Search Results

Search found 7249 results on 290 pages for 'https everywhere'.

Page 4/290 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • How do you redirect https to http

    - by mauriciopastrana
    that is, the opposite of what (seemingly) everyone teaches. I have a server on https for which I paid an SSL cert for and a mirror for which I haven't and keep around for just for emergencies so it doesn't merit getting a cert for. On my client's desktops I have SOME shortcuts which point to http://production_server and https://productionserver (both work), however; I know that if my prod. server goes down, then DNS forwarding kicks in and those clients which have https on their shortcut will be staring at https://mirrorserver (Which doesnt work) and a big fat IE7 red screen of uneasyness for my company. Unfortunately, I can't just switch this around at the client level. These users are very computer illiterate: and are very likely to freak out from seeing https "insecurity" errors (specially the way FFX3 and IE7 handle it nowadays: FULL STOP, kinda thankfully, but not helping me here LOL). It's very easy to find apache solutions for http-https redirection, but for the life of me I can't do the opposite. Ideas? Cheers, /mp

    Read the article

  • Tunnel over HTTPS

    - by ephemient
    At my workplace, the traffic blocker/firewall has been getting progressively worse. I can't connect to my home machine on port 22, and lack of ssh access makes me sad. I was previously able to use SSH by moving it to port 5050, but I think some recent filters now treat this traffic as IM and redirect it through another proxy, maybe. That's my best guess; in any case, my ssh connections now terminate before I get to log in. These days I've been using Ajaxterm over HTTPS, as port 443 is still unmolested, but this is far from ideal. (Sucky terminal emulation, lack of port forwarding, my browser leaks memory at an amazing rate...) I tried setting up mod_proxy_connect on top of mod_ssl, with the idea that I could send a CONNECT localhost:22 HTTP/1.1 request through HTTPS, and then I'd be all set. Sadly, this seems to not work; the HTTPS connection works, up until I finish sending my request; then SSL craps out. It appears as though mod_proxy_connect takes over the whole connection instead of continuing to pipe through mod_ssl, confusing the heck out of the HTTPS client. Is there a way to get this to work? I don't want to do this over plain HTTP, for several reasons: Leaving a big fat open proxy like that just stinks A big fat open proxy is not good over HTTPS either, but with authentication required it feels fine to me HTTP goes through a proxy -- I'm not too concerned about my traffic being sniffed, as it's ssh that'll be going "plaintext" through the tunnel -- but it's a lot more likely to be mangled than HTTPS, which fundamentally cannot be proxied Requirements: Must work over port 443, without disturbing other HTTPS traffic (i.e. I can't just put the ssh server on port 443, because I would no longer be able to serve pages over HTTPS) I have or can write a simple port forwarder client that runs under Windows (or Cygwin) Edit DAG: Tunnelling SSH over HTTP(S) has been pointed out to me, but it doesn't help: at the end of the article, they mention Bug 29744 - CONNECT does not work over existing SSL connection preventing tunnelling over HTTPS, exactly the problem I was running into. At this point, I am probably looking at some CGI script, but I don't want to list that as a requirement if there's better solutions available.

    Read the article

  • Set form action dynamically in https-area

    - by Beerweasle
    Hi, heres the problem explanation: Im on the domain https://www.example.com - theres an Order-Form with the Action https://www.example-otherdomain.com with an other SSL Certificate. On some conditions i set the form action to https://www.example.com so that it will be posted on our domain, but if the user uses a CreditCart it should get posted to https://www.example-otherdomain.com. So far so good. But in some rare conditions, users with CreditCards still posts their form to https://www.example.com. So my idea is: Is there some Same-Domain-Policy for Javascript/HTTPS to protect the user from phishing? It seems that to set the FormAction to the same domain works, but not to reset it to the external one (with JS). I cant reproduce this error, so im asking here if someone knows if theres such a problem. It doesnt matter which UserAgent the user has (there are post datas from FF, Chrome, Webkit, IE7/8) Thx!

    Read the article

  • IIS 7 - allow http for part of site, https for rest?

    - by Martin Clarke
    In IIS 7, is there a way to set two urls on the same site to allow http and https, and the rest to be https only? - http://mysite/url1 or https://mysite/url1 is accepted and stays on that protocol. - http://mysite/url2 or https://mysite/url2 is accepted and stays on that protocol. - any other item, i.e. http://mysite/whatever redirects to https://mysite/whatever - https://mysite/whatever is accepted. Edited because first question wasn't clear enough.

    Read the article

  • https root webapp in jboss 5 through apache mod_proxy with ajp

    - by Jesus
    hi, i have apache 2.2.3 and jboss 5.1 installed in my server, in apache i have 2 apps in php+mysql and in jboss i have in the root app (/) liferay portal. i used mod_proxy to reach the jboss app : <VirtualHost server_ip:80> ServerName intranet.mycompany.com ProxyPreserveHost On ProxyPass / balancer://jbosscluster/ ProxyPassReverse / http://server_ip:8080 </VirtualHost> but now i have to enable https only in intranet.mycompany.com, and i dont know where configure the ssl, in apache, jboss, both. i tried in jboss in the server.xml, generating a selfsigned certificate with keytool, but apache doesnt forward to https://server_ip:8443 i will appreciate your help.

    Read the article

  • Firefox https problem with localhost

    - by vnuk
    I administer half a dozen servers with (among other things) Webmin. I connect to Webmin via ssh tunnel to port 10000. All of my Webmins run in https mode. Firefox from version 3.6.6. refuses to load my https://localhost:10000 pages claiming SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) Why is this problem NOW? It was working fine (annoying with certificate errors, but working) but now it is not working at all. I must have Google Chrome installed so I can connect to Webin.

    Read the article

  • Allow HTTPS cookies but not HTTP?

    - by Ken
    I want to allow cookies for a domain but only over HTTPS -- not cookies from the same domain that come from HTTP. For example, I don't want any http://www.google.com cookies, but I do want to allow https://www.google.com cookies (because Calendars are there). Is there a way to do this? Does the goal even make sense? In Chrome, it only allows domain names, not URLs, to be added to the cookie exception list. In Firefox, it allows a protocol, but it only records the domain name, and if you click "Allow" or "Deny", it changes the same entry in the list.

    Read the article

  • PHP does not allow https connections

    - by FunkyChicken
    Hey guys im running PHP 5.4.0 and I cannot cURL nor files_get_content() https connections. Using curl in a PHP script shows: [root@ns1]# /opt/php/bin/php -q test.php * About to connect() to www.google.com port 443 * Trying 74.125.225.210... * connected * Connected to www.google.com (74.125.225.210) port 443 * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none Segmentation fault Using file_get_contents() shows: Warning: file_get_contents(): Unable to find the wrapper "https" - did you forget to enable it when you configured PHP? in /test.php OpenSSL and OpenSSL-devel are installed, and PHP is also configured with cURL support for SSL connections. See: http://i.imgur.com/ExAIf.png Any idea what might be going wrong? Further info: CentOS 5.8(64) with Nginx 1.2.4

    Read the article

  • BIG IP - HTTPS Health Monitor setup

    - by djo
    I have a Web site that we have setup a health monitoring pages so we can take our servers in and out of the Big-IP as we see fit. Now we have just moved onto Big-IP and the issue I have hit is that you setup Health Monitors for port 80 and 443, now the 80 check works fine but when I to get the 443 check to look at our file it fails. Now I am aware as I am hitting the this page on the IP address over HTTPS is going to cause a cert error but I would have guessed that BIG-Ip would have been setup just to accept the cert and carry on with the check. Is what I am wanting to do possible? Also is there a way of just using a HTTP monitor for HTTPS? Because if port 80 has stopped sending traffic then if i use the same monitor for 443 it will stop traffic to that. Any help would be great! Thanks

    Read the article

  • configure HTTPS server on a cisco router

    - by Sara
    For the past week I was trying to configure an HTTPS server on a cisco 2900 router, I've used the following commands and assigned a username and password to privilege 15 however, when Im trying to access a given ip it requires a username and password however when I insert the username and password I configured it does not allow me to enter and i'm not sure where the problem is. Router(config)# ip http secure-server Router(config)# ip http authentication local These were the commands i used for the https server and also I used the following to assign the username and password Router(config)#username name privilege 15 secret 0 password where 'name' and 'password' represent the username and password respectively I'm trying to access the 192.168.14.1 interface on the router and the username and password i created are not authorized to enter (I got the commands from a cisco router manual)

    Read the article

  • Can't use HTTPS with ServerXMLHTTP object

    - by Imraan
    I am supporting a Classic ASP application that connects to a payment gateway via HTTPS. Up until recently there have been no issues. A few days ago this broke without the code, IIS config or anything local changing. Its broken on at least 3 separate servers. The last run of Windows Updates was in late November, but bringing the servers' updates up date has not resolved the problem. A code snippet is below. Dim oHttp Dim strResult Set oHttp = CreateObject("MSXML2.ServerXMLHTTP") oHttp.setOption 2, 13056 oHttp.open "POST", SOAP_ENDPOINT, false oHttp.setRequestHeader "Content-Type", "application/soap+xml; charset=utf-8" oHttp.setRequestHeader "SOAPAction", SOAP_NS + "/" & SOAP_FUNCTION oHttp.send SOAP_REQUEST Below is a dump of the error object :- Number: -2147012852 Description: A certificate is required to complete client authentication Message: A certificate is required to complete client authentication I initially posted the question on Stackoverflow (http://stackoverflow.com/questions/9212985/cant-use-https-with-serverxmlhttp-object) thinking it was a code issue, but further investigation seems to point to a server issue.

    Read the article

  • HTTPS subdomain does not load site under HTTP

    - by Mark Lawrence
    I recently installed an SSL certificate on a subdomain following the steps at cPanel. Lets just say the domain is example.com and the subdomain is sub.example.com. I updated the userdata file for the subdomain and changed the IP address to the IP I wanted to use I updated the example.com zone file and changed the IP for the A Name for the subdomain to the IP I wanted to use Using domain tools I checked that sub.example.com resolved to the new IP which it does. I then installed an SSL certificate on example.com and then on sub.example.com When I visit http://sub.example.com I get the default Apache account screen, and when I visit https://sub.example.com I get the cPanel 404 page. If however I enter https://sub.example.com/admin (the location of my admin section) the page loads and I can login. I thought that this might be a propagation issue however as the subdomain resolves to the IP and I can reach the admin page I suspect it is not a propagation issue and possibly an incorrect zone file. Any thoughts?

    Read the article

  • How to Consume a WebService(created by C#) using Https protocol

    - by Navaneeth A Krishnan
    I'm developing a small project, that is an C# web service, i did that but now i want to run the web service using the protocol HTTPS, for that i have installed web authentication certificate in my system and my IIS 5.1 server is running under HTTPS protocol(i have configured in that directory security) But now i want to invoke the web service using the HTTPS protocol, somebody told that, i need to modify the WSDL file for that web service but i don't know how to do it... now my service url is like this.... http://localhost:2335/SWebService.asmx here i would like to use https instead of http

    Read the article

  • Redirect to https login page

    - by user50622
    I have a site that has a mix of http and https pages. Under the root of the site, one folder has all the http pages and another has all the https pages. Login is over https and sends the user to the other pages. When a session expires the forms authentication redirects to the Login page but the browser uses http and the user gets a 403 error. Is there any way to override the session timeout to send it to https?

    Read the article

  • How do I use IIS7 rewrite to redirect requests for (HTTP or HTTPS):// (www or no-www) .domainaliases.ext to HTTPS://maindomain.ext

    - by costax
    I have multiple domain names assigned to the same site and I want all possible access combinations redirected to one domain. In other words whether the visitor uses http://domainalias.ext or http://www.domainalias.ext or https://www.domainalias3.ext or https://domainalias4.ext or any other combination, including http://maindomain.ext, http://www.maindomain.ext, and https://www.maindomain.ext they are all redirected to https://maindomain.ext I currently use the following code to partially achieve my objectives: <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <rewrite> <rules> <rule name="CanonicalHostNameRule" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTP_HOST}" pattern="^MAINDOMAIN\.EXT$" negate="true" /> </conditions> <action type="Redirect" redirectType="Permanent" url="https://MAINDOMAIN.EXT/{R:1}" /> </rule> <rule name="HTTP2HTTPS" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTPS}" pattern="off" ignoreCase="true" /> </conditions> <action type="Redirect" redirectType="Permanent" url="https://MAINDOMAIN.EXT/{R:1}" /> </rule> </rules> </rewrite> </system.webServer> </configuration> ...but it fails to work in all instances. It does not redirect to https://maindomain.ext when user inputs https://(www.)domainalias.ext So my question is, are there any programmers here familiar with IIS7 ReWrite that can help me modify my existing code to cover all possibilities and reroute all my domain aliases, loaded by themselves or using www in front, in HTTP or HTTPS mode, to my main domain in HTTPS format??? The logic would be: if entire URL does NOT start with https://maindomain.ext then REDIRECT to https://maindomain.ext/(plus_whatever_else_that_followed). Thank you very much for your attention and any help would be appreciated. NOTE TO MODS: If my question is not in the correct format, please edit or advise. Thanks in advance.

    Read the article

  • Jenkins: Use it with SSL / https

    - by Tim
    I have a Fedora server running Jenkins which I install via yum. Everything is okay, I can access it with http://ci.mydomain.com. But now, I want to access it with https://ci.mydomain.com, so the login with username and password is encrypted. How can I do this? Best Regards Tim Update My /etc/sysconfig/jenkins file. Starting Jenkins works, but I can not access Jenkins with the webbrowser with https://ci.mydomain.com or http://ci.mydomain.com:443, ... ## Path: Development/Jenkins ## Description: Configuration for the Jenkins continuous build server ## Type: string ## Default: "/var/lib/jenkins" ## ServiceRestart: jenkins # # Directory where Jenkins store its configuration and working # files (checkouts, build reports, artifacts, ...). # JENKINS_HOME="/var/lib/jenkins" ## Type: string ## Default: "" ## ServiceRestart: jenkins # # Java executable to run Jenkins # When left empty, we'll try to find the suitable Java. # JENKINS_JAVA_CMD="" ## Type: string ## Default: "jenkins" ## ServiceRestart: jenkins # # Unix user account that runs the Jenkins daemon # Be careful when you change this, as you need to update # permissions of $JENKINS_HOME and /var/log/jenkins. # JENKINS_USER="jenkins" ## Type: string ## Default: "-Djava.awt.headless=true" ## ServiceRestart: jenkins # # Options to pass to java when running Jenkins. # JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true" ## Type: integer(0:65535) ## Default: 8080 ## ServiceRestart: jenkins # # Port Jenkins is listening on. # JENKINS_PORT="8080" ## Type: integer(1:9) ## Default: 5 ## ServiceRestart: jenkins # # Debug level for logs -- the higher the value, the more verbose. # 5 is INFO. # JENKINS_DEBUG_LEVEL="5" ## Type: yesno ## Default: no ## ServiceRestart: jenkins # # Whether to enable access logging or not. # JENKINS_ENABLE_ACCESS_LOG="no" ## Type: integer ## Default: 100 ## ServiceRestart: jenkins # # Maximum number of HTTP worker threads. # JENKINS_HANDLER_MAX="100" ## Type: integer ## Default: 20 ## ServiceRestart: jenkins # # Maximum number of idle HTTP worker threads. # JENKINS_HANDLER_IDLE="20" ## Type: string ## Default: "" ## ServiceRestart: jenkins # # Pass arbitrary arguments to Jenkins. # Full option list: java -jar jenkins.war --help # JENKINS_ARGS="--httpsPort=443 --httpsKeyStore=/root/.keystore --httpsKeyStorePassword=MYPASSWORD"

    Read the article

  • Apache https is slsow

    - by raucous12
    Hey, I've set apache up to use SSL with a self signed certificate. With http (KeepAlive off), I can get over 5000 requests per second. However, with https, I can only get 13 requests per second. I know there is supposed to be a bit of an overhead, but this seems abnormal. Can anyone suggest how I might go about debugging this. Here is the ab log for https: Server Software: Apache/2.2.3 Server Hostname: 127.0.0.1 Server Port: 443 SSL/TLS Protocol: TLSv1/SSLv3,DHE-RSA-AES256-SHA,4096,256 Document Path: /hello.html Document Length: 29 bytes Concurrency Level: 5 Time taken for tests: 30.49425 seconds Complete requests: 411 Failed requests: 0 Write errors: 0 Total transferred: 119601 bytes HTML transferred: 11919 bytes Requests per second: 13.68 [#/sec] (mean) Time per request: 365.565 [ms] (mean) Time per request: 73.113 [ms] (mean, across all concurrent requests) Transfer rate: 3.86 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 190 347 74.3 333 716 Processing: 0 14 24.0 1 166 Waiting: 0 11 21.6 0 165 Total: 191 361 80.8 345 716 Percentage of the requests served within a certain time (ms) 50% 345 66% 377 75% 408 80% 421 90% 468 95% 521 98% 578 99% 596 100% 716 (longest request)

    Read the article

  • Apache suddenly very slow on http and faster on https

    - by hsnm
    Background: I have Apache 2 running on ubuntu. There is a low usage on it and mostly being accessed for a web service URL from mobile apps. It was working fine until I installed SSL certificates. I now have both http and https. When I access the server using https, I get a fairly quick response (but probably not as fast as before). When I use http, it's so slow. What I tried: From this post: I curl localhost from the host and it takes some time, meaning there is no routing issue. The server runs on Amazon EC2 instance and is managed by me only. Also: I see that Apache once running, creates the maximum number of processes it is allowed to, which was not the case before. I lowered the MaxClients to 20 and I think I'm getting faster responses but it still takes over a minute and I always have MaxClients Apache processes. dmesg returns many [ 1953.655703] TCP: Possible SYN flooding on port 80. Sending cookies. When I netstat I get many entries with SYN_RECV. Possibly a DDoS attack? From EC2's monitoring diagrams I see a pattern of high "Maximum Network In (Bytes)" since 2 days ago. By the way the server is still being tested, the actual traffic is very low and not consistent. I tried to go with this solution to limit incoming connections using iptables, still no luck, but I'm trying. Question: What could be the problem? Is this a DDoS attack?

    Read the article

  • Request builder call not returning when using ssl(https)

    - by Zeeshan Khan
    Hi , I am using GWT. Currently using gwt-rpc to for login authentication. For only login purpose i want to use ssl(https) and so instead of using gwt-rpc i am trying Request Builder and calling a servlet with https. When in Servlet URL i use protocol as http the request builder works perfectly and response returns to client side(onResponseReceived ). but when i use https in the servlet url then the servlet is gettting called but the response is not returning to the onResponseReceived method of request builder. my url with http looks like : http://localhost:8888/myproject/myservlet and with https it looks like :https://localhost/myproject/myservlet Please give any suggestion or is there any other way to do it.and also is it possible to use ssl over gwt-rpc.

    Read the article

  • Downloading Microsoft Security Essentials via https

    - by Marcel
    I want to download Microsoft Security Essentials on my brand new Windows 7 home PC. The official site presented to me is http://windows.microsoft.com/de-CH/windows/products/security-essentials, as I am located in Switzerland. The link to the actual package then is http://go.microsoft.com/fwlink/?LinkID=231276 Obviously, the download is not secured with https. Why? Would this not be the first thing Microsoft should do? They could deliver the certificate already with the OS to make it really secure...

    Read the article

  • Can SSH be tunneled over HTTPS using thttpd?

    - by Michael
    I need to tunnel my SSH server through an HTTPS port using thttpd (I can change to lighttpd if necessary, but I'm trying to avoid installing Apache since it's an underpowered box). I haven't been able to find anything that confirms or denies this ability of thttpd.

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >