Search Results

Search found 3868 results on 155 pages for 'wildcard ssl'.

Page 31/155 | < Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >

  • SSL on Heroku / User Authentication Across Multiple Domains

    - by Euwyn
    Posted a previous question on this, but have a followup. I was trying to create a workaround to use SSL on the expensive custom domain. I'm willing to live with bumping a user to https://app.heroku.com from http://www.app.com for certain secure pages, and have monkey-patched SSL required to make this happen. However, now this issue is with making sure my User is logged in when I do so. As I understand, cookies aren't cross domain. Is there a way around this issue?

    Read the article

  • Setting Host Headers for SSL Sites in IIS–Week 7 of 52

    - by OWScott
    At first glance, the Host Header field is grayed out when applying host headers to SSL (HTTPS) sites in IIS 7. This week I cover a trick plus a full featured way to set these host headers in IIS 7.0/7.5 and IIS 6.  If you haven’t watched last week’s video, I recommend watching it first since it covers the reasons and issues for host headers on SSL sites. This is week 7 of a 52 week series on various web administration related tasks.  Past and future videos can be found here. Host Headers in SSL Sites Here are some links mentioned in the video: http://www.sslshopper.com/article-ssl-host-headers-in-iis-7.html http://www.sslshopper.com/article-how-to-configure-ssl-host-headers-in-iis-6.html Unified Communications Certificate (aka Subject Alternative Name [SAN]) options: http://www.bing.com/search?q=unified+communications+certifcate

    Read the article

  • Should I use an ssl terminator or just haproxy?

    - by Justin Meltzer
    I'm trying to figure out how to set up my architecture for a socket.io app that will require both https and wss connections. I've found many tutorials on the web suggesting that you use something like stud or stunnel in front of haproxy, which then routes your unencrypted traffic to your app. If I were to go this route, is it suggested that haproxy and the ssl terminator be on separate instances, or is it fine if they are on the same EC2 server instance? If I do not want to use a separate ssl terminator, could I use haproxy to terminate the ssl? Or instead would it be possible to proxy these https and wss connections to my application and have the node app terminate the ssl itself?

    Read the article

  • Google Charts of SSL

    - by Ian
    Hi, I need to get the free Google charts working over SSL without any security errors. I am using c# and asp.net. As Google charts does not support SSL by default, I am looking for a robust method of using there charts but ensuring my user doesn't get any security warnings over their browser. One thought was to use a handler to call the charts api and then generate the output my site needs. Similar to Pants are optional blog post. I haven't been able to get this example working at this stage. Any suggestions, or samples are welcome. Thanks

    Read the article

  • Java Webstart Truststore SSL

    - by Padur
    Hello Experts .. Need some guidance. I have java webstart app and I want it to connect to a server via SSL.just adding a property like:System.setProperty("javax.net.ssl.trustStore","my.keystore");But since a JAWS program is downloaded from server didn't work and don't have a my.keystore on local file system. So decided to distribute the certificate to all clients.I did the following and it worked, but I am sure there are more better solutions that this.I packed it inside a jar and copied to some temp directory on clients machine and read the truststore jks file. Any ideas to make it better? -Padur ========================================

    Read the article

  • disable SSL on MAMP

    - by morktron
    Hi I'm used to editing sites locally on my MAMP to test out changes before going live. In this case though the site has a SSL certificate and wants to use it when I go to admin. So I can't go to admin. The error message says: (Error code: ssl_error_rx_record_too_long) It's a Joomla site I'm trying to log into locally ie: http://localhost:8888/site/administrator/ I've tried https as well, but same thing. Also same thing is Safari. I just need to turn off ssl, it must be a file somewhere in the site I downloaded.

    Read the article

  • ASP.NET MVC SSL POST Error

    - by RyanFetz
    I have a Logon page in a MVC (1.0) application that I am securing with SSL, I have an attribute that inspects the request for the page and redirects to a https uri when it is requested with http. This all works, however when I post the form content i get the following error: The parameters dictionary contains a null entry for parameter 'rememberMe' of non-nullable type 'System.Boolean' for method 'System.Web.Mvc.ActionResult LogOn(System.String, System.String, Boolean, System.String)' in 'DAC.US.Web.Portal.Controllers.AccountController'. To make a parameter optional its type should be either a reference type or a Nullable type. Parameter name: parameters here is the controller code... // // GET: /Account/LogOn [RequiresSSL] public ActionResult LogOn(string ReturnUrl) { if (TempData["Message"] != null) ViewData["Message"] = TempData["Message"]; TempData["Message"] = null; ViewData["ReturnUrl"] = ReturnUrl ?? "/Home"; return View(); } Again, the RequireSSL Attribute works, but the POST from that SSL uri does not. What is not working?

    Read the article

  • Enabling SSL Requests on Jdev's Integrated Weblogic

    - by Christian David Straub
    Often times you will want to enable SSL access for such things as secure login or secure signup. By default, the integrated WLS that ships with JDev does not listen to SSL requests. However, this is easily fixed.Just navigate to http://127.0.0.1:7101/console. This will deploy the console app where you can configure WLS. By default the login credentials are:username: weblogicpassword: weblogic1Then go to Environment -> Servers -> DefaultServer. Check the "SSL Listen Port Enabled" box and your server will now listen to SSL requests (just make sure to use the listen port that is specified).For added security, you can always check while processing your request that it is going through an SSL connection by first checking HttpServletRequest.isSecure().

    Read the article

  • How can I prevent HTTPS on another domain from wrongly showing on my HTTP-only domain?

    - by Earlz
    So, I have a blog at domain.com. This blog is HTTP-only because I would gain almost nothing from adding SSL support. I have a web service now that I want to enable SSL support on that runs on the same server and IP address as my blog. I got it all working pretty easily, but not if I go to https://domain.com I will see a huge warning about an SSL certificate error and then if I click "ok" through the warning, I'll see the web service with SSL support, not my blog. My biggest fear with this scheme is Google indexing an HTTPS version of it and penalizing my blog because the content between the two doesn't match. How can I somehow for my blog's domain to either not serve anything on HTTPS, or to redirect back to my HTTP blog, or to serve my blog, but with an invalid SSL certificate? What can I do, preferably without buying another dedicated IP for my website?

    Read the article

  • IMAP + TLS/SSL with synapse ?

    - by azera
    i'm currently trying to add to a software the capability to list unread emails in the user's inbox using imap. After having no success at all using indy10, I discovered synapse which seemed better for what I needed, but I can't find a way to get it working. My problem is with the login (thus I think with the ssl configuration), I can't find a working combination of "FullSSL", "Sock.SSL.SSLType" and "AutoTLS", whetever I do the "Login()" function fails. For the sake of testing, is any of you able to connect to gmail's imap server using synapse, and if yes how ?

    Read the article

  • Basics for implementing SSL on PHP Website

    - by KoolKabin
    Hi guys, I am here as a developer of a website. My website got different modules among which one function is to process credit card. In order to process credit card I need to implement SSL layer and process the pages. For rest of modules the SSL is optional. Now my points are: 1.) Is the location of file for http and https same? 2.) Can the session of http and https be shared? this is required as i need user login information and cart item information.

    Read the article

  • ASP.NET Request.ServerVariables["SERVER_PORT_SECURE"] and proxy SSL by load balancer

    - by frankadelic
    We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required. This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed. Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assume for the purposes of this question that this is a requirement). The consequence would be that all requests appear as HTTP to the web server. My question: how can we let the web servers known that the incoming connection was secure before it hit the load balancer? Can we continue to use Request.ServerVariables["SERVER_PORT_SECURE"]? Do you know of a load balancer config that will send headers so that no application code changes are needed?

    Read the article

  • SSL certificate selection based on host-header: is it possible?

    - by DrStalker
    Is it possible for a web server to select an SSL certificate to use based on the host-header of the incoming connection, or is that information that is only available after the SSL connection is established? That is, can my webserver listed on port 443 and use the foo.com certificate if https://foo.com is requested, and the bar.com certificate if https://bar.com is requested or am I trying to do something impossible because the server has to establish an SSL connection before it knows what the client wants?

    Read the article

  • Programmatically adding a trusted cert in Java

    - by directedition
    I use SSL to communicate between two components written in Java. I can't use a CA, so I have to self-sign everything. Unfortunately, this means that when I try to handshake, I get a SunCertPathBuilderException. I can create my own X509TrustManager that just trusts everything, but that sort of defeats the purpose of having a signed cert. I would like, when first making the connection, to prompt the user with "SSL handshake with invalid cert. Add cert to store?" or something so they could have it added for them to their certificate store, like web browsers do at sites with invalid certs. I can find plenty of examples online of adding a cert to the store through the commandline, but I can't figure out how to do it programmatically. Is there a way to do this?

    Read the article

  • Rabbitmq 2.2 not working on Snow Leopard (SSL errors)

    - by ebeland
    When I start rabbitmq, I see the following message. I have Activating RabbitMQ plugins ... WARNING Undefined function crypto:des3_cbc_decrypt/5 WARNING Undefined function crypto:start/0 WARNING Undefined function ssl:close/1 WARNING Undefined function ssl:controlling_process/2 WARNING Undefined function ssl:peercert/1 WARNING Undefined function ssl:peername/1 WARNING Undefined function ssl:recv/3 WARNING Undefined function ssl:send/2 WARNING Undefined function ssl:sockname/1 WARNING Undefined function ssl:ssl_accept/3 0 plugins activated: I followed the advice here to install openssl and recompile erlang with a --with-ssl path set: http://old.nabble.com/2.1.1%3A-no-such-file-or-directory-crypto.app-message-prevents-broker-from-starting-td30011026.html When I recompiled erlang, I used the following .configure: ./configure \ --prefix=/usr/local/erlang/R13B04 \ --enable-smp-support \ --enable-threads \ --enable-darwin-64bit \ --with-ssl=/usr/include/openssl It compiled fine. Then, just in case, I reinstalled rabbit from macports. I still get the error. Am I using the wrong path for --with-ssl? Help?

    Read the article

  • Should I anticipate any problems trying to use the same SSL Cert on 2 computers (primary, backup)?

    - by Matt
    We have a production machine running IIS6 with a wildcard SSL certificate. The certificate that was installed is not exportable. We want to upgrade the system to IIS7. As part of this venture, we're creating a backup/failover server that will serve the exact same websites - when we take the primary down for upgrade, the secondary will take over. As such, the secondary also needs the SSL certificate. However, since the certificate was not exportable, this means re-keying it from Go Daddy. Per http://help.godaddy.com/article/867, I know that by re-keying the certificate the original will stop working. I'm still pretty new to SSL certificates, so are there any problems I should anticipate when installing the same SSL certificate on 2 different machines?

    Read the article

  • How do I force SSL for some URLs and force non-SSL for all others?

    - by brad
    I'd like to ensure that certain URLs on my site are always accessed via HTTPS while all other URLs are accessed via HTTP. I can get either case working in my .htaccess file, however if I enable both, then I get infinite redirects. My .htaccess file is: <IfModule mod_expires.c> # turn off the module for this directory ExpiresActive off </IfModule> Options +FollowSymLinks AddHandler application/x-httpd-php .csv RewriteEngine On RewriteRule ^/?registration(.*)$ /register$1 [R=301,L] # Force SSL for certain URL's RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} (login|register|account) RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # Force non-SSL for certain URL's RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !(login|register|account) RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # Force files ending in X to use same protocol as initial request RewriteRule \.(gif|jpg|jpeg|jpe|png|ico|css|js)$ - [S=1] # Use index.php as the controller RewriteCond %{REQUEST_URI} !\.(exe|css|js|jpe?g|gif|png|pdf|doc|txt|rtf|xls|swf|htc|ico)$ [NC] RewriteCond %{REQUEST_URI} !^(/js.*)$ RewriteRule ^(.*)$ index.php [NC,L]

    Read the article

  • SSL in overlay window for login

    - by Sourabh
    HI I have to implement login over SSL in my website. for example cloginForm - this is the form https://www.myweb.com/loginProcess - this is the action which process the form -authenticates user. I am able to do this with usual web form but the problem is the overlay dialog box for login for example if I am on my website home page http://www.myweb.com - notice http and I click a login link there , it shows a small html div with login form (like a litebox).now ,as I am on a non SSL page (http) the data which I post does not get encrypted,and posted to the process action. How do I get around with this so that my overly login also becomes secure. thanks for your help in advance. :)

    Read the article

  • Security & Authentication: SSL vs SASL

    - by 4herpsand7derpsago
    My understanding is that SSL combines an encryption algorithm (like AES, DES, etc.) with akey exchange method (like Diffier-Hellman) to provide secure encryption and identification services between two endpoints on an un-secure network (like the Internet). My understanding is that SASL is an MD5/Kerberos protocol that pretty much does the same thing. So my question: what are the pros/cons to choosing both and what scenarios make both more preferable? Basically, I'm looking for a guidelines to follow when choosing SSL or to go with SASL instead. Thanks in advance!

    Read the article

  • dovecot main process terminated with status 89

    - by G. He
    I'm trying to configure dovecot/imap to run without SSL. I set ssl = no in 10-ssl.conf in /etc/dovecot/conf.d. However, with this setting, dovecot dies right away when it is started. I checked the log file and found the following: dovecot main process (4895) terminated with status 89 What does it mean? Is there a way for dovecot to run without ssl? The reason I do NOT want ssl is that my outlook complains the certificate cannot be verified. It is really annoying. And I only run the server on a very small lan and don't need that extra security.

    Read the article

  • Use of WebDAV to access OWA (exchange 2003) mails with Basic authentication and SSL

    - by Mayuresh
    I have got a working C# code for accessing OWA mails using WebDAV against a FBA enabled exchange 2003 (http://support.microsoft.com/kb/891748/en-us/) But my client's OWA (exchange 2003) has Basic authentication and SSL (i-e when I try to access the web mail link through browser I get a grey login box instead of a web page I can log into the mail box once I enter the correct details) But my same fails with a 401 error against this mailbox. I got the simple request working for the Basic authentication using – String usernamePassword = strUserName + ":" + strPassword; WebReq.Headers.Add("Authorization", "Basic " + Convert.ToBase64String(new ASCIIEncoding().GetBytes(usernamePassword))); But the subsequent WebDAV SEARCH request fails with 404 (resource not found) error. Can we use WebDAV against an exchange 2k3 with SSL and Basic authentication?

    Read the article

< Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >