. Ex. domain.com/shop1/ The shops are also accessible via a subdomain e.g. shop1.domain.com. What I'm trying to accomplish: display shop1.domain.com to the user, while keeping all of the actual server calls as domain.com/shop1, so that the secure pages will continue to work properly. (Not sure if I'm using the proper language, exactly, I hope my point is clear.) To be clear: my SSL is working fine, and I don't need help with that, and I don't need or want to purchase a UCC cert. It can't be that difficult for anyone with experience with Apache. (I've spent 3 hours trying to learn about mod_rewrite. It's just not clicking.) I'm on a GoDaddy secure shared server, so please keep in mind that I'm not able to reset the server or anything.

    Read the article

  • LDAP over SSL/TLS working for everything but login on Ubuntu

    - by Oliver Nelson
    I have gotten OpenLDAP with SSL working on a test box with a signed certificate. I can use an LDAP tool on a Windows box to view the LDAP over SSL (port 636). But when I run dpkg-reconfigure ldap-auth-config to setup my local login to use ldaps, my login under a username in the directory doesn't work. If I change the config to use just plain ldap (port 389) it works just fine (I can login under a username in the directory). When its setup for ldaps I get Auth.log shows: Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: ldap_simple_bind Can't contact LDAP server Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: reconnecting to LDAP server... Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: ldap_simple_bind Can't contact LDAP server I will provide whatever are needed. I'm not sure what else to include. Thanx for any insights... OLIVER

    Read the article

  • Resolve a many-SSL-to-one IP for clients browsers that doesn't support SNI

    - by Emile
    Whoa, acronyms :) So according to this question you can have multiple SSL subdomains on one IP address as long as your server supports TLS (which Apache 2.2x does). Another answer to that question points out that the client browser must have SNI support to work, which IE doesn't have on Windows XP. So, what happens to people with that browser is a warning message saying that the SSL cert doesn't match the domain. Can one resolve this issue for those client browsers without SNI support? Does a wildcard (for subdomains) do the trick? Are there other (cheaper) options?

    Read the article

  • Logging Virus Definition Updates for MS Security Essentials in The Security Event Log

    - by Steve
    I would like to log a security in event in Windows 7 whenever the Microsoft Security Essentials 2 virus definition files are updates, deleted, or changed. I was expecting to do this with an Audit setting on one of the MS Security Essentials folders but I wasn't sure which one and how to avoid getting swamped with messages. What folder or files should I audit to track definition updates (or corruption) in the security events or is there a better approach?

    Read the article

  • MySQL query (over SSL) fails in IIS 7 using default AppPool identity

    - by Jon Tackabury
    I am trying to run a website locally in Windows 7 under IIS 7. I have the AppPool configured to use "Classic" mode, but connecting to a MySQL DB that requires SSL fails. If I change the identity to my user account it works perfectly. It fails when using the default "ApplicationPoolIdentity" account. Is there something I'm missing somewhere? Why would running a MySQL query over SSL fail for certain user accounts? Update: This is the exception that the MySQL Connector is throwing: "Reading from the stream has failed. Attempted to read past the end of the stream."

    Read the article

  • What program should I use for SSL stripping and re-encrypting

    - by Sparksis
    I'm trying to strip a HTTP over SSL connection down to SSL and then re-encrypt the channel (with a signed certificate(s) I can provide). Of course I want to be able to store captures of all the un-encrypted data. The purpose of this is to reverse engineer a HTTP handshake that is used by a SIP program on my machine. I've tried SSLstrip but it doesn't support what I need it too. Edit: I want something to this effect https://github.com/applidium/Cracking-Siri/blob/master/tcpProxy.rb only more generic and able to write to a pcap stream that wireshark will understand (I'm not sure if this does that). Edit2: upon further inspection this does not create pcap streams. I guess if need be I can write a compatible version but that is not the desired choice.

    Read the article

  • Nginx $scheme doesn't always work while using SSL for one specific page

    - by jjiceman
    I read and followed this question in order to configure nginx to force SSL for one page (admin.php for XenForo), and it is working well for a few of the site administrators but is not for myself. I was wondering if anyone has any advice on how to improve this configuration: ... ssl_certificate example.net.crt; ssl_certificate_key example.key; server { listen 80 default; listen 443 ssl; server_name www.example.net example.net; access_log /srv/www/example.net/logs/access.log; error_log /srv/www/example.net/logs/error.log; root /srv/www/example.net/public_html; index index.php index.html; location / { if ( $scheme = https ){ rewrite ^ http://example.net$request_uri? permanent; } try_files $uri $uri/ /index.php?$uri&$args; index index.php index.html; } location ^~ /admin.php { if ( $scheme = http ) { rewrite ^ https://example.net$request_uri? permanent; } try_files $uri /index.php; include fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS on; } location ~ \.php$ { try_files $uri /index.php; include fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS off; } } ... It seems that the extra information in the location ^~ /admin.php block is unecessary, does anyone know of an easy way to avoid duplicate code? Without it it skips the php block and just returns the php files. Currently it applies https correctly in Firefox when I navigate to admin.php. In Chrome, it downloads the admin.php page. When returning to the non-https website in Firefox, it does not correctly return to http but stays as SSL. Like I said earlier, this only happens for me, the other admins can go back and forth without a problem. Is this an issue on my end that I can fix? And does anyone know of any ways I could reduce duplicate configuration options in the configuration? Thanks in advance!

    Read the article

  • Small projects using the cathedral model: does open-source lower security?

    - by Anto
    We know of Linus' law: With enough eyeballs all bugs are shallow In general, people seem to say that open-source software is more secure because of that very thing, but... There are many small OSS projects with just 1 or 2 developers (the cathedral model, as described by ESR). For these projects, does releasing the source-code actually lower the security? For projects like the Linux kernel there are thousands of developers and security vulnerabilities are quite likely going to be found, but when just some few people look through the source code, while allowing crackers (black hat hackers) to see the source as well, is the security lowered instead of increased? I know that the security advantage closed-source software has over OSS is security through obscurity, which isn't good (at all), but it could help to some degree, at least by giving those few devs some more time (security through obscurity doesn't help with the if but with the when). EDIT: The question isn't whether OSS is more secure than non-OSS software but if the advantages for crackers are greater than the advantages for the developers who want to prevent security vulnerabilities from being exploited.

    Read the article

  • SSL Proxy: Forwarding without the encryption

    - by John
    I have a python application listening on port 9001 for HTTP traffic. I'm trying to configure Apache (or anything, really) to listen on port 443 for HTTPS connections, and then forward the connection, sans encryption, to port 9001 on the same machine. My application would then reply via the proxy, where the encryption would be reapplied, and returned to the client transparently. I'm not doing anything crazy with the site names and SSL certs, I have one public IP, one hostname, and one SSL cert. Stripping the encryption at the proxy doesn't seem to be a common requirement. Is what I'm asking for a normal requirement? Are there other concerns with this sort of configuration?

    Read the article

  • LDAP over SSL/TLS working for everything but login on Ubuntu

    - by Oliver Nelson
    I have gotten OpenLDAP with SSL working on a test box with a signed certificate. I can use an LDAP tool on a Windows box to view the LDAP over SSL (port 636). But when I run dpkg-reconfigure ldap-auth-config to setup my local login to use ldaps, my login under a username in the directory doesn't work. If I change the config to use just plain ldap (port 389) it works just fine (I can login under a username in the directory). When its setup for ldaps I get Auth.log shows: Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: ldap_simple_bind Can't contact LDAP server Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: reconnecting to LDAP server... Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: ldap_simple_bind Can't contact LDAP server I will provide whatever are needed. I'm not sure what else to include. Thanx for any insights... OLIVER

    Read the article

  • Chrome is reporting GMail has Invalid Server Certificate, how do I find out who's fiddling with my certs?

    - by chillitom
    Chrome is giving the following warning when ever I try and visit GMail or a bunch of other SSL sites. Invalid Server Certificate You attempted to reach mail.google.com, but the server presented an invalid certificate. You cannot proceed because the website operator has requested heightened security for this domain. This is the certificate the Chrome reports as invalid: -----BEGIN CERTIFICATE----- MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0 ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0 cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3 dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3 fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A= -----END CERTIFICATE----- I think someone or something (proxy, anti-virus, browser extension) is snooping on my SSL traffic. How can I determine who/what is doing this?

    Read the article

  • Azure VM with many IPs or SSL certificates

    - by timmah.faase
    I am looking to move our hosting environment to Azure and by doing so have created a sandpit VM to figure things out. We host around 300-400 websites in IIS and about 2% of these sites have unique, non wildcard certificates all requiring a unique public IP in our current setup. Can you get a range of IPs pointing to 1 VM/Endpoint? Or is it possible to create an SSL proxy? I've never created an SSL proxy but like the idea of it. I'd need advise here on how to proceed if this is the best option. Sorry if this has been answered! Sorry also if my question isn't worded eloquently.

    Read the article

  • Stairway to SQL Server Security: Level 1, Overview of SQL Server Security

    The ubiquity of databases and the potentially valuable information stored in them makes them attractive targets for people who want to steal data or harm its owner by tampering with it. Making sure that your data is secure is a critical part of configuring SQL Server and developing applications that use it to store data. 12 must-have SQL Server toolsThe award-winning SQL Developer Bundle contains 12 tools for faster, simpler SQL Server development. Download a free trial.

    Read the article

  • Heroku SSL: Pem is invalid / Key doesn't match the Pem certificate

    - by Jane
    I bought a Gandi.net SSL certificate and I'm following this tutorial. I created the key file. then transformed it to CSR then added it to Gandi website and waited for the CRT. then removed the password from the key === result : [FINAL KEY] then merged the CRT and the FINAL KEY into one file == result : [FINAL PEM] then heroku ssl:add final_pem final_key --app app_name and... got Pem is invalid / Key doesn't match the Pem certificate. I tried 3 times and I really don't know what's going one. Can you help ?

    Read the article

  • What do I need for SSL?

    - by Ency
    Hi guys, just a quick question, I'm kind of confused. I've had set-up my own certification authority and I can create requests and signed them. But, I'm not sure, what I need to give to Apache, currently I've got: CA Private key CA Certificate Website Private key Website Certificate Website Certificate Request (I think I do not need it, but just to be clear) Until today I was using snakeoil certificate, but I've decided to have more SSL services, than CA looks as good solution, so my Apache was configured well, but now I am not sure what I shall provide to apache in following rules: SSLCertificateKeyFile /path/to/Website Private Key SSLCertificateFile /path/to/CA Certificate But than I got [Mon Dec 27 12:09:33 2010] [warn] RSA server certificate CommonName (CN) `EServer' does NOT match server name!? [Mon Dec 27 12:09:33 2010] [error] Unable to configure RSA server private key [Mon Dec 27 12:09:33 2010] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch Something tells me than the warning is quite weird, because "EServer" is a common name of CA, so I think I shall not use CA Certificate in SSLCertificateFile, shall I? Do I need to create Certificate from Website private key or something else?

    Read the article

  • How can I sign my server with an SSL certificate

    - by Saif Bechan
    I have a dedicated server and I want to use one domain name for default entrance to the system. My system is Apache 2 on CentOS 5.4. Lets says the domain name is mydomain.com. I have also bought an SSL certificate and installed it to work with this default domain. Still when I restart Apache I get the following error message: [Sat May 01 02:21:22 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Sat May 01 02:21:22 2010] [warn] RSA server certificate CommonName (CN) `mydomain.com' does NOT match server name!? Does anyone have an idea how I can remove this message. I have the server, domain name, and ssl key.

    Read the article

  • Prevent IIS7 HTTPS from binding to all SSL IP addresses

    - by robpaveza
    I've had this interesting problem with IIS7. I have a number of HTTPS sites in IIS7. That hasn't been a problem, until I wanted to go and set up VisualSVN Server using an SSL certificate. The installer had trouble starting the service. When I looked in the event log, the error was that "the file is already in use by another process." I figured that the "file" was really a socket, and checked with netstat - even though IIS was only bound to three specific IP addresses (.160, .156, and .168) with port 443, it was consuming *:443. I could stop the World Wide Web Publishing Service, start VisualSVN, and then start IIS, but then none of my SSL servers would start. Any helpful hints about how I could make IIS not try to default-bind to *:443? Thanks!!

    Read the article

  • SSL FTP fails on Windows 7 but not Windows XP clients

    - by Andrew Neely
    We currently use a free SSL-FTP client called Move-It-Freely to transmit data from a custom data entry program at over forty facilities scattered around the state to our central server. Under XP, it works flawlessly. Some facilities have upgraded to Windows 7. On these machines, uploads (transfers to us) work, downloads (transfers from us to them) fail. Replacing the Windows 7 machine with an XP machine solves the problem. We have also verified that the network firewall settings have not changed. This problem persists even if Windows firewall is not running. We were able to remote into one of the Windows 7 machines to verify that the Windows firewall was indeed turned off. We cannot replicate the problem on our own Windows 7 machines, and are at a loss of how to fix this feature for our customers. The data contain health-related information, and needs to be encrypted (hence SSL-FTP.) Despite hours spent on Google, we cannot find a solution.

    Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >