Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

Page 33/170 | < Previous Page | 29 30 31 32 33 34 35 36 37 38 39 40 | Next Page >

Self-requests appearing on an Apache SSL site

- by Sam Minnée

I have an SSL site running on Apache that seems to be recieving regular self-requests of some kind. Is this something that Apache is doing? What is the reason? (ip address) - - [23/Apr/2010:14:21:00 +1200] -:443 "GET /" 400 637 "-" "-" (-) 157 (ip address) - - [23/Apr/2010:14:21:03 +1200] -:443 "GET /" 400 637 "-" "-" (-) 160 (ip address) - - [23/Apr/2010:14:21:14 +1200] -:443 "GET /" 400 637 "-" "-" (-) 147 (ip address) - - [23/Apr/2010:14:21:15 +1200] -:443 "GET /" 400 637 "-" "-" (-) 128 (ip address) - - [23/Apr/2010:14:21:16 +1200] -:443 "GET /" 400 637 "-" "-" (-) 167 (ip address) - - [23/Apr/2010:14:21:17 +1200] -:443 "GET /" 400 637 "-" "-" (-) 141 (ip address) - - [23/Apr/2010:14:21:18 +1200] -:443 "GET /" 400 637 "-" "-" (-) 166 (ip address) - - [23/Apr/2010:14:21:20 +1200] -:443 "GET /" 400 637 "-" "-" (-) 168 (ip address) - - [23/Apr/2010:14:21:21 +1200] -:443 "GET /" 400 637 "-" "-" (-) 160 (ip address) - - [23/Apr/2010:14:21:31 +1200] -:443 "GET /" 400 637 "-" "-" (-) 177 (ip address) - - [23/Apr/2010:14:21:32 +1200] -:443 "GET /" 400 637 "-" "-" (-) 103 (ip address) - - [23/Apr/2010:14:21:38 +1200] -:443 "GET /" 400 637 "-" "-" (-) 157 (ip address) - - [23/Apr/2010:14:21:39 +1200] -:443 "GET /" 400 637 "-" "-" (-) 193 (ip address) - - [23/Apr/2010:14:21:40 +1200] -:443 "GET /" 400 637 "-" "-" (-) 168

Read the article
My IIS server won't serve SSL sites to some browsers

- by sbleon

(Update: This is now cross-posted at http://stackoverflow.com/questions/3355000. This is the more appropriate forum, but StackOverflow gets a lot more traffic.) I've got an IIS 6.0 server that won't serve pages over SSL to some browsers. In Webkit-based browsers on OS X 10.6, I can't load pages at all. In MSIE 8 on Windows XP SP3, I can load pages, but it will sometimes hang downloading images or sending POSTs. Working: Firefox 3.6 (OS X + Windows) Chrome (Windows) Partially Working: MSIE 8 (works sometimes, but hangs up, especially on POSTs) Not Working: Chrome 5 (OS X) Safari 5 (OS X) Mobile Safari (iOS 4) On OS X (the easiest platform for me to test on), Chrome and Firefox both negotiate the same TLS Cipher, but Chrome hangs on or after the post-negotiation handshake. Chrome packet capture (via ssldump): 1 1 0.0485 (0.0485) C>S Handshake ClientHello Version 3.1 cipher suites Unknown value 0xc00a Unknown value 0xc009 Unknown value 0xc007 Unknown value 0xc008 Unknown value 0xc013 Unknown value 0xc014 Unknown value 0xc011 Unknown value 0xc012 Unknown value 0xc004 Unknown value 0xc005 Unknown value 0xc002 Unknown value 0xc003 Unknown value 0xc00e Unknown value 0xc00f Unknown value 0xc00c Unknown value 0xc00d Unknown value 0x2f TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 Unknown value 0x35 TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x32 Unknown value 0x33 Unknown value 0x38 Unknown value 0x39 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA compression methods NULL 1 2 0.3106 (0.2620) S>C Handshake ServerHello Version 3.1 session_id[32]= bb 0e 00 00 7a 7e 07 50 5e 78 48 cf 43 5a f7 4d d2 ed 72 8f ff 1d 9e 74 66 74 03 b3 bb 92 8d eb cipherSuite TLS_RSA_WITH_RC4_128_MD5 compressionMethod NULL Certificate ServerHelloDone 1 3 0.3196 (0.0090) C>S Handshake ClientKeyExchange 1 4 0.3197 (0.0000) C>S ChangeCipherSpec 1 5 0.3197 (0.0000) C>S Handshake [hang, no more data transmitted] Firefox packet capture: 1 1 0.0485 (0.0485) C>S Handshake ClientHello Version 3.1 resume [32]= 14 03 00 00 4e 28 de aa da 7a 25 87 25 32 f3 a7 ae 4c 2d a0 e4 57 cc dd d7 0e d7 82 19 f7 8f b9 cipher suites Unknown value 0xff Unknown value 0xc00a Unknown value 0xc014 Unknown value 0x88 Unknown value 0x87 Unknown value 0x39 Unknown value 0x38 Unknown value 0xc00f Unknown value 0xc005 Unknown value 0x84 Unknown value 0x35 Unknown value 0xc007 Unknown value 0xc009 Unknown value 0xc011 Unknown value 0xc013 Unknown value 0x45 Unknown value 0x44 Unknown value 0x33 Unknown value 0x32 Unknown value 0xc00c Unknown value 0xc00e Unknown value 0xc002 Unknown value 0xc004 Unknown value 0x96 Unknown value 0x41 TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA Unknown value 0x2f Unknown value 0xc008 Unknown value 0xc012 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA Unknown value 0xc00d Unknown value 0xc003 Unknown value 0xfeff TLS_RSA_WITH_3DES_EDE_CBC_SHA compression methods NULL 1 2 0.0983 (0.0497) S>C Handshake ServerHello Version 3.1 session_id[32]= 14 03 00 00 4e 28 de aa da 7a 25 87 25 32 f3 a7 ae 4c 2d a0 e4 57 cc dd d7 0e d7 82 19 f7 8f b9 cipherSuite TLS_RSA_WITH_RC4_128_MD5 compressionMethod NULL 1 3 0.0983 (0.0000) S>C ChangeCipherSpec 1 4 0.0983 (0.0000) S>C Handshake 1 5 0.1019 (0.0035) C>S ChangeCipherSpec 1 6 0.1019 (0.0000) C>S Handshake 1 7 0.1019 (0.0000) C>S application_data 1 8 0.2460 (0.1440) S>C application_data 1 9 0.3108 (0.0648) S>C application_data 1 10 0.3650 (0.0542) S>C application_data 1 11 0.4188 (0.0537) S>C application_data 1 12 0.4580 (0.0392) S>C application_data 1 13 0.4831 (0.0251) S>C application_data [etc] Update: Here's a Wireshark capture from the server end. What's going on with those two much-delayed RST packets? Is that just IIS terminating what it perceives as a non-responsive connection? 19 10.129450 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=3 TSV=699250189 TSER=0 20 10.129517 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460 WS=0 TSV=0 TSER=0 21 10.168596 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=1 Ack=1 Win=524280 Len=0 TSV=699250189 TSER=0 22 10.172950 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Client Hello 23 10.173267 10.100.xxx.xx 67.249.xxx.xxx TCP [TCP segment of a reassembled PDU] 24 10.173297 10.100.xxx.xx 67.249.xxx.xxx TCP [TCP segment of a reassembled PDU] 25 10.385180 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=148 Ack=2897 Win=524280 Len=0 TSV=699250191 TSER=163006 26 10.385235 10.100.xxx.xx 67.249.xxx.xxx TLSv1 Server Hello, Certificate, Server Hello Done 27 10.424682 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=148 Ack=4215 Win=524280 Len=0 TSV=699250192 TSER=163008 28 10.435245 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Client Key Exchange 29 10.438522 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Change Cipher Spec 30 10.438553 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [ACK] Seq=4215 Ack=421 Win=65115 Len=0 TSV=163008 TSER=699250192 31 10.449036 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Encrypted Handshake Message 32 10.580652 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [ACK] Seq=4215 Ack=458 Win=65078 Len=0 TSV=163010 TSER=699250192 7312 57.315338 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50644 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 19531 142.316425 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [RST, ACK] Seq=4215 Ack=458 Win=0 Len=0

Read the article
Apache Front End....Tomcat back end...SSL question

- by Jared

Hi Everyone, Question.... I have Apache setup as my webserver. Tomcat is hooked into Apache via mod_jk, so the user never interacts with Tomcat. I have set up SSL on the Apache Webser...I can hit it with https:// localhost When I try to access my application at ...https://localhost/app I get a directory not found error. Catch is when I go regular http... I can hit it fine... http:// localhost/app What do I have to edit for this connection to work? I have uncommented the AJP connector in server.xml I have added my virtual host to httpd.conf What am I missing? Thanks in advance. Jared

Read the article
Creating self-signed SSL on IIS - Remote access problem

- by ile

I followed these instructions to create self-signed ssl: http://www.visualwin.com/SelfSSL/ (I opened SelfSSL and typed selfssl /T) When I access https: //localhost/ than it works, but when I try to access it remotely (i set up my router to port forward to localhost), for example https: //myip the page does not load. Also, I noticed one other thing. When I access localhost locally then I am asked to enter user/pass, but if I access remotely the I get the following warning: Under Construction The site you were trying to reach does not currently have a default page. It may be in the process of being upgraded and configured. ... I don't know if it is related with this but I hope someone know the answer. Thanks, Ile

Read the article
mysql connector/net ssl shutsdown the server

- by Simon

Hello, when I try to connect my server throw connector/net using ssl with pfx certificate I had problem with establishing the connection. I get connection timeout. And the server probably fall down (I dont know it for sure, becouse I dont manage the server). On the Windows XP works all right, but on Windows 7 dont. Please, where is problem? In Windows 7 or on the server (mysql 5.0)? Sometimes I get "Calling interface SSPI Failed" error, but not everytime. Sometimes is only connection timeout error. Thank you a lot for any help. Regards, simon

Read the article
import certificate using command line in Win XP Home

- by jstawski

I need to install/import a CA cert (.cer) into the Trusted Root Cert Authorities store of a Win XP Home using command line. Anyone has any idea which command i can use?

Read the article
Apache SSL losing session over load balancer

- by SaltyNuts

I have two physical Apache servers behind a load balancer. The load balancer was supposed to be set up so that a user would always be sent to the same physical server after the first request, to preserve sessions. This worked fine for our web apps until we added SSL to the setup. Now the user can successfully login, see the home page, but clicking on any other internal links logs the user right out. I traced the issue to the fact that while initial authentication is performed by server 1, clicking on internal links leads to having the request sent to server 2. Server 2 does not share sessions with server 1, and the user is kicked out. How can I fix it? Do I need to share sessions between the two servers? If so, could you point me to a good guide for doing this? Thanks.

Read the article
If I use openvpn, can vpn servers monitor my usernames/passwords?

- by Duff

Openvpn uses a type of encryption similar to ssl. This seems to suggest that even if I choose an incredibly shady VPN server, then my content will be secure. That is, the VPN server will be able to monitor what websites I patronize, but not the actual data I transfer. That said, I am not an expert at this type of thing. I wanted, therefore, to make sure that I understand correctly. Is it true that if I use openvpn that my username/passwords are secure, even if the VPN is untrustworthy? If not, why? (And how, if at all, can it be fixed?) Examples of things that I don't know much about that may (or may not! I honestly don't know much about this.) be related to my question are: DNS leakage, IPv6, tracking cookies, browser plugins and websites that don't support https.

Read the article
Migrate an intermediate CA to a new root

- by Tim Brigham

Using the Microsoft CA is there any way to cut over to a new certificate authority from an intermediate authority? Both my systems are Microsoft CAs - I have a 2008 R2 Enterprise CA (intermediate) and an old 2003 CA (root). The 2003 box bit the dust and I don't have good backups. I still have a few months before the CRL expires; instead of having to cut over to a new intermediate authority is there a ready way to simply point this intermediate authority to a new offline CA?

Read the article
Set up SSL/HTTPS in zend application via .htaccess

- by davykiash

I have been battling with .htaccess rules to get my SSL setup working right for the past few days.I get a requested URL not found error whenever I try access any requests that does not do through the index controller. For example this URL would work fine if I enter the it manually https://www.example.com/index.php/auth/register However my application has been built in such a way that the url should be this https://www.example.com/auth/register and that gives the requested URL not found error My other URLs such as https://www.example.com/index/faq https://www.example.com/index/blog https://www.example.com/index/terms work just fine. What rule do I need to write in my htaccess to get the URL https://www.example.com/auth/register working? My htaccess file looks like this RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^.*$ - [NC,L] RewriteRule ^.*$ index.php [NC,L] I posted an almost similar question in stackoverflow

Read the article
Create and use intermediate certificate authority on Windows Server 2012?

- by Sid

Background: Server OS is Windows Server 2012. GUI is installed as we come upto speed with powershell. Setup is staging, not production (yet). We have our (internal, domain limited) Root CA installed. I would like to take the Root CA offline to secure storage but before that I'd like to setup an intermediate CA which can take over actual live, online (int-RA-net) functionality Can someone guide me covering: creating the intermediate CA certificate request installing the intermediate CA certificate on domain controller (certification authority role already installed with Root CA online right now) use the intermediate CA to generate a certificate (any use certificate, just for demonstration purposes) Obviously this certification chain would be invalid on computers outside our domain (self trusted root - our root certificate is NOT from common 3rd parties). This last point is NOT a problem.

Read the article
Switching to LDAP over SSL for Active Directory

- by bkildow

On our active directory server, I would like to enable LDAP over SSL as per this: http://support.microsoft.com/kb/321051. I am wondering, once this is set up, will LDAP still be listening on the standard port, 389 once this is implemented as well as the secure port? Or will the secure port completely replace the standard port as an option to connect to? Also, will there need to be any other configurations besides the steps in the article for doing this? In other words, will domain users still be able to authenticate like normal, or is there additional setup that would need to occur?

Read the article
Apache2 SSL And Passenger Configuration Issue

- by Aditya Manohar

I have the following virtual hosts configuration blocks. <VirtualHost *:80> DocumentRoot /var/www/html/TestApp/public/ <Directory /var/www/html/TestApp/public/> Allow from all Options -MultiViews </Directory> </VirtualHost> NameVirtualHost *:443 <VirtualHost *:443> DocumentRoot /var/www/html/TestApp/public/ <Directory /var/www/html/TestApp/public/> Allow from all Options -MultiViews </Directory> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/server.crt SSLCertificateKeyFile /etc/pki/tls/private/server.key </VirtualHost> I trying to serve a Rails App off Passenger on Apache. The Problem: The TestApp works fine with Apache and Passenger when not using SSL When I use https://, I see the contents of /var/www/html The path to TestApp is /var/www/html/TestApp Any help will be much appreciated.

Read the article
How to use SSL on AWS EC2

- by Aubada Taljo

Hello I have an AWS EC2 account and I am running an instance that serves as a web host for my PHP website... This is a private website that has no UI but only URLs to be requested by my other software to get some response from the server... I want the requests (that I send to the server) to be secured so I want to use https instead of http... so what should I do to achieve that? PS: I found this link while searching... but I don't know how useful it's in my situation http://matt-darby.com/posts/690-aws-ec2-and-ssl Thanks in advance Good luck

Read the article
SSL certs or intermediate for DMZ

- by rex

I've been tasked with deploying and managing load balancers covering internal servers and DMZ servers. I have no experience with this, and this is a first for my organization as well. Balancers are up, running, legit. Currently we are using a self-signed cert for Exchange/OWA. I know that we should have a cert signed by a CA, but the balancer has options for SSL cert or intermediate cert, and I'm unclear on the difference, or on which we need. We will be hosting Lync, Exchange and some custom apps in the DMZ. disclaimer: Apologies up front, I'm desktop support. I recently passed my Net+. It seems that has made me the network engineer in this organization.

Read the article
Two SSL certs for a domain in DirectAdmin

- by Bart van Heukelom

If I were to get 2 SSL certificates, one for example.com and one for www.example.com, is there a way to install them both on the site example.com in DirectAdmin? The default interface only allows installing one for both versions. If not, can I separate the 2 domains into 2 sites? One of them would only be a redirection, so there wouldn't be any duplication of site files. (Please don't answer with "one certificate should work for both". It doesn't always. This is a DirectAdmin question)

Read the article
Replacing old SSL cert with a new one with IIS

- by Wookie321

I purchased a new cert for my web server (GoDaddy) rather than renewed the current one. In the IIS manager, whenever I do the "Complete certificate request..." and then add my new cert it seems to accept it fine, but when I go off this screen and go back, the cert isn't there? I haven't seen any errors, but I thought it might be because I'm adding a cert with the same friendly name as the old one. I don't want to remove the old cert quite yet, is there a way around this?

Read the article
Using SSL with Openfire

- by DanBig

I'm having a rough time getting SSL configured properly on an Openfire install. Quite honestly, I just don't know what to do. It seems convoluted on the steps necessary to get a cert imported. Has anyone out there successfully done this? I'm running Openfire 3.6.4 on Server2003 R2. I have a signed UC cert which is ready to roll, I just don't know what to do with it. I've been through tons of tutorials on converting from .crt to .der to .pem, using openssl and java tools, but its only getting more confusing as I go.

Read the article
Setting up SSL on Nginx, Passenger, Sinatra

- by 12preschph

I have a Sinatra app that runs both on locally and on Heroku. When visiting my site over HTTPS across Heroku, it will indeed work as Heroku provides this by default. How can I set up SSL to work on my localhost machine? I will enable my Sinatra app to only allow secure connections so I need to test this both in development and production. Currently, I am running the following locally: SERVER= nginx/1.6.0 + Phusion Passenger 4.0.42 Also, where is my nginx folder? I don't have it installed in the normal location (Ubuntu) so this must come custom with Passenger?

Read the article
Multi domain server with dedicated SSL's HA

- by user3692800

I am hosting a server with 150 domain names (websites), each of the ssl's requere dedicated IP address. So server windows 2008, with 150 IP addressees and 150 websites. I need to have high availability solution. So thinking setting up AWS but ELB will not be a solution... and max IP's I can get per instance is 12 addresses. So what can I do to have all 150 sites hosted on one instance and be HA with instance in different availability zone.

Read the article
Redirect non-www ssl traffic to www ssl (apache)

- by The NinjaSysadmin

Hello, I'm attempting to get a redirect which is failing, and for some reason I can't think today. I have a vHost file within HTTPD that listens on standard port 80 and port 443. I'm attempting to redirect https://domain.com/(.*) to https://www.domain.com/$1 so that the URL remains intact. My config is as follows: ServerName www.domain.com ServerAlias tempdomain.testdomain.co.uk ServerAlias domain.com My rerwrite rule I'm using is. RewriteCond %{HTTP_HOST} ^domain.com$ RewriteRule ^(.*)$ https://www.domain.com$1 [R=301,L] I've also tried removing the . and $ but nothing.. When I visit the url https://domain.com/secure.page?action=comp it doesn't redirect to https://www.domain.com/secure.page?action=comp I do also have other SSL pages, the above was just an example.. Can anyone point out my stupidity.

Read the article
Activating ssl on tomcat

- by toom

I want to encrypt the http traffic on a tomcat instance via ssl. Therefore I followed the most simplistic approach described on various webpages. But anyway it simply does not work. Here is what I did: "keytool -genkey -alias tomcat -keyalg RSA" and I enterd "changeit" as the password (since this is the defaut chosen by tomcat) Altering $CATALINA_HOME/conf/servers.xml by uncommenting the following line Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"/ Restarting tomcat Entering https://localhost:8443 does not work. However, I can still access the page via normal http like http://localhost:8080 The logfile does not contain any suspicious information. What is going wrong here?

Read the article
Controlling access to my API using SSH public key (not SSL)

- by tharrison

I have the challenge of implementing an API to be consumed by relatively non-technical clients -- pasting some sample code into their WordPress or homegrown PHP site is probably as much as we can ask. Asking them to install SSL on their servers ain't happening. So I am seeking a simple yet secure way to authenticate API clients. OAuth is the obvious solution, but I don't think it passes the "simple" test. Adding a client id and hashed secret as a parameter to the requests is closer -- it's not hard to do md5($secret . $client_id) or whatever the php would be. It seems to me that if client requests could use the same approach as SSH public keys (client gives us a key from their server(s) there should be some existing magic to make all of the subsequent transactions transparently work just as regular HTTP API requests. I am still working this out (obviously :-), so if I am being an idiot, it would be nice to know why. Thanks!

Read the article
C# Ignore certificate errors?

- by JL

I am getting the following error during a web service request to a remote web service: Could not establish trust relationship for the SSL/TLS secure channel. --- System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. Is there anyway to ignore this error, and continue. It seems the remote certificate is not signed. The site I connect to is www.czebox.cz - so feel free to visit the site, and notice even browsers through security exceptions. Thanks

Read the article
SoapUI Web Service Request using Public Key Certificate

- by lox

I have a WSDL for a Web Service and a Public Key Certificate in the shape of a .cer file. I need to get SoapUI to encrypt the service request with the public key of the certificate. How do I do this?

Read the article

< Previous Page | 29 30 31 32 33 34 35 36 37 38 39 40 | Next Page >