Search Results

Search found 4187 results on 168 pages for 'secure erase'.

Page 40/168 | < Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >

  • curl can't verify cert using capath, but can with cacert option

    - by phylae
    I am trying to use curl to connect to a site using HTTPS. But curl is failing to verify the SSL cert. $ curl --verbose --capath ./certs/ --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: ./certs/ * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS alert, Server hello (2): * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Closing connection #0 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. I know about the -k option. But I do actually want to verify the cert. The certs directory has been properly hashed with c_rehash . and it contains: A Verisign intermediate cert Two self-signed certs The above site should be verified with the Verisign intermediate cert. When I use the --cacert option instead (and point directly to the Verisign cert) curl is able to verify the SSL cert. $ curl --verbose --cacert ./certs/verisign-intermediate-ca.crt --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: ./certs/verisign-intermediate-ca.crt CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using RC4-SHA * Server certificate: * subject: C=US; ST=State; L=City; O=Company; OU=ou1; CN=example.com * start date: 2011-04-17 00:00:00 GMT * expire date: 2012-04-15 23:59:59 GMT * common name: example.com (matched) * issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA - G3 * SSL certificate verify ok. > HEAD / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 > Host: example.com > Accept: */* > < HTTP/1.1 404 Not Found HTTP/1.1 404 Not Found < Cache-Control: must-revalidate,no-cache,no-store Cache-Control: must-revalidate,no-cache,no-store < Content-Type: text/html;charset=ISO-8859-1 Content-Type: text/html;charset=ISO-8859-1 < Content-Length: 1267 Content-Length: 1267 < Server: Jetty(7.2.2.v20101205) Server: Jetty(7.2.2.v20101205) < * Connection #0 to host example.com left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): In addition, if I try hitting one of the sites using a self signed cert and the --capath option, it also works. (Let me know if I should post an example of that.) This implies that curl is finding the cert directory, and it is properly hash. Finally, I am able to verify the SSL cert with openssl, using its -CApath option. $ openssl s_client -CApath ./certs/ -connect example.com:443 CONNECTED(00000003) depth=3 /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority verify return:1 depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 verify return:1 depth=1 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 verify return:1 depth=0 /C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com verify return:1 --- Certificate chain 0 s:/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- Server certificate -----BEGIN CERTIFICATE----- <cert removed> -----END CERTIFICATE----- subject=/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- No client certificate CA names sent --- SSL handshake has read 1563 bytes and written 435 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : RC4-SHA Session-ID: D65C4C6D52E183BF1E7543DA6D6A74EDD7D6E98EB7BD4D48450885188B127717 Session-ID-ctx: Master-Key: 253D4A3477FDED5FD1353D16C1F65CFCBFD78276B6DA1A078F19A51E9F79F7DAB4C7C98E5B8F308FC89C777519C887E2 Key-Arg : None Start Time: 1303258052 Timeout : 300 (sec) Verify return code: 0 (ok) --- QUIT DONE How can I get curl to verify this cert using the --capath option?

    Read the article

  • How can I protect my save data from casual hacking?

    - by Danran
    What options are there for saving game data in a secure manner? I'm interested in solutions specifically tailored for C++. I'm looking for something that is fast and easy to use. I'm only concerned about storing simple information such as Which levels are and are not unlocked The user's score for each level I'm curious again to know what's out there to use, any good libraries to use that give me nice, secure game data files that the average player can't mess with. I just found this here which looks very nice, but it would be great to get some opinions on potential other libraries/options out there.

    Read the article

  • What's wrong with the following code ?

    - by dada
    #include <iostream> #include <string> using namespace std; int main(void) { string a; cin>>a; a.erase(a.end()-1); a.erase(a.begin()+1); string ge = "oae"; a.insert(a.begin()+1, ge); cout<<a<<endl; return 0; } It doesn't compile and i don't know why. Can you tell me what's wrong

    Read the article

  • London Nov-8: Desktop Virtualisation Seminar

    - by mprove
    >> Simplify Application and Data Access with Oracle Desktop VirtualisationMany companies claim they’ll handle your application access needs, and yet only Oracle can provide you with every component needed for secure and reliable access to Oracle Applications and other enterprise software from a variety of devices. This means you can design your deployment knowing that all of the pieces work together, from applications and virtualisation to servers and storage systems.Join us to learn how Oracle desktop virtualisation helps you get the most from your valuable IT resources. Topics we’ll cover and demonstrate in this productive half-day event include: How to provide secure access to applications and data from nearly anywhere on a wide range of devices Use cases for desktop virtualisation How desktop virtualisation can support a wider business transformation agenda Reasons to embrace employees using their own devices for work-related activities How virtualisation can extend the life of your PCs and other devices How desktop virtualisation can decrease your carbon footprint and IT costs << Register here for the free event

    Read the article

  • Install problem on UEFI, Windows 8 new desktop

    - by albuquerque mat
    I just bought an HP desktop, p6-2326s, which has windows 8 installed. I have tried booting a Ubuntu live disc but the machine won't boot it. When I bring up the UEFI boot menu it offers a selection of UEFI BOOT SOURCES, windows boot manager, dvd drive, IP4 Ethernet controller, or IP6 Ethernet controller. If I select the dvd drive with the CD in it I get the message "Secure boot violation, Invalid structure detected. Check secure boot policy in setup." With all other selections it just boots into windows. So where do I go from here?

    Read the article

  • Introducing Next-Generation Enterprise Auditing and Database Firewall Platform Webcast, 12/12/12

    - by Troy Kitch
    Join us, December 12 at 10am PT/1pm ET, to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition, this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. You will also hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments. Register for the webcast here.

    Read the article

  • Ultimate SFTP Component 2.0 Build 513 Released

    ComponentSoft is pround to announce that a new version of the SFTP component is released. It can be downloaded at: http://www.componentsoft.net/component/download/?name=UltimateSftpFor more details about the product, please visit: http://www.componentsoft.net/component/sftp.net/About Ultimate SFTP:The Ultimate SSH Secure File Transfer (SFTP) .NET Component offers a comprehensive interface for SFTP, enabling you to quickly and easily incorporate SSH Secure File Transfers in your applications,...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Struggling to "clear" a CGLayer -- can it even be done?

    - by Joe Blow
    So I'm doing this repetitively - making a CGLayer, doing some processing, and then releasing it. This happens a lot in real time -- so surely there is a lot of overhead in making a whole new CGLayer each time? Surely it would be better to just keep lair around, and start fresh each time? However, I do not know any way, at all, to "erase" or "start from blank" a CGLayer?? Can anyone help on this? There is a function CGContextBeginPath(cc) but it's confusing: it seems to only clear out "that" path, it does not erase all of the CGLayer back to a blank canvas. how to return a CGLayer to a blank canvas????? Does anyone know? CGLayerRef lair = CGLayerCreateWithContext( UIGraphicsGetCurrentContext(), CGSizeMake(1024,768), NULL); CGContextRef cc = CGLayerGetContext(ether); // various processing here CGContextAddPath(cc, somePath); // various processing here CGLayerRelease(lair); Any ideas?!

    Read the article

  • which one is the safe site to buy cheap wildstar gold?

    - by user50866
    Wsoplat.com is a professional online shop which provide the cheapest wildstar gold, the fastest delivery, the best 24/7 online service for the players. Secure Guarantee cheap wildstar gold offered by wsoplat.com are reliable sourced, safe and honored. Lowest Price We are constantly trying to offer the lowest prices on Wildstar Gold for our loyal customers. Covenient shopping procedure & secure delivery method We are very experienced in this business. Every order is processed both smoothly and efficiently. Friendly Service and Instant Delivery Wsoplat 's delivery department work 24/7/365, We have professional and friendly customer service operators, they can help you buy wildstar gold, accounts, items and more. 5% discount code to buy WildStar gold in wsoplat - WSOPLAT http://www.wsoplat.com/

    Read the article

  • Critical Patch Update for October 2013 Now Available

    - by LuciaC
    The  Critical Patch Update (CPU) for October 2013 was released on October 15, 2013.  Oracle strongly recommends applying the patches as soon as possible.The Critical Patch Update Advisory is the starting point for relevant information.  It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents. E-Business Suite Releases 11i and 12 Reference: Oracle E-Business Suite Releases 11i and 12 Critical Patch Update Knowledge Document (October 2013) (Doc ID 1585639.1) Secure Configuration Guide for Oracle E-Business Suite Release 12 (Doc ID 403537.1) Secure Configuration Guide for Oracle E-Business Suite Release 11i (Doc ID 189367.1)

    Read the article

  • Access violation C++ (Deleting items in a vector)

    - by Gio Borje
    I'm trying to remove non-matching results from a memory scanner I'm writing in C++ as practice. When the memory is initially scanned, all results are stored into the _results vector. Later, the _results are scanned again and should erase items that no longer match. The error: Unhandled exception at 0x004016f4 in .exe: 0xC0000005: Access violation reading location 0x0090c000. // Receives data DWORD buffer; for (vector<memblock>::iterator it = MemoryScanner::_results.begin(); it != MemoryScanner::_results.end(); ++it) { // Reads data from an area of memory into buffer ReadProcessMemory(MemoryScanner::_hProc, (LPVOID)(*it).address, &buffer, sizeof(buffer), NULL); if (value != buffer) { MemoryScanner::_results.erase(it); // where the program breaks } }

    Read the article

  • Extra line breaks inserted in MrEd text%

    - by Jesse Millikan
    In a DrScheme project, I'm using a MrEd editor-canvas% with text% and inserting a string from a literal in a Scheme file. This results in an extra blank line in the editor for each line of text I'm trying to insert. Is this a Windows vs. Unix linebreak problem? I can't find anything about text% treats line breaks in the documentation. ; Inside a class definition: (define/public (edit-pattern p j b d h) (send input-beat set-value (number->string b)) (send input-dwell set-value (number->string d)) (send hold-beats set-value (number->string h)) (send juggler-t erase) ; Why do these add extra newlines (send juggler-t insert j) (send pattern-t erase) (send pattern-t insert p)) (define juggler-ec (new editor-canvas% [parent this] [line-count 12])) (define juggler-t (new text%)) (send juggler-ec set-editor juggler-t) (define pattern-ec (new editor-canvas% [parent this] [line-count 20])) (define pattern-t (new text%)) (send pattern-ec set-editor pattern-t) ; Lots of other stuff...

    Read the article

  • Internal but no external Citrix Access?

    - by leeand00
    We recently had to reload our configuration of Citrix on our server Server1, and since we have, we can access Citrix internally, but not externally. Normally we access Citrix from http://remote.xyz.org/Citrix/XenApp but since the configuration was reloaded we are met with a Service Unavailable message. Internally accessing the Citrix web application from http://localhost/Citrix/XenApp/ on Server1 we are able to access the web application. And also from machines on our local network using http://Server1/Citrix/XenApp/. I have gone into the Citrix Access Management Console and from the tree pane on the left clicked on Citrix Access Management Console->Citrix Resources->Configuration Tools->Web Interface->http://remote.xyz.org/Citrix/PNAgent Citrix Access Management Console->Citrix Resources->Configuration Tools->Web Interface->http://remote.xyz.org/Citrix/XenApp, which in both cases displays a screen that reads Secure client access. Here it offers me several options: Direct, Alternate, Translated, Gateway Direct, Gateway Alternate, Gateway Translated. I know that I can change the method of use by clicking Manage secure client access->Edit secure client access settings which opens a window that reads "Specify Access Methods", and below that reads "Specify details of the DMZ settings, including IP address, mask, and associated access method", I don't know what the original settings were, and I also don't know how our DMZ is configured so that I can specify the correct settings, to give access to our external users on the http://remote.xyz.org/Citrix/XenApp site. We have a vendor who setup our DMZ and does not allow us access to the gateway to see these settings. What sorts of questions should I ask them to restore remote access?

    Read the article

< Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >