Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 40/170 | < Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >

  • Programmatically adding a trusted cert in Java

    - by directedition
    I use SSL to communicate between two components written in Java. I can't use a CA, so I have to self-sign everything. Unfortunately, this means that when I try to handshake, I get a SunCertPathBuilderException. I can create my own X509TrustManager that just trusts everything, but that sort of defeats the purpose of having a signed cert. I would like, when first making the connection, to prompt the user with "SSL handshake with invalid cert. Add cert to store?" or something so they could have it added for them to their certificate store, like web browsers do at sites with invalid certs. I can find plenty of examples online of adding a cert to the store through the commandline, but I can't figure out how to do it programmatically. Is there a way to do this?

    Read the article

  • Rabbitmq 2.2 not working on Snow Leopard (SSL errors)

    - by ebeland
    When I start rabbitmq, I see the following message. I have Activating RabbitMQ plugins ... WARNING Undefined function crypto:des3_cbc_decrypt/5 WARNING Undefined function crypto:start/0 WARNING Undefined function ssl:close/1 WARNING Undefined function ssl:controlling_process/2 WARNING Undefined function ssl:peercert/1 WARNING Undefined function ssl:peername/1 WARNING Undefined function ssl:recv/3 WARNING Undefined function ssl:send/2 WARNING Undefined function ssl:sockname/1 WARNING Undefined function ssl:ssl_accept/3 0 plugins activated: I followed the advice here to install openssl and recompile erlang with a --with-ssl path set: http://old.nabble.com/2.1.1%3A-no-such-file-or-directory-crypto.app-message-prevents-broker-from-starting-td30011026.html When I recompiled erlang, I used the following .configure: ./configure \ --prefix=/usr/local/erlang/R13B04 \ --enable-smp-support \ --enable-threads \ --enable-darwin-64bit \ --with-ssl=/usr/include/openssl It compiled fine. Then, just in case, I reinstalled rabbit from macports. I still get the error. Am I using the wrong path for --with-ssl? Help?

    Read the article

  • How do I force SSL for some URLs and force non-SSL for all others?

    - by brad
    I'd like to ensure that certain URLs on my site are always accessed via HTTPS while all other URLs are accessed via HTTP. I can get either case working in my .htaccess file, however if I enable both, then I get infinite redirects. My .htaccess file is: <IfModule mod_expires.c> # turn off the module for this directory ExpiresActive off </IfModule> Options +FollowSymLinks AddHandler application/x-httpd-php .csv RewriteEngine On RewriteRule ^/?registration(.*)$ /register$1 [R=301,L] # Force SSL for certain URL's RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} (login|register|account) RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # Force non-SSL for certain URL's RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !(login|register|account) RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # Force files ending in X to use same protocol as initial request RewriteRule \.(gif|jpg|jpeg|jpe|png|ico|css|js)$ - [S=1] # Use index.php as the controller RewriteCond %{REQUEST_URI} !\.(exe|css|js|jpe?g|gif|png|pdf|doc|txt|rtf|xls|swf|htc|ico)$ [NC] RewriteCond %{REQUEST_URI} !^(/js.*)$ RewriteRule ^(.*)$ index.php [NC,L]

    Read the article

  • SSL in overlay window for login

    - by Sourabh
    HI I have to implement login over SSL in my website. for example cloginForm - this is the form https://www.myweb.com/loginProcess - this is the action which process the form -authenticates user. I am able to do this with usual web form but the problem is the overlay dialog box for login for example if I am on my website home page http://www.myweb.com - notice http and I click a login link there , it shows a small html div with login form (like a litebox).now ,as I am on a non SSL page (http) the data which I post does not get encrypted,and posted to the process action. How do I get around with this so that my overly login also becomes secure. thanks for your help in advance. :)

    Read the article

  • Security & Authentication: SSL vs SASL

    - by 4herpsand7derpsago
    My understanding is that SSL combines an encryption algorithm (like AES, DES, etc.) with akey exchange method (like Diffier-Hellman) to provide secure encryption and identification services between two endpoints on an un-secure network (like the Internet). My understanding is that SASL is an MD5/Kerberos protocol that pretty much does the same thing. So my question: what are the pros/cons to choosing both and what scenarios make both more preferable? Basically, I'm looking for a guidelines to follow when choosing SSL or to go with SASL instead. Thanks in advance!

    Read the article

  • dovecot main process terminated with status 89

    - by G. He
    I'm trying to configure dovecot/imap to run without SSL. I set ssl = no in 10-ssl.conf in /etc/dovecot/conf.d. However, with this setting, dovecot dies right away when it is started. I checked the log file and found the following: dovecot main process (4895) terminated with status 89 What does it mean? Is there a way for dovecot to run without ssl? The reason I do NOT want ssl is that my outlook complains the certificate cannot be verified. It is really annoying. And I only run the server on a very small lan and don't need that extra security.

    Read the article

  • Self signed Certificate Based Authentication

    - by Tadi Vijay Kumar
    Hi All.. I have started a project based on Client server communication in java. What i'm doing is client and server have their own self signed certificates. In initial communication both client and server will exchange their certificates. Server has to verify clients certificate and should grant authentication. Where i struck was on what topic server can validate or invalidate a particular client..? I am unable to proceed from here. So please any of you can give brief explanation about it? if possible some Pseudocode in java..?

    Read the article

  • Paypal development. encrypt transactions. php p12

    - by ninchen
    when i take a look at the paypal documentation, they say "Note that the PayPal SDK for PHP does not require SSL encryption". https://developer.paypal.com/docs/classic/api/apiCredentials/#encrypting-your-certificate Is the statement of this phrase, that i don't have to create a p12 certificate when working with php, but use the public_key.pem and paypal_public_key.pem? If yes: Is it secure enough to create the encrypted form input elements without p12 certificate? If no: What do they mean? :-) Before this question came up, i've tested this little programm. http://www.softarea51.com/blog/how-to-integrate-your-custom-shopping-cart-with-paypal-website-payments-standard-using-php/ There is a config file paypal-wps-config.inc.php where i can define the paths to my certificates. // tryed to use // 'paypal_cert.p12 '; $config['private_key_path'] = '/home/folder/.cert/pp/prvkey.pem'; // must match the one you set when you created the private key $config['private_key_password'] = ''; //'my_password'; When i try to use the p12 certificate, openssl_error_string() returns "Could not sign data: error:0906D06C:PEM routines:PEM_read_bio:no start line openssl_pkcs7_sign When i instead use the prvkey.pem without password all works fine. Here is the function, which signs and encrypt the data. function signAndEncrypt($dataStr_, $ewpCertPath_, $ewpPrivateKeyPath_, $ewpPrivateKeyPwd_, $paypalCertPath_) { $dataStrFile = realpath(tempnam('/tmp', 'pp_')); $fd = fopen($dataStrFile, 'w'); if(!$fd) { $error = "Could not open temporary file $dataStrFile."; return array("status" => false, "error_msg" => $error, "error_no" => 0); } fwrite($fd, $dataStr_); fclose($fd); $signedDataFile = realpath(tempnam('/tmp', 'pp_')); **// here the error came from** if(!@openssl_pkcs7_sign( $dataStrFile, $signedDataFile, "file://$ewpCertPath_", array("file://$ewpPrivateKeyPath_", $ewpPrivateKeyPwd_), array(), PKCS7_BINARY)) { unlink($dataStrFile); unlink($signedDataFile); $error = "Could not sign data: ".openssl_error_string(); return array("status" => false, "error_msg" => $error, "error_no" => 0); } unlink($dataStrFile); $signedData = file_get_contents($signedDataFile); $signedDataArray = explode("\n\n", $signedData); $signedData = $signedDataArray[1]; $signedData = base64_decode($signedData); unlink($signedDataFile); $decodedSignedDataFile = realpath(tempnam('/tmp', 'pp_')); $fd = fopen($decodedSignedDataFile, 'w'); if(!$fd) { $error = "Could not open temporary file $decodedSignedDataFile."; return array("status" => false, "error_msg" => $error, "error_no" => 0); } fwrite($fd, $signedData); fclose($fd); $encryptedDataFile = realpath(tempnam('/tmp', 'pp_')); if(!@openssl_pkcs7_encrypt( $decodedSignedDataFile, $encryptedDataFile, file_get_contents($paypalCertPath_), array(), PKCS7_BINARY)) { unlink($decodedSignedDataFile); unlink($encryptedDataFile); $error = "Could not encrypt data: ".openssl_error_string(); return array("status" => false, "error_msg" => $error, "error_no" => 0); } unlink($decodedSignedDataFile); $encryptedData = file_get_contents($encryptedDataFile); if(!$encryptedData) { $error = "Encryption and signature of data failed."; return array("status" => false, "error_msg" => $error, "error_no" => 0); } unlink($encryptedDataFile); $encryptedDataArray = explode("\n\n", $encryptedData); $encryptedData = trim(str_replace("\n", '', $encryptedDataArray[1])); return array("status" => true, "encryptedData" => $encryptedData); } // signAndEncrypt } // PPCrypto The main questions: 1. Is it possible to use p12 cert with php, or is it secure enough to work without it? 2. Why i become an error when using openssl_pkcs7_sign Please help. Greetings ninchen

    Read the article

  • JEP 124: Enhance the Certificate Revocation-Checking API

    - by smullan
    Revocation checking is the mechanism to determine the revocation status of a certificate. If it is revoked, it is considered invalid and should not be used. Currently as of JDK 7, the PKIX implementation of java.security.cert.CertPathValidator  includes a revocation checking implementation that supports both OCSP and CRLs, the two main methods of checking revocation. However, there are very few options that allow you to configure the behavior. You can always implement your own revocation checker, but that's a lot of work. JEP 124 (Enhance the Certificate Revocation-Checking API) is one of the 11 new security features in JDK 8. This feature enhances the java.security.cert API to support various revocation settings such as best-effort checking, end-entity certificate checking, and mechanism-specific options and parameters. Let's describe each of these in more detail and show some examples. The features are provided through a new class named PKIXRevocationChecker. A PKIXRevocationChecker instance is returned by a PKIX CertPathValidator as follows: CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); PKIXRevocationChecker prc = (PKIXRevocationChecker)cpv.getRevocationChecker(); You can now set various revocation options by calling different methods of the returned PKIXRevocationChecker object. For example, the best-effort option (called soft-fail) allows the revocation check to succeed if the status cannot be obtained due to a network connection failure or an overloaded server. It is enabled as follows: prc.setOptions(Enum.setOf(Option.SOFT_FAIL)); When the SOFT_FAIL option is specified, you can still obtain any exceptions that may have been thrown due to network issues. This can be useful if you want to log this information or treat it as a warning. You can obtain these exceptions by calling the getSoftFailExceptions method: List<CertPathValidatorException> exceptions = prc.getSoftFailExceptions(); Another new option called ONLY_END_ENTITY allows you to only check the revocation status of the end-entity certificate. This can improve performance, but you should be careful using this option, as the revocation status of CA certificates will not be checked. To set more than one option, simply specify them together, for example: prc.setOptions(Enum.setOf(Option.SOFT_FAIL, Option.ONLY_END_ENTITY)); By default, PKIXRevocationChecker will try to check the revocation status of a certificate using OCSP first, and then CRLs as a fallback. However, you can switch the order using the PREFER_CRLS option, or disable the fallback altogether using the NO_FALLBACK option. For example, here is how you would only use CRLs to check the revocation status: prc.setOptions(Enum.setOf(Option.PREFER_CRLS, Option.NO_FALLBACK)); There are also a number of other useful methods which allow you to specify various options such as the OCSP responder URI, the trusted OCSP responder certificate, and OCSP request extensions. However, one of the most useful features is the ability to specify a cached OCSP response with the setOCSPResponse method. This can be quite useful if the OCSPResponse has already been obtained, for example in a protocol that uses OCSP stapling. After you have set all of your preferred options, you must add the PKIXRevocationChecker to your PKIXParameters object as one of your custom CertPathCheckers before you validate the certificate chain, as follows: PKIXParameters params = new PKIXParameters(keystore); params.addCertPathChecker(prc); CertPathValidatorResult result = cpv.validate(path, params); Early access binaries of JDK 8 can be downloaded from http://jdk8.java.net/download.html

    Read the article

  • Wildcard SSL common name - can it be called anything?

    - by Johnny Lamho
    I was just wondering if a wildcard SSL certificate necessarily needs to have a common name that contains the domain name of the sites that need the SSL certificate applied to. E.g for the following: domain name: testdomain.com subsites: www.testdomain.com mobile.testdomain.com mytestenvironment.testdomain.com Do i necessarily need my wildcard certificate to have a common name of *.testdomain.com?

    Read the article

  • How to add chain of certificate in spring ws client request

    - by hudi
    I have simply spring ws client which sending request to some url: @SuppressWarnings("unchecked") private JAXBElement<O> sendSyncSoapRequest(final JAXBElement<I> req, final String iszrUrl) { if (iszrUrl != null) { return (JAXBElement<O>) this.wsTemplate.marshalSendAndReceive(iszrUrl, req); } else { return (JAXBElement<O>) this.wsTemplate.marshalSendAndReceive(req); } } Now I need attach chain of certificate to the soap request. How should I do this ? Please help

    Read the article

  • Use of WebDAV to access OWA (exchange 2003) mails with Basic authentication and SSL

    - by Mayuresh
    I have got a working C# code for accessing OWA mails using WebDAV against a FBA enabled exchange 2003 (http://support.microsoft.com/kb/891748/en-us/) But my client's OWA (exchange 2003) has Basic authentication and SSL (i-e when I try to access the web mail link through browser I get a grey login box instead of a web page I can log into the mail box once I enter the correct details) But my same fails with a 401 error against this mailbox. I got the simple request working for the Basic authentication using – String usernamePassword = strUserName + ":" + strPassword; WebReq.Headers.Add("Authorization", "Basic " + Convert.ToBase64String(new ASCIIEncoding().GetBytes(usernamePassword))); But the subsequent WebDAV SEARCH request fails with 404 (resource not found) error. Can we use WebDAV against an exchange 2k3 with SSL and Basic authentication?

    Read the article

  • Communication between web applications, 1 SSL certificate, other has none

    - by Rickjaah
    This the situation: I have one webservice without SSL, which provides two pages for the other web application. When the user submits these pages, an XML file with private information is sent to the webservice. How can I provide the necessary privacy protection on the XML file? Is the one certificate good enough to give the appropriate security? I'm not sure about this one, and am in the preparation phase of a project... So need to know the involved work on this part...

    Read the article

  • Encryption By Certificate

    - by user1817240
    I am encrypting customer name in database at database level. While saving in database only first letter of customer name is saved and hence while decrypting only first letter is retrieved. The following code shows the test sp. ALTER PROCEDURE [dbo].[spc_test_insert] ( @sFIRST_NAME typ_encryptedtext, ) AS BEGIN DECLARE @sSENCRYPTION_KEY char(15) DECLARE @sCERTIFICATE char(22) SET @sSENCRYPTION_KEY='SymmetricKey1' SET @sCERTIFICATE='CustomerCertificate' OPEN SYMMETRIC KEY SymmetricKey1 DECRYPTION BY CERTIFICATE CustomerCertificate; INSERT INTO test_table ( FIRST_NAME, ) Values ( -- Add the Params to be Added... EncryptByKey(Key_GUID(@sSENCRYPTION_KEY),@sFIRST_NAME), ) CLOSE SYMMETRIC KEY SymmetricKey1 END encryption decryption working fine in normal insert but its not working in stored procedure.

    Read the article

  • Tomcat SSL Configuration

    - by bdares
    I received a SSL cert to use for a Tomcat 6.0 server, ready to use. I configured Tomcat to use it with the following in server.xml: <Connector port="8443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="C:\Tomcat 6.0\ssl\cert" keystorePass="*****" clientAuth="false" sslProtocol="TLS"/> I started Tomcat using the command prompt so I could see any error message as they happened. There were none. The results for accessing different URLS: http://localhost - normal page loads fine https://localhost - browser claims page cannot be found https://localhost:8443 - page cannot be found http://localhost:8443 - offers a certificate, after accepted redirects to https://localhost (I suspect the https:// urls initially offer the certificate which is automatically accepted by the browser, as it was issued by Verisign) How to fix? Edit: I've also tried port="443". Same result.

    Read the article

  • Test if Java trusts an SSL certificate

    - by Eric R. Rath
    My java web application uses the standard mail libraries to establish an IMAPS connection to a mail server under my control. The mail server used a valid SSL cert issued by a CA. When the cert expired, I renewed it from the same CA, and put the cert into use. But my web application wouldn't trust the new cert. We had never explicitly trusted the old cert, or managed any trust stores. I talked with someone from the CA, and we tracked it down to a difference in the intermediate certs between the old and new cert. The old one used multiple intermediates, including one tied to a root that must've been trusted by default by our version of Java. The new cert used only one intermediate cert, and it was tied to a root missing from our Java version's default trusted cert store. When we renew this cert again in the future, is there an easy way, given a new crt and intermediate crt file, test if Java will consider that cert valid? I didn't see anything in keytool that looked promising. A code solution is okay, but I'd prefer one based on the Java command-line tools.

    Read the article

  • Apache2 VirtualHost Configuration with SSL

    - by Peter
    Hello! I'm new here and I have a strange problem which needs to be solved. Previously I searched in the whole forum and I've read all of related questions but I didn't find solution to my question. We have two servers and a firewall computer. On the Server#1 there is an Apache 2.2 web server and it forwards the incoming traffic to the appropriate ports, to our subdomains by its virtual host configuration (Apache, Tomcat, IIS, Server#2 and so on). We recently bought an SSL certificate to protect one of our subdomain. I successfully installed and configured the certificate into the Apache and it works flawlessly within our local network. Our Kerio Winroute Firewall is configured to permit https traffic and it is translated to Server#1. But all of our subdomains are unavailable from outside (http & https too). Web browser shows "Failed to connect" message. Now, I enclose some parts from our httpd.conf and httpd-vhosts.conf file. httpd.conf ServerRoot "C:/Program Files/Apache Software Foundation/Apache2.2" Listen 80 ServerName dev.mydomain.hu:80 DocumentRoot "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs" LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-vhosts.conf <IfModule ssl_module> SSLMutex default SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLSessionCache none </IfModule> httpd-vhosts.conf NameVirtualHost *:80 NameVirtualHost *:443 Listen 443 <VirtualHost *:80> DocumentRoot "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs" ServerName localhost </VirtualHost> #-------EXCHANGE SERVER-------- <VirtualHost *:80> ServerName intra.mydomain.hu ProxyRequests Off ProxyVia On ProxyPass / http://myserver:8080/ ProxyPassReverse / http://myserver:8080/ <Proxy *:80> Order deny,allow Allow from all </Proxy> <Location /> Order allow,deny Allow from all </Location> ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/exchange.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/exchange_cust.log" common LogLevel info </VirtualHost> #--------FITNESSE SERVER------- <VirtualHost *:80> ServerName test.mydomain.hu ProxyRequests Off <Proxy *:80> Order deny,allow Allow from all </Proxy> ProxyPass / http://myserver:8004/ ProxyPassReverse / http://myserver:8004/ <Location /> AuthType Basic AuthName "FitNesse" AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/password" AuthGroupFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/pwgroup" require group Users Order allow,deny Allow from all </Location> ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/fitnesse.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/fitnesse_cust.log" common LogLevel info </VirtualHost> #----WIKI SERVER-----(SSL)- <VirtualHost *:80 *:443> ServerName wiki.mydomain.hu ServerAlias wiki.mydomain.hu SSLEngine On SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/cert/certificate.cer" SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/cert/wiki.itkodex.hu.key" ProxyRequests Off <Proxy *:80> Order deny,allow Allow from all </Proxy> ProxyPass / http://localhost:8000/ ProxyPassReverse / http://localhost:8000/ ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/wiki.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/wikicust.log" common LogLevel info </VirtualHost> Because this wiki is a JSPWIKI web application, runs on Apache Tomcat therefore there is no "DocumentRoot" parameter in the VirtualHost. Could anybody please help me, to solve this issue, or what should I modify in the configuration? Thanks in advance! Peter

    Read the article

  • JSF SSL Hazzard

    - by java beginner
    In my application it is required that only certain pages need to be secured using SSL so I configured it security-constraint> <display-name>Security Settings</display-name> <web-resource-collection> <web-resource-name>SSL Pages</web-resource-name> <description/> <url-pattern>/*.jsp</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <description>CONFIDENTIAL requires SSL</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> and added filter http://blogs.sun.com/jluehe/entry/how_to_downshift_from_https but only one hazard is there. I am using it with richFaces. Once it goes to HTTPS its not changing the page—I mean if I perform post action it doesn't actually happen. But if I do it from the local machine's browser it works perfectly, from a remote browser it stucks with HTTPS and not changing after that. Here is my web.xml's snap: <filter> <filter-name>MyFilter</filter-name> <filter-class>MyFilter</filter-class> <init-param> <param-name>httpPort</param-name> <param-value>8080</param-value> </init-param> </filter> <filter-mapping> <filter-name>MyFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <security-constraint> <web-resource-collection> <web-resource-name>Protected resource</web-resource-name> <url-pattern>somePattern</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> and some other filters of richfaces. Problem is strange. If I try to access the web app from local's machine's browser it works fine but in remote machine's browser once it get into HTTP, all the forms of that page aswell as href stops working.(JSF,facelet is used.)

    Read the article

  • SSL certificate on IIS 7

    - by comii
    I am trying to install a SSL certificate on IIS 7. I have download a free trial certificate. After that, this is the steps what I do: Click the Start menu and select Administrative Tools. Start Internet Services Manager and click the Server Name. In the center section, double click on the Server Certificates button in the Security section. From the Actions menu click Complete Certificate Request. Enter the location for the certificate file. Enter a Friendly name. Click OK. Under Sites select the site to be secured with the SSL certificate. From the Actions menu, click Bindings.This will open the Site Bindings window. In the Site Bindings window, click Add. This opens the Add Site Binding window. Select https from the Type menu. Set the port to 443. Select the SSL Certificate you just installed from the SSL Certificate menu. Click OK. This is the step where I get the message: One or more intermediate certificates in the certificate chain are missing. To resolve this issue, make sure that all of intermediate certificates are installed. For more information, see http://support.microsoft.com/kb/954755 After this, when I access the web site on its first page, I get this message: There is a problem with this website's security certificate. What am I doing wrong?

    Read the article

  • Objective-C SSL Synchronous Connection

    - by Mike
    Hello, I'm a little new to objective-C but have run across a problem that I can't solve, mostly because I'm not sure I am implementing the solution correctly. I am trying to connect using a Synchronous Connection to a https site with a self-signed certificate. I am getting the Error Domain=NSURLErrorDomain Code=-1202 "untrusted server certificate" Error that I have seen some solutions to on this forum. The solution i found was to add: - (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace { return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]; } (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; } to the NSURLDelegate to accept all certificates. When I connect to the site using just a: NSURLRequest *theRequest=[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://examplesite.com/"] cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval:60.0]; NSURLConnection *theConnection=[[NSURLConnection alloc] initWithRequest:theRequest delegate:self]; It works fine and I see the challenge being accepted. However when I try to connect using the synchronous connection I still get the error and I don't see the challenge functions being called when I put in logging. How can I get the synchronous connection to use the challenge methods? Is it something to do with the delegate:self part of the URLConnection? I also have logging for sending/receiving data within the NSURLDelegate that is called by my connection function but not by the synchronous function. What I am using for the synchronous part: NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL: [NSURL URLWithString:@"https://examplesite.com/"]]; [request setHTTPMethod: @"POST"]; [request setHTTPBody: [[NSString stringWithString:@"username=mike"] dataUsingEncoding: NSUTF8StringEncoding]]; dataReply = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error]; NSLog(@"%@", error); stringReply = [[NSString alloc] initWithData:dataReply encoding:NSUTF8StringEncoding]; NSLog(@"%@", stringReply); [stringReply release]; NSLog(@"Done"); Like I mentioned I'm a little new to objective C so be kind :) Thanks for any help. Mike

    Read the article

  • How to connect to a queue manager with ssl enabled server connection channel when authentication is

    - by Dr. Xray
    I am trying to write a java application connecting to server connection channel with SSL enabled. So far, I have been successfully connected to the channel by setting authentication to 'optional'. However, when I set it to be 'required', the connection fails. Here is what I did: Create key db for queue manager and keystore for the java client user. Create key/self-signed certificates for the queue manager and the client user, with names prefixed ibmwebspheremq. Export, exchange and import certificates for the queue manager and the client. (I did answered 'yes' when being asked whether I trust the queue manager cert). The location and password to the truststore and keystore are set to point to the same keystore at the client side, where the orgininal created client user key and the imported queue manager key are. With other settings being the same, if I switch back to 'optional' authentication, the connection works. I think there is something I understand incorrectly about this ssl authenticaion but cannot figure out what. Could someone kindly help me?

    Read the article

  • Self - hosted WCF server and SSL

    - by jitm
    Hello, There is self - hosted WCF server (Not IIS), and was generated certificates (on the Win Xp) using command line like makecert.exe -sr CurrentUser -ss My -a sha1 -n CN=SecureClient -sky exchange -pe makecert.exe -sr CurrentUser -ss My -a sha1 -n CN=SecureServer -sky exchange -pe These certificates was added to the server code like this: serviceCred.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "SecureServer"); serviceCred.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "SecureClient"); After all previous operation I created simple client to check SSL connection to the server. Client configuration: <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="BasicHttpBinding_IAdminContract" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Basic"/> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="https://myhost:8002/Admin" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IAdminContract" contract="Admin.IAdminContract" name="BasicHttpBinding_IAdminContract" /> </client> </system.serviceModel> </configuration> Code: Admin.AdminContractClient client = new AdminContractClient("BasicHttpBinding_IAdminContract"); client.ClientCredentials.UserName.UserName = "user"; client.ClientCredentials.UserName.Password = "pass"; var result = client.ExecuteMethod() During execution I receiving next error: The provided URI scheme 'https' is invalid; expected 'http'.\r\nParameter name: via Question: How to enable ssl for self-hosted server and where should I set - up certificates for client and server ? Thanks.

    Read the article

  • Emailing an excel sheet with SSL in Python

    - by jakecar
    Hi...this is my first post so let me know if there are any common courtesies I should know about. I just started programming 8 months ago, so I am fairly new. I have been doing some projects to get better. A project I'm working on now creates an Excel sheet from inputted data. It's in Python, which I just started learning a couple of weeks ago. I'm attempting to embed part of this Excel sheet into an email, sent from my school address. I have spent hours looking this up, and to no avail. There are two problems I am asking for help with: 1) I have figured out how to send an email from my GMail account, but not from my school address. My school email uses SSL port 465, which I have tried to use, but to no avail. Unfortunately, I have been having a problem setting up outgoing email for this account on my iPhone as well. It may be related? Does anyone know of common issues relating to outgoing email with SSL and Python? 2) Excel has an option of saving a sheet as a HTML. When doing so, I copy and pasted the HTML source and emailed it as an attachment. Unfortunately, the colored text did not transfer over. Does anyone know of a better way of using Python to send an excel sheet embedded in an email? Thanks for your help!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >