Search Results

Search found 7249 results on 290 pages for 'https everywhere'.

Page 27/290 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • What is the proper HTTP response to send for requests that require SSL

    - by dasil003
    I'm designing an RESTful API where some calls are public over HTTP, and some require an API key and encryption over HTTPS. I'm deliberating on what response code should be sent if an HTTP request is sent to one of the private resources. So far the only one that jumps out at me is 412 - Precondition Failed, but the standard indicates that the precondition is imposed by the requester not the server. Is there an appropriate response code for this condition or do I just need to give in and do 400?

    Read the article

  • Using // in a <script>'s source

    - by Dan Beam
    Hello fellow front-end web h4X0|2s, I was wondering if anyone had any resources, proof, or personal experience in using the age-old http/https JavaScript hack: <script src="//someserver.com/js/script.js"></script> Has anyone encountered issues in any of these browsers (IE 5.5+, FF2+, Chrome, Opera 9+, Safari 3+)? Has anybody had success stories? Thank you for your help.

    Read the article

  • Apache2 VirtualHost Configuration with SSL

    - by Peter
    Hello! I'm new here and I have a strange problem which needs to be solved. Previously I searched in the whole forum and I've read all of related questions but I didn't find solution to my question. We have two servers and a firewall computer. On the Server#1 there is an Apache 2.2 web server and it forwards the incoming traffic to the appropriate ports, to our subdomains by its virtual host configuration (Apache, Tomcat, IIS, Server#2 and so on). We recently bought an SSL certificate to protect one of our subdomain. I successfully installed and configured the certificate into the Apache and it works flawlessly within our local network. Our Kerio Winroute Firewall is configured to permit https traffic and it is translated to Server#1. But all of our subdomains are unavailable from outside (http & https too). Web browser shows "Failed to connect" message. Now, I enclose some parts from our httpd.conf and httpd-vhosts.conf file. httpd.conf ServerRoot "C:/Program Files/Apache Software Foundation/Apache2.2" Listen 80 ServerName dev.mydomain.hu:80 DocumentRoot "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs" LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-vhosts.conf <IfModule ssl_module> SSLMutex default SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLSessionCache none </IfModule> httpd-vhosts.conf NameVirtualHost *:80 NameVirtualHost *:443 Listen 443 <VirtualHost *:80> DocumentRoot "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs" ServerName localhost </VirtualHost> #-------EXCHANGE SERVER-------- <VirtualHost *:80> ServerName intra.mydomain.hu ProxyRequests Off ProxyVia On ProxyPass / http://myserver:8080/ ProxyPassReverse / http://myserver:8080/ <Proxy *:80> Order deny,allow Allow from all </Proxy> <Location /> Order allow,deny Allow from all </Location> ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/exchange.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/exchange_cust.log" common LogLevel info </VirtualHost> #--------FITNESSE SERVER------- <VirtualHost *:80> ServerName test.mydomain.hu ProxyRequests Off <Proxy *:80> Order deny,allow Allow from all </Proxy> ProxyPass / http://myserver:8004/ ProxyPassReverse / http://myserver:8004/ <Location /> AuthType Basic AuthName "FitNesse" AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/password" AuthGroupFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/pwgroup" require group Users Order allow,deny Allow from all </Location> ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/fitnesse.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/fitnesse_cust.log" common LogLevel info </VirtualHost> #----WIKI SERVER-----(SSL)- <VirtualHost *:80 *:443> ServerName wiki.mydomain.hu ServerAlias wiki.mydomain.hu SSLEngine On SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/cert/certificate.cer" SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/cert/wiki.itkodex.hu.key" ProxyRequests Off <Proxy *:80> Order deny,allow Allow from all </Proxy> ProxyPass / http://localhost:8000/ ProxyPassReverse / http://localhost:8000/ ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/wiki.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/wikicust.log" common LogLevel info </VirtualHost> Because this wiki is a JSPWIKI web application, runs on Apache Tomcat therefore there is no "DocumentRoot" parameter in the VirtualHost. Could anybody please help me, to solve this issue, or what should I modify in the configuration? Thanks in advance! Peter

    Read the article

  • IE8 Crashes Strangely on JavaScript Popup

    - by dkris
    Hi, I am facing a strange issue after the popup is created onclick. The popup opens up but hangs immediately on IE8 (works fine on all the other browsers including IE6). But on adding the alertbox as show in the JavaScript code, the popup works fine. I am using **https** and not **http** and i feel popup is not able to load the JS file because of SSL. Here is the how i am generating the onclick event: <a id="forgotPasswordLink" href="#" onclick="openSupportPage();"> Some Text </a> The onclick function is defined this way: function openSupportPage() { var features = "width=700,height=400,status=yes,toolbar=no,menubar=no,location=no,scrollbars=yes"; var winId = window.open('', '', features); winId.focus(); winId.document.open(); winId.document.write('<html><head><title>' + document.title + '</title><link rel="stylesheet" href="./css/default.css" type="text/css">\n'); var is_ie6 = ( window.external && typeof window.XMLHttpRequest == "undefined"); alert(is_ie6);/*The JS include below*/ /*works in popup only with this alert box.*/ /*else IE8 Hangs*/ winId.document.write('<script src="../js/tiny_mce/tiny_mce.js" type="text/javascript">Script_IE8</script>\n'); winId.document.write('<script type="text/javascript">\n'); winId.document.write('function inittextarea() {\n'); winId.document.write('tinyMCE.init({ \n'); winId.document.write('elements : "content",\n'); winId.document.write('theme : "advanced",\n'); winId.document.write('readonly : true,\n'); winId.document.write('mode : "exact",\n'); winId.document.write('theme : "advanced",\n'); winId.document.write('readonly : true,\n'); winId.document.write('setup : function(ed) {\n'); winId.document.write('ed.onInit.add(function() {\n'); winId.document.write('tinyMCE.activeEditor.execCommand("mceToggleVisualAid");\n'); winId.document.write('});\n'); winId.document.write('}\n'); winId.document.write('});}</script>\n'); winId.document.write('</head><body onload="inittextarea()">\n'); winId.document.write(' \n'); var hiddenFrameHTML = document.getElementById("HiddenFrame").innerHTML; hiddenFrameHTML = hiddenFrameHTML.replace(/&amp;/gi, "&"); hiddenFrameHTML = hiddenFrameHTML.replace(/&lt;/gi, "<"); hiddenFrameHTML = hiddenFrameHTML.replace(/&gt;/gi, ">"); winId.document.write(hiddenFrameHTML); winId.document.write('<textarea id="content" rows="10" style="width:100%">\n'); winId.document.write(document.getElementById(top.document.forms[0].id + ":supportStuff").innerHTML); winId.document.write('</textArea>\n'); var hiddenFrameHTML2 = document.getElementById("HiddenFrame2").innerHTML; hiddenFrameHTML2 = hiddenFrameHTML2.replace(/&amp;/gi, "&"); hiddenFrameHTML2 = hiddenFrameHTML2.replace(/&lt;/gi, "<"); hiddenFrameHTML2 = hiddenFrameHTML2.replace(/&gt;/gi, ">"); winId.document.write(hiddenFrameHTML2); winId.document.write('</body></html>\n'); winId.document.close(); } Please help me on this one. I could provide more information on this if needed. I have referred to these posts already: http://stackoverflow.com/questions/776639/problem-of-import-js-file-in-https-page-in-ie8 http://stackoverflow.com/questions/2597289/force-browser-modeie8-and-document-modeie8-standards Additional Information: Screen shot of the page Rendered HTML Original JSPF

    Read the article

  • Adding HTTPS capability to WAMPSERVER 2

    - by abel
    I have WampServer 2 installed on my WinXP Pro SP3 box, Apache 2.2.11 with ssl module enabled, which runs the comnpanies intranet website. http://www.akadia.com/services/ssh_test_certificate.html gives some pointers of generating a self signed certificate. But I encounter a error while running through the example openssl genrsa -des3 -out server.key 1024 where openssl.exe is located under C:\wamp\bin\apache\Apache2.2.11\bin The error code that gets generated is 4828:error:02001015:system library:fopen:Is a directory:.\crypto\bio\bss_file.c: 126:fopen('d:/test/openssl098kvc6/openssl.cnf','rb') 4828:error:2006D002:BIO routines:BIO_new_file:system lib:.\crypto\bio\bss_file.c :131: 4828:error:0E078002:configuration file routines:DEF_LOAD:system lib:.\crypto\con f\conf_def.c:199: Where am I going wrong?

    Read the article

  • Basic IPTables setup for OpenVPN/HTTP/HTTPS server

    - by Afronautica
    I'm trying to get a basic IPTables setup on my server which will allow HTTP/SSH access, as well as enable the use of the server as an OpenVPN tunnel. The following is my current rule setup - the problem is OpenVPN queries (port 1194) seemed to be getting dropped as a result of this ruleset. Pinging a website while logged into the VPN results in teh response: Request timeout for icmp_seq 1 92 bytes from 10.8.0.1: Destination Port Unreachable When I clear the IPTable rules pinging from the VPN works fine. Any ideas? iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables -A INPUT -p tcp --dport 1194 -j ACCEPT iptables -A FORWARD -p tcp --dport 1194 -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT iptables -A INPUT -j REJECT iptables -A FORWARD -j REJECT

    Read the article

  • Configuring WCF 4 with routing (global.asax) for both http & https endpoints

    - by jammer59
    I'm still a newbie with wcf and not too well informed in .net in general. I have a WCF 4 web service that uses the global.asax routing approach and very simplified web.config using the standard endpoint method. This wcf service runs as an application with the default web site on iis 7.5 at present. I need it support both http and https interfaces, if possible. If that's too complex then only https. How is that best handled maintaining the current approach? The contents of the global.asax.cs and web.config files are pretty basic: public class Global : HttpApplication { void Application_Start(object sender, EventArgs e) { RegisterRoutes(); } private void RegisterRoutes() { // Edit the base address of Service1 by replacing the "ippay" string below RouteTable.Routes.Add(new ServiceRoute("myservice", new WebServiceHostFactory(), typeof(myservice))); } } <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/> <standardEndpoints> <webHttpEndpoint> <standardEndpoint name="" helpEnabled="true" contentTypeMapper="myservice.Util.RawMapper,myservice"> </standardEndpoint> </webHttpEndpoint> </standardEndpoints>

    Read the article

  • SSLException: Received fatal alert: certificate_unknown - what does it mean?

    - by user338154
    Hi, I am getting the "javax.net.ssl.SSLException: Received fatal alert: certificate_unknown" error when attempting to send a HTTPS message. I believe the message is due to the endpoint not recognising the sent certificate or is rejecting it. But I want to be doubly sure this is a server issue and not a local client issue before I go barking up the wrong tree with my error analysis. Can you guys please clarify the meaning of this error (google isn't helping much) and whether it is client or endpoint server related. FYI: I am using Websphere Application Server 6.1 Thanks

    Read the article

  • htaccess redirect http to https on a magento site

    - by joesalvator
    I have a magento site and i need to have it redirect to https, i have the cert installed but i am not sure how to mod the htaccess file? here is a copy of the root htaccess file thanks # uncomment these lines for CGI mode make sure to specify the correct cgi php binary file name it might be /cgi-bin/php-cgi Action php5-cgi /cgi-bin/php5-cgi AddHandler php5-cgi .php # GoDaddy specific options Options -MultiViews you might also need to add this line to php.ini cgi.fix_pathinfo = 1 if it still doesn't work, rename php.ini to php5.ini # this line is specific for 1and1 hosting #AddType x-mapp-php5 .php #AddHandler x-mapp-php5 .php # default index file DirectoryIndex index.php # adjust memory limit php_value memory_limit 64M php_value memory_limit 128M php_value max_execution_time 18000 # disable magic quotes for php request vars php_flag magic_quotes_gpc off # disable automatic session start before autoload was initialized php_flag session.auto_start off # enable resulting html compression #php_flag zlib.output_compression on # disable user agent verification to not break multiple image upload php_flag suhosin.session.cryptua off # turn off compatibility with PHP4 when dealing with objects php_flag zend.ze1_compatibility_mode Off # disable POST processing to not break multiple image upload SecFilterEngine Off SecFilterScanPOST Off # # Insert filter on all content ###SetOutputFilter DEFLATE # Insert filter on selected content types only #AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript # Netscape 4.x has some problems... #BrowserMatch ^Mozilla/4 gzip-only-text/html # Netscape 4.06-4.08 have some more problems #BrowserMatch ^Mozilla/4\.0[678] no-gzip # MSIE masquerades as Netscape, but it is fine #BrowserMatch \bMSIE !no-gzip !gzip-only-text/html # Don't compress images #SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary # Make sure proxies don't deliver the wrong content #Header append Vary User-Agent env=!dont-vary # make HTTPS env vars available for CGI mode SSLOptions StdEnvVars # enable rewrites Options +FollowSymLinks RewriteEngine on # you can put here your magento root folder path relative to web root #RewriteBase /magento/ # workaround for HTTP authorization in CGI environment RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] # always send 404 on missing files in these folders RewriteCond %{REQUEST_URI} !^/(media|skin|js)/ # never rewrite for existing files, directories and links RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-l # rewrite everything else to index.php RewriteRule .* index.php [L] # Prevent character encoding issues from server overrides If you still have problems, use the second line instead AddDefaultCharset Off #AddDefaultCharset UTF-8 # s ExpiresDefault "access plus 1 year" # By default allow all access Order allow,deny Allow from all

    Read the article

  • WCF Manual SOAP POST using HttpWebRequest over https with Usertoken

    - by VonBlender
    Hi, I'm writing a client that calls a number of WCF webservices (written externallyt to my company) that are very similar in structure. The design I was hoping to use is to manually build the SOAP message from XML chunks that are stored in a database and then processed through a generic web service handler class. I have access to the WSDL's for each webservice and example working XML. The design approach is such that we can easily add to the message dynamically, hence the reason for not using the auto generated proxy classes I am basically at the last part now with the entire SOAP message constructed but am getting a SOAP fault security error returned. I have used fiddler to compare the message I'm sending with one that is sent using the normal (far simpler...) WCF generated proxy classes and can't see any difference apart from the id attribute of the Usertoken element in the SOAP header. This is where my lack of experience in this area isn't helping. I think this is because the id is generated automatically (presumably because we're using https). My question is how do I generate this programatically? I have searched for hours online but the majority of solutions are either using the proxy classes or not over https. I have briefly looked at WCE but aware this is replaced by WCF now so don't want to waste time looking into this if it's not the solution. Any help with this would be greatly appreciated. I can post some code examples when I'm back in work if it will help but the method I'm using is very straightforward and only using XElements and such like at the moment (as we're using linq to sql). thanks, Andy

    Read the article

  • HttpClient 4 SSL and client side certificates

    - by Luke
    Hi All, I am having trouble working out how I can get get HttpClient 4 to use SSL in the way I need. I have X https servers that I send requests to. One requires a client side certificate while the others have trusted certificates and therefore require no client side certificate. I have no issue connecting to the server requiring the client side certificate (its in my keystore), however every time I try to connect to the servers with trusted certificates, my client side certificate is offered by HttpClient and therefore fails authentication. My question is this: is there a way for HttpClient to offer the client side certificate only to the server requiring it and not to the others? Thanks in advance, Luke

    Read the article

  • imagegrabwindow + https = black screen

    - by earls
    I'm doing something stupid and trying to capture thumbnails, snapshots, images of a html webpages. I'm doing something along the lines of: http://stackoverflow.com/questions/443837/how-might-i-obtain-a-snapshot-or-thumbnail-of-a-web-page-using-php DCOM + IE + PHP (imagegrabwindow; example from manual) Everything works PERFECT until I try to capture a HTTPS website... https://mail.google.com for example. imagegrabwindow produces a png, but it only shows the browser. the contents of the browser are black. If I log out of Google, I can capture the browser window and the contents thereof - the second I log in, the contents (not the browser frame) are black screen. Yes, I've increased the timeout (before closing the browser window). IE has clearly loaded the page, it just refuses to render for imagegrabwindow. I've been fighting this long enough I know it's either a permissions problem or a service needs to interact with the desktop. Does anyone have any clue what permissions need to be set or which service needs access? I assumed cryptographic services, but that's run as a network service and trying to change it to interact makes it shout and carry on. This is the last piece of the puzzle, I'd really like to get it working. Thank you!

    Read the article

  • https not redirecting to mongrel upstream

    - by kip
    Normal http is working fine for me with nginx and mongrel, however when i attempt to use https I am directed to the "welcome to nginx page". http { # passenger_root /opt/passenger-2.2.11; # passenger_ruby /usr/bin/ruby1.8; include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; upstream mongrel { server 00.000.000.000:8000; server 00.000.000.000:8001; } server { listen 443; server_name domain.com; ssl on; ssl_certificate /etc/ssl/localcerts/domain_combined.crt; ssl_certificate_key /etc/ssl/localcerts/www.domain.com.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; # ssl_prefer_server_ciphers on; location / { root /current/public/; index index.html index.htm; proxy_set_header X_FORWARDED_PROTO https; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://mongrel; } } }

    Read the article

  • ASIHTTPRequest - HTTPS

    - by Tejaswi Yerukalapudi
    Does ASIHTTPRequest support HTTPS connections? My connection right now works for a HTTP connection and errors if I try a HTTPS Connection. (Goes into requestFailed and gives me a ASIHTTPErrorRequestDomain) -(void) getPatientsList { av.hidden = NO; [av startAnimating]; NSString *urlString = [IP stringByAppendingString:@"Method1"]; NSURL *url = [NSURL URLWithString:urlString]; ASIFormDataRequest *request = [ASIFormDataRequest requestWithURL:url]; NSLog(@"URL = %@",url); [request setRequestMethod:@"POST"]; [request setPostValue:@"val1" forKey:@"key1"]; [request setPostValue:@"val2" forKey:@"key2"]; [request setDelegate:self]; [request startAsynchronous]; } - (void)requestFinished:(ASIHTTPRequest *)request { // Use when fetching text data //NSString *responseString = [request responseString]; // Use when fetching binary data NSData *responseData = [request responseData]; [self parsePatients:responseData]; [av stopAnimating]; av.hidden = YES; } - (void)requestFailed:(ASIHTTPRequest *)request { NSError *error = [request error]; [av stopAnimating]; av.hidden = YES; } Thanks, Teja

    Read the article

  • https google urlshortener request missing body

    - by Peter
    Hi, Just trying to get the new API for the goo.gl URL shortening service working on my iPhone, following the instructions on http://code.google.com/apis/urlshortener/v1/getting_started.html I'm set up and the API is enabled etc., but when I send a request in the recommended format: POST https://www.googleapis.com/urlshortener/v1/url Content-Type: application/json {"longUrl": "http://www.google.com/"} I get an error returned. The error is exactly the one listed on that page in the errors section for if you haven't passed in a longURL param. This makes me think that I'm not setting up the body of the POST request properly. Here's the code if you have any pointers... NSString *longURLString=@"http://www.stackoverflow.com"; NSString *googlRequestString=@"https://www.googleapis.com/urlshortener/v1/url"; NSMutableURLRequest *request=[NSMutableURLRequest requestWithURL:[NSURL URLWithString:googlRequestString]]; [request setHTTPMethod:@"POST"]; [request addValue:@"application/json" forHTTPHeaderField:@"Content-Type:"]; NSString *bodyString=[NSString stringWithFormat:@"{\"longUrl\": \"%@\"}",longURLString]; [request setHTTPBody:[bodyString dataUsingEncoding:NSUTF8StringEncoding]]; NSURLResponse *theResponse; NSError *error=nil; NSData *receivedData=[NSURLConnection sendSynchronousRequest:request returningResponse:&theResponse error:&error]; NSString *receivedString=[[NSString alloc] initWithData:receivedData encoding:NSUTF8StringEncoding]; NSLog(@"Received data: %@",receivedString); [receivedString release]; The NSLog returns: Received data: { "error": { "errors": [ { "domain": "global", "reason": "required", "message": "Required", "locationType": "parameter", "location": "resource.longUrl" } ], "code": 400, "message": "Required" } } which is exactly what Google says you get if you have not passed a longUrl parameter.... My guess is I'm missing something very obvious here :-) P

    Read the article

  • Can't connect to HTTPS using X509 client certificate

    - by wows
    Hi - I'm new to cryptography and I'm a bit stuck: I'm trying to connect (from my development environment) to a web service using HTTPS. The web service requires a client certificate - which I think I've installed correctly. They have supplied me with a .PFX file. In Windows 7, I double clicked the file to install it into my Current User - Personal certificate store. I then exported a X509 Base-64 encoded .cer file from the certificate entry in the store. It didn't have a private key associate with it. Then, in my app, I'm attempting to connect to the service like this: var certificate = X509Certificate.CreateFromCertFile("xyz.cer")); var serviceUrl = "https://xyz"; var request = (HttpWebRequest) WebRequest.Create(serviceUrl); request.ClientCertificates.Add(certificate); request.Method = WebRequestMethods.Http.Post; request.ContentType = "application/x-www-form-urlencoded"; I get a 502 Connection failed when I connect. Is there anything you can see wrong with this method? Our production environment seems to work with a similar configuration, but it's running Windows Server 2003. Thanks!

    Read the article

  • ASP.NET Request.ServerVariables["SERVER_PORT_SECURE"] and proxy SSL by load balancer

    - by frankadelic
    We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required. This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed. Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assume for the purposes of this question that this is a requirement). The consequence would be that all requests appear as HTTP to the web server. My question: how can we let the web servers known that the incoming connection was secure before it hit the load balancer? Can we continue to use Request.ServerVariables["SERVER_PORT_SECURE"]? Do you know of a load balancer config that will send headers so that no application code changes are needed?

    Read the article

  • Android WebView Authentication

    - by bobthemac
    I am having issues with authentication for my webview I have a https address that requires authentication but it isn't basic authentication. When I access chrome on my phone and go to this site I get a dialogue box that asks me for a username and password I want to do something similar but all the attempts at authentication I have made have failed using the what I have found as they all seem to be for basic authentication and I don't think this is what it is. any help is appreciated, sorry if this is duplicate but I have looked and found nothing similar .

    Read the article

  • How to add a Web Reference to a SSL web service?

    - by Matt W
    Hi, I have a web service in a C#/3.5 project which has been running fine. This is until I set the "SSL port" in IIS to 443 and set the "IIS - Directory Security - Secure Communications - Require secure channel (SSL)" option to true. Now, the web reference cannot be updated and I cannot add a new web reference to the web service in that site. When I try to view the service in a browse using just HTTP I get the "This page must be viewed over a secure channel" and when viewed with HTTPS on the front I get "This web page not available." Could someone tell me how to get a Web Reference added using Visual Studio to this secure web service, please? Thanks, Matt.

    Read the article

  • how to handle CONNECT http request

    - by davidshen84
    hi, i want to implement a simple web server for my self. i can handle GET and POST request now. but i have no idea what to do with CONNECT request. CONNECT request is send when the client is going to access a https site. according to http://muffin.doit.org/docs/rfc/tunneling_ssl.html, it says i should response '200 Connection established'. but i got 'A TLS packet with unexpected length was received' on the client. the wiki described about the ssl handshake protocol, but it did not mention how to implement it.

    Read the article

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >