ssl keys - Page 31 - Developer IT

ASP.NET MVC SSL POST Error

- by RyanFetz

I have a Logon page in a MVC (1.0) application that I am securing with SSL, I have an attribute that inspects the request for the page and redirects to a https uri when it is requested with http. This all works, however when I post the form content i get the following error: The parameters dictionary contains a null entry for parameter 'rememberMe' of non-nullable type 'System.Boolean' for method 'System.Web.Mvc.ActionResult LogOn(System.String, System.String, Boolean, System.String)' in 'DAC.US.Web.Portal.Controllers.AccountController'. To make a parameter optional its type should be either a reference type or a Nullable type. Parameter name: parameters here is the controller code... // // GET: /Account/LogOn [RequiresSSL] public ActionResult LogOn(string ReturnUrl) { if (TempData["Message"] != null) ViewData["Message"] = TempData["Message"]; TempData["Message"] = null; ViewData["ReturnUrl"] = ReturnUrl ?? "/Home"; return View(); } Again, the RequireSSL Attribute works, but the POST from that SSL uri does not. What is not working?

Read the article

Enabling SSL Requests on Jdev's Integrated Weblogic

- by Christian David Straub

Often times you will want to enable SSL access for such things as secure login or secure signup. By default, the integrated WLS that ships with JDev does not listen to SSL requests. However, this is easily fixed.Just navigate to http://127.0.0.1:7101/console. This will deploy the console app where you can configure WLS. By default the login credentials are:username: weblogicpassword: weblogic1Then go to Environment -> Servers -> DefaultServer. Check the "SSL Listen Port Enabled" box and your server will now listen to SSL requests (just make sure to use the listen port that is specified).For added security, you can always check while processing your request that it is going through an SSL connection by first checking HttpServletRequest.isSecure().

Read the article

How can I prevent HTTPS on another domain from wrongly showing on my HTTP-only domain?

- by Earlz

So, I have a blog at domain.com. This blog is HTTP-only because I would gain almost nothing from adding SSL support. I have a web service now that I want to enable SSL support on that runs on the same server and IP address as my blog. I got it all working pretty easily, but not if I go to https://domain.com I will see a huge warning about an SSL certificate error and then if I click "ok" through the warning, I'll see the web service with SSL support, not my blog. My biggest fear with this scheme is Google indexing an HTTPS version of it and penalizing my blog because the content between the two doesn't match. How can I somehow for my blog's domain to either not serve anything on HTTPS, or to redirect back to my HTTP blog, or to serve my blog, but with an invalid SSL certificate? What can I do, preferably without buying another dedicated IP for my website?

Read the article

IMAP + TLS/SSL with synapse ?

- by azera

i'm currently trying to add to a software the capability to list unread emails in the user's inbox using imap. After having no success at all using indy10, I discovered synapse which seemed better for what I needed, but I can't find a way to get it working. My problem is with the login (thus I think with the ssl configuration), I can't find a working combination of "FullSSL", "Sock.SSL.SSLType" and "AutoTLS", whetever I do the "Login()" function fails. For the sake of testing, is any of you able to connect to gmail's imap server using synapse, and if yes how ?

Read the article

Basics for implementing SSL on PHP Website

- by KoolKabin

Hi guys, I am here as a developer of a website. My website got different modules among which one function is to process credit card. In order to process credit card I need to implement SSL layer and process the pages. For rest of modules the SSL is optional. Now my points are: 1.) Is the location of file for http and https same? 2.) Can the session of http and https be shared? this is required as i need user login information and cart item information.

Read the article

ASP.NET Request.ServerVariables["SERVER_PORT_SECURE"] and proxy SSL by load balancer

- by frankadelic

We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required. This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed. Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assume for the purposes of this question that this is a requirement). The consequence would be that all requests appear as HTTP to the web server. My question: how can we let the web servers known that the incoming connection was secure before it hit the load balancer? Can we continue to use Request.ServerVariables["SERVER_PORT_SECURE"]? Do you know of a load balancer config that will send headers so that no application code changes are needed?

Read the article

SSL certificate selection based on host-header: is it possible?

- by DrStalker

Is it possible for a web server to select an SSL certificate to use based on the host-header of the incoming connection, or is that information that is only available after the SSL connection is established? That is, can my webserver listed on port 443 and use the foo.com certificate if https://foo.com is requested, and the bar.com certificate if https://bar.com is requested or am I trying to do something impossible because the server has to establish an SSL connection before it knows what the client wants?

Read the article

Programmatically adding a trusted cert in Java

- by directedition

I use SSL to communicate between two components written in Java. I can't use a CA, so I have to self-sign everything. Unfortunately, this means that when I try to handshake, I get a SunCertPathBuilderException. I can create my own X509TrustManager that just trusts everything, but that sort of defeats the purpose of having a signed cert. I would like, when first making the connection, to prompt the user with "SSL handshake with invalid cert. Add cert to store?" or something so they could have it added for them to their certificate store, like web browsers do at sites with invalid certs. I can find plenty of examples online of adding a cert to the store through the commandline, but I can't figure out how to do it programmatically. Is there a way to do this?

Read the article

Rabbitmq 2.2 not working on Snow Leopard (SSL errors)

- by ebeland

When I start rabbitmq, I see the following message. I have Activating RabbitMQ plugins ... WARNING Undefined function crypto:des3_cbc_decrypt/5 WARNING Undefined function crypto:start/0 WARNING Undefined function ssl:close/1 WARNING Undefined function ssl:controlling_process/2 WARNING Undefined function ssl:peercert/1 WARNING Undefined function ssl:peername/1 WARNING Undefined function ssl:recv/3 WARNING Undefined function ssl:send/2 WARNING Undefined function ssl:sockname/1 WARNING Undefined function ssl:ssl_accept/3 0 plugins activated: I followed the advice here to install openssl and recompile erlang with a --with-ssl path set: http://old.nabble.com/2.1.1%3A-no-such-file-or-directory-crypto.app-message-prevents-broker-from-starting-td30011026.html When I recompiled erlang, I used the following .configure: ./configure \ --prefix=/usr/local/erlang/R13B04 \ --enable-smp-support \ --enable-threads \ --enable-darwin-64bit \ --with-ssl=/usr/include/openssl It compiled fine. Then, just in case, I reinstalled rabbit from macports. I still get the error. Am I using the wrong path for --with-ssl? Help?

Read the article

Should I anticipate any problems trying to use the same SSL Cert on 2 computers (primary, backup)?

- by Matt

We have a production machine running IIS6 with a wildcard SSL certificate. The certificate that was installed is not exportable. We want to upgrade the system to IIS7. As part of this venture, we're creating a backup/failover server that will serve the exact same websites - when we take the primary down for upgrade, the secondary will take over. As such, the secondary also needs the SSL certificate. However, since the certificate was not exportable, this means re-keying it from Go Daddy. Per http://help.godaddy.com/article/867, I know that by re-keying the certificate the original will stop working. I'm still pretty new to SSL certificates, so are there any problems I should anticipate when installing the same SSL certificate on 2 different machines?

Read the article

Retrieve SSL session id in asp.net

- by Tim Mahy

Hi all, is there any way to retrieve the SSL session Id serverside in asp.net? thanks in advance and greetings Tim

Read the article

How do I force SSL for some URLs and force non-SSL for all others?

- by brad

I'd like to ensure that certain URLs on my site are always accessed via HTTPS while all other URLs are accessed via HTTP. I can get either case working in my .htaccess file, however if I enable both, then I get infinite redirects. My .htaccess file is: <IfModule mod_expires.c> # turn off the module for this directory ExpiresActive off </IfModule> Options +FollowSymLinks AddHandler application/x-httpd-php .csv RewriteEngine On RewriteRule ^/?registration(.*)$ /register$1 [R=301,L] # Force SSL for certain URL's RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} (login|register|account) RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # Force non-SSL for certain URL's RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !(login|register|account) RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # Force files ending in X to use same protocol as initial request RewriteRule \.(gif|jpg|jpeg|jpe|png|ico|css|js)$ - [S=1] # Use index.php as the controller RewriteCond %{REQUEST_URI} !\.(exe|css|js|jpe?g|gif|png|pdf|doc|txt|rtf|xls|swf|htc|ico)$ [NC] RewriteCond %{REQUEST_URI} !^(/js.*)$ RewriteRule ^(.*)$ index.php [NC,L]

Read the article

SSL in overlay window for login

- by Sourabh

HI I have to implement login over SSL in my website. for example cloginForm - this is the form https://www.myweb.com/loginProcess - this is the action which process the form -authenticates user. I am able to do this with usual web form but the problem is the overlay dialog box for login for example if I am on my website home page http://www.myweb.com - notice http and I click a login link there , it shows a small html div with login form (like a litebox).now ,as I am on a non SSL page (http) the data which I post does not get encrypted,and posted to the process action. How do I get around with this so that my overly login also becomes secure. thanks for your help in advance. :)

Read the article

Security & Authentication: SSL vs SASL

- by 4herpsand7derpsago

My understanding is that SSL combines an encryption algorithm (like AES, DES, etc.) with akey exchange method (like Diffier-Hellman) to provide secure encryption and identification services between two endpoints on an un-secure network (like the Internet). My understanding is that SASL is an MD5/Kerberos protocol that pretty much does the same thing. So my question: what are the pros/cons to choosing both and what scenarios make both more preferable? Basically, I'm looking for a guidelines to follow when choosing SSL or to go with SASL instead. Thanks in advance!

Read the article

dovecot main process terminated with status 89

- by G. He

I'm trying to configure dovecot/imap to run without SSL. I set ssl = no in 10-ssl.conf in /etc/dovecot/conf.d. However, with this setting, dovecot dies right away when it is started. I checked the log file and found the following: dovecot main process (4895) terminated with status 89 What does it mean? Is there a way for dovecot to run without ssl? The reason I do NOT want ssl is that my outlook complains the certificate cannot be verified. It is really annoying. And I only run the server on a very small lan and don't need that extra security.

Read the article

Procedure to renew SSL certificate for custom java web server

- by yogsma

Does anyone the process to renew SSL certificate for custom java web server?

Read the article

Use of WebDAV to access OWA (exchange 2003) mails with Basic authentication and SSL

- by Mayuresh

I have got a working C# code for accessing OWA mails using WebDAV against a FBA enabled exchange 2003 (http://support.microsoft.com/kb/891748/en-us/) But my client's OWA (exchange 2003) has Basic authentication and SSL (i-e when I try to access the web mail link through browser I get a grey login box instead of a web page I can log into the mail box once I enter the correct details) But my same fails with a 401 error against this mailbox. I got the simple request working for the Basic authentication using – String usernamePassword = strUserName + ":" + strPassword; WebReq.Headers.Add("Authorization", "Basic " + Convert.ToBase64String(new ASCIIEncoding().GetBytes(usernamePassword))); But the subsequent WebDAV SEARCH request fails with 404 (resource not found) error. Can we use WebDAV against an exchange 2k3 with SSL and Basic authentication?

Read the article

How we can implement ssl in drupal pages

- by THOmas

How we can implement ssl in drupal pages.I mean secure pages. Thanks in advance

Read the article

Tomcat SSL Configuration

- by bdares

I received a SSL cert to use for a Tomcat 6.0 server, ready to use. I configured Tomcat to use it with the following in server.xml: <Connector port="8443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="C:\Tomcat 6.0\ssl\cert" keystorePass="*****" clientAuth="false" sslProtocol="TLS"/> I started Tomcat using the command prompt so I could see any error message as they happened. There were none. The results for accessing different URLS: http://localhost - normal page loads fine https://localhost - browser claims page cannot be found https://localhost:8443 - page cannot be found http://localhost:8443 - offers a certificate, after accepted redirects to https://localhost (I suspect the https:// urls initially offer the certificate which is automatically accepted by the browser, as it was issued by Verisign) How to fix? Edit: I've also tried port="443". Same result.

Read the article

Is the location of SSH keys on Windows fixed?

- by user16654

I read an article: Determine whether you've already generated SSH keys which says that ssh in Windows, keys are in C:\Documents and Settings\userName\Application Data\SSH\UserKeys\ but I have found the keys to be in C:\Documents and Settings\userName\Application Data.SSH . Is there a setting to determine where to put these keys or am I reading the wrong documentation or what?

Read the article

Create automatically table that is composed by its primery key and 2 other foreign keys

- by user210481

I have table A with a primary id, a table B with a primary key id also and another table C with a primary key id and rows Aid and Bid where Aid and Bid are foreign keys of C and the primary keys of A and B respectively. One way of populating these DB would be populating table A, table B and table C separately. I would like to know if there is a more clever way of doing it, where I could populate A first and at the same time I populate B, I can indicate that an entry in C should be also created. Any idea and suggestion on how to populate them is welcome. I'm trying to take advantage of the foreign keys structure Thanks

Read the article

Working with foreign keys - cannot insert

- by Industrial

Hi everyone! Doing my first tryouts with foreign keys in a mySQL database and are trying to do a insert, that fails for this reason: Integrity constraint violation: 1452 Cannot add or update a child row: a foreign key constraint fails Does this mean that foreign keys restrict INSERTS as well as DELETES and/or UPDATES on each table that is enforced with foreign keys relations? Thanks! Updated description: Products ---------------------------- id | type ---------------------------- 0 | 0 1 | 3 ProductsToCategories ---------------------------- productid | categoryid ---------------------------- 0 | 0 1 | 1 Product table has following structure CREATE TABLE IF NOT EXISTS `alpha`.`products` ( `id` MEDIUMINT UNSIGNED NOT NULL AUTO_INCREMENT , `type` TINYINT(2) UNSIGNED NOT NULL DEFAULT 0 , PRIMARY KEY (`id`) , CONSTRAINT `prodsku` FOREIGN KEY (`id` ) REFERENCES `alpha`.`productsToSku` (`product` ) ON DELETE CASCADE, ON UPDATE CASCADE) ENGINE = InnoDB;

Read the article

Backup those keys, citizen

- by BuckWoody

Periodically I back up the keys within my servers and databases, and when I do, I blog a reminder here. This should be part of your standard backup rotation – the keys should be backed up often enough to have at hand and again when they change. The first key you need to back up is the Service Master Key, which each Instance already has built-in. You do that with the BACKUP SERVICE MASTER KEY command, which you can read more about here. The second set of keys are the Database Master Keys, stored per database, if you’ve created one. You can back those up with the BACKUP MASTER KEY command, which you can read more about here. Finally, you can use the keys to create certificates and other keys – those should also be backed up. Read more about those here. Anyway, the important part here is the backup. Make sure you keep those keys safe! Share this post: email it! | bookmark it! | digg it! | reddit! | kick it! | live it!

Read the article

Is there a canonical source supporting "all-surrogates"?

- by user61852

Background The "all-PK-must-be-surrogates" approach is not present in Codd's Relational Model or any SQL Standard (ANSI, ISO or other). Canonical books seems to elude this restrictions too. Oracle's own data dictionary scheme uses natural keys in some tables and surrogate keys in other tables. I mention this because these people must know a thing or two about RDBMS design. PPDM (Professional Petroleum Data Management Association) recommend the same canonical books do: Use surrogate keys as primary keys when: There are no natural or business keys Natural or business keys are bad ( change often ) The value of natural or business key is not known at the time of inserting record Multicolumn natural keys ( usually several FK ) exceed three columns, which makes joins too verbose. Also I have not found canonical source that says natural keys need to be immutable. All I find is that they need to be very estable, i.e need to be changed only in very rare ocassions, if ever. I mention PPDM because these people must know a thing or two about RDBMS design too. The origins of the "all-surrogates" approach seems to come from recommendations from some ORM frameworks. It's true that the approach allows for rapid database modeling by not having to do much business analysis, but at the expense of maintainability and readability of the SQL code. Much prevision is made for something that may or may not happen in the future ( the natural PK changed so we will have to use the RDBMS cascade update funtionality ) at the expense of day-to-day task like having to join more tables in every query and having to write code for importing data between databases, an otherwise very strightfoward procedure (due to the need to avoid PK colisions and having to create stage/equivalence tables beforehand ). Other argument is that indexes based on integers are faster, but that has to be supported with benchmarks. Obviously, long, varying varchars are not good for PK. But indexes based on short, fix-length varchar are almost as fast as integers. The questions - Is there any canonical source that supports the "all-PK-must-be-surrogates" approach ? - Has Codd's relational model been superceded by a newer relational model ?

Read the article

RSA keys - virtual hosts

- by Bosworth99

Pardon my noobness, but I just got started with VPS (linux) hosting; setting up passwordless ssh for multiple users has proved to be kind of a pain. Currently I'm the single user of this ubuntu 10.04 LTS VPS (linode.com). I was able to establish a single rsa passkey under my home/user/.ssh/authorized_keys location. Fine. PuTTy works as expected, and Filezilla (sftp) links up as required. I've been working on a single site that this user owns, and thats not been a problem. Now, I want to set up some other sites, and I've chosen Webmin with the VirtualMin plugin to make this work. I made another user (or, rather, virtualmin did), but I've been unable to get FileZilla to link up to this new user. Could anyone with experience here explain what the setup is supposed to look like? IE - can I use a single rsa key pair for all accounts (if, for example, I give ownership of files to the original user?). Or is it standard practice to create a separate key pair for each user, and establish a separate putty/filezilla login for each? I've spent enough time dinking around with this to be frustrated. "Sever rejected the provided key" error sucks after the fifth hour. I'm about to set up an ftp server and call it a day. Any thoughts would be most welcome -

Search Results

Search found 8613 results on 345 pages for 'ssl keys'.

Page 31/345 | < Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38 | Next Page >

- by RyanFetz

- by Christian David Straub

- by Earlz

- by azera

- by KoolKabin

- by frankadelic

- by DrStalker

- by directedition

- by ebeland

- by Matt

- by Tim Mahy

- by brad

- by Sourabh

- by 4herpsand7derpsago

- by G. He

- by yogsma

- by Mayuresh

- by THOmas

- by bdares

- by user16654

- by user210481

- by Industrial

- by BuckWoody

- by user61852

- by Bosworth99

< Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38 | Next Page >