Search Results

Search found 3588 results on 144 pages for 'digital certificate'.

Page 44/144 | < Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51  | Next Page >

  • How to ignore expired certificates from outside a Java application?

    - by Creepy Gnome
    We have a Java application that we need to ignore an expired self-signed cert, however we cannot modify the code to do this. I wondering if there was a System Property or environment variable that we could provide at start up that would allow us to have all expired cert's ignored for now, or even be more specific and provide externally the specific cert that we would like to have the expiration ignored. Anyone have any ideas that would work?

    Read the article

  • Help to understand the issue with protected method

    - by zeroed
    I'm reading Sybex Complete Java 2 Certification Study Guide April 2005 (ISBN0782144195). This book is for java developers who wants to pass java certification. After a chapter about access modifiers (along with other modifiers) I found the following question (#17): True or false: If class Y extends class X, the two classes are in different packages, and class X has a protected method called abby(), then any instance of Y may call the abby() method of any other instance of Y. This question confused me a little. As far as I know you can call protected method on any variable of the same class (or subclasses). You cannot call it on variables, that higher in the hierarchy than you (e.g. interfaces that you implement). For example, you cannot clone any object just because you inherit it. But the questions says nothing about variable type, only about instance type. I was confused a little and answered "true". The answer in the book is False. An object that inherits a protected method from a superclass in a different package may call that method on itself but not on other instances of the same class. There is nothing here about variable type, only about instance type. This is very strange, I do not understand it. Can anybody explain what is going on here?

    Read the article

  • Setup SSL (self signed cert) with tomcat

    - by Danny
    I am mostly following this page: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html I used this command to create the keystore keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/tomcat6/keystore and answered the prompts Then i edited my server.xml file and uncommented/edited this line <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/etc/tomcat6/keystore" keystorePass="tomcat" /> then I go to the web.xml file for my project and add this into the file <security-constraint> <web-resource-collection> <web-resource-name>Security</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> When I try to run my webapp I am met with this: Unable to connect Firefox can't establish a connection to the server at localhost:8443. * The site could be temporarily unavailable or too busy. Try again in a few moments. * If you are unable to load any pages, check your computer's network connection. If I comment out the lines I've added to my web.xml file, the webapp works fine. My log file in /var/lib/tomcat6/logs says nothing. I can't figure out if this is a problem with my keystore file, my server.xml file or my web.xml file.... Any assistance is appreciated I am using tomcat 6 on ubuntu.

    Read the article

  • SSL HandShake on Java Client

    - by JKV
    I have a very basic doubt in SSL HandShake. Assume that we have a server S which uses self signed certificates. I write a Java client C which connects to the S. When C connects to S, C gets certificates from S and saves them to its truststore and the remaining part of the communication proceeds. After some time I use the same C to connect to the S, so will S send the certificates again to C, or C will use the certificates already stored in truststore. I am not good in SSL and underlying implementation of Truststore functionality in Java. Will S send the certificates to C invariable of whether the C has certificates on its truststore?? I believe that if I have certificates in truststore C trusts S and C will not ask for certificates when I connect again?? Is my assumption right?? Is the process same for self-signed certificates and CA certificates?? Thanks in advance.

    Read the article

  • How to become MCT

    - by Incognito
    Hi, Are there any MCTs here. Please let us know the path to it. I have done some research on it, but would be interesting to know that from first hands. Or may be someone also wants to pass for MCT can share some experience. I can see in requirements Meet MCT competency requirements for each course they deliver. Administer course evaluations to every student and maintain high customer-satisfaction scores. New MCTs must deliver at least one Microsoft course within their first year as an MCT. At various times during the program year. I am ok with the first point (MCPD Enterprise, planning for CopmTIA shortly), but includes the last 2 points? Do I need to find some training centers to have agreement with them or ... Thank you.

    Read the article

  • SSL with external static content server

    - by SirMoreno
    I have a .Net web application that for performance issues gets all the static data (CSS, Images, JS) from an external server that is on different location and different hosting company. I want to enable SSL on my site without the users getting a message: "Page contains both secure and insecure elements" Does this means I’ll have to get two SSL Certificates one for each server? If I want the users to continue getting the static content from the external server what other options do I have? Thanks.

    Read the article

  • are the A+ and MCSE courses worthwhile

    - by billy
    I'm new to this field and would like to acquire the knowledge necessary to work for myself, troubleshooting, repairs, setting up and maintaining networks for small businesses etc. Are the A+ and MCSE courses worth doing? I'm more interested in knowledge than certificates.

    Read the article

  • Sign application with several certificates

    - by tschiggerl
    Hi, From the signing documentation at http://developer.android.com/intl/zh-TW/guide/publishing/app-signing.html: When the system is installing an update to an application, if any of the certificates in the new version match any of the certificates in the old version, then the system allows the update. This indicates that an application can be signed with multiple certificates. This is an interesting option to allow multiple entities to sign an application. e.g: A system application which was initially signed by the device's manufacturer. Further updates could be signed by the developer. Am I misreading the documentation or is this really possible? If so, how? Is there any other way for an application to support different certificates and with that, having two or more entities sign it? Thanks, Rúben

    Read the article

  • SSL Not Working on other network

    - by Yan
    Hi I am running windows server 2003 standard and have installed the ssl cert for the company website . Attempting to access the website securely outside of our network the page does not load. Thanks in advance!

    Read the article

  • IIS7: How to bind SSL Certificate to Https Host Header?

    - by h3n
    I have the following Web Farm: 1. http: mydomain1.com port: 80 2. http: mydomain2.com port: 80 3. https: port: 443 SSL Certificate: myCertificate In II7 when you select https binding, the host name will be disabled. I used the appcmd to bind the host name "admin.mydomain2.com" to the website. appcmd set site /site.name:"admin" /+bindings.[protocol='https',bindingInformation='*:443:admin.mydomain2.com'] A new item was added to the bindings. 3. a. https: port: 443 SSL Certificate: myCertificate b. https: admin.mydomain2.com port:443 SSL Certificate: None If for example I want to remove the first item (a), is it possible to assign a certificate to the second binding (b)?

    Read the article

  • Multiple certs with one private key on apache?

    - by tenbatsu
    Really fundamental question here, but nothing a quick google search is lending itself to. Do I need to generate a separate private key for each cert I use in apache? Server details: % /usr/sbin/httpd -v Server version: Apache/2.2.8 (Unix) Server built: Jan 24 2008 10:44:19 % uname -a Linux *.com 2.6.23.15-80.fc7 #1 SMP Sun Feb 10 17:29:10 EST 2008 i686 i686 i386 GNU/Linux % cat /proc/versionversion 2.6.23.15-80.fc7 ([email protected]) (gcc version 4.1.2 20070925 (Red Hat 4.1.2-27)) #1 SMP Sun Feb 10 17:29:10 EST 2008

    Read the article

  • Adding my own signing certificate to the UAC exclusion list?

    - by Roger Lipscombe
    On Windows 7, applications signed by "Microsoft Windows Publisher" don't prompt for elevation when UAC is turned on. Is there any way that I can add my own code-signing certificate to the UAC exclusions list, to get the same behaviour? I've got a couple of utilities that I always want to run elevated, so if I could sign them myself and install my self-signed CA certificate somewhere, and then bypass the UAC prompt, that'd save me time every morning when I log in.

    Read the article

  • Heads-Up! VeriSign Code Signing (Microsoft Authenticode) Certificates $99.00

    - by Edward Boyle
    Recently I posted an article about my Code Signing certificate from GoDaddy. I went with GoDaddy because it is an accepted certificate that should bring no problems; I would have preferred a VeriSign certificate but could not justify the extra $400.00 for the brand considering it truly was not required to meet my needs. I have been around since the day where VeriSign was really the only certificate (SSL) you could get unless you went with the then rogue South African company Thawte, since acquired by VeriSign. Today, I feel out of the loop – very out of the loop. I went to check into Windows Logo requirements, this leads me to this page, that then leads me to this page where I click on the “Digital Certificate’s” Link that leads to this page: So just a heads-up, $99.00 Code Signing Certificate from VeriSign!

    Read the article

  • How to properly deny Railo directory access through Apache

    - by Sn3akyP3t3
    I've been battle tested on this and failed to achieve my goal which is to deny all access to all directories except the Public directory and only allow access to all all other directories with specific IP addresses. To get Railo+Apache+Tomcat installed I pretty much followed this script: https://github.com/talltroym/Railo-Ubuntu-Installer-Script then verified settings with this tutorial: http://blog.nictunney.com/2012/03/railo-tomcat-and-apache-on-amazon-ec2.html From the installation script these mods are enabled: sudo a2enmod ssl sudo a2enmod proxy sudo a2enmod proxy_http sudo a2enmod rewrite sudo a2ensite default-ssl Outside of the script I copied the sites-available to sites-enabled then reloaded Apache. I have a directory created for Railo cmfl located at /var/www/Railo/ Navigating the browser to http ://Server_IP_Address/Railo forces ssl and relocates to https ://Server_IP_Address/Railo which shows off index.cfm. Not providing index.cfm and omitting https indicates that the DirectoryIndex directive and RewriteCond of Apache appears to be working for the sites-enabled VirtualHost. The problem I'm encountering is that I cannot seem to deny access to all directories except Public. My directory structure is rather simple and looks like this: Railo error Public NotPublic Sandbox These are my sites-enabled configurations: <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www #Default Deny All to prevent walking backwards in file system Alias /Railo/ "/var/www/Railo/" <Directory ~ ".*/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html index.cfc RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] </VirtualHost> and <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /var/www Alias /Railo/ "/var/www/Railo/" <Directory ~ "/var/www/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath /etc/apache2/ssl.crl/ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth 10 # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details. #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: # The safe and default but still SSL/TLS standard compliant shutdown # approach is that mod_ssl sends the close notify alert but doesn't wait for # the close notify alert from client. When you need a different shutdown # approach you can use one of the following variables: # o ssl-unclean-shutdown: # This forces an unclean shutdown when the connection is closed, i.e. no # SSL close notify alert is send or allowed to received. This violates # the SSL/TLS standard but is needed for some brain-dead browsers. Use # this when you receive I/O errors because of the standard approach where # mod_ssl sends the close notify alert. # o ssl-accurate-shutdown: # This forces an accurate shutdown when the connection is closed, i.e. a # SSL close notify alert is send and mod_ssl waits for the close notify # alert of the client. This is 100% SSL/TLS standard compliant, but in # practice often causes hanging connections with brain-dead browsers. Use # this only for browsers where you know that their SSL implementation # works correctly. # Notice: Most problems of broken clients are also related to the HTTP # keep-alive facility, so you usually additionally want to disable # keep-alive for those clients, too. Use variable "nokeepalive" for this. # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html #Proxy .cfm and cfc requests to Railo ProxyPassMatch ^/(.+.cf[cm])(/.*)?$ http://127.0.0.1:8888/$1 ProxyPassReverse / http://127.0.0.1:8888/ #Deny access to admin except for local clients <Location /railo-context/admin/> Order deny,allow Deny from all # Allow from <Omitted> # Allow from <Omitted> Allow from 127.0.0.1 </Location> </VirtualHost> </IfModule> The apache2.conf includes the following: # Include the virtual host configurations: Include sites-enabled/ <IfModule !mod_jk.c> LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so </IfModule> <IfModule mod_jk.c> JkMount /*.cfm ajp13 JkMount /*.cfc ajp13 JkMount /*.do ajp13 JkMount /*.jsp ajp13 JkMount /*.cfchart ajp13 JkMount /*.cfm/* ajp13 JkMount /*.cfml/* ajp13 # Flex Gateway Mappings # JkMount /flex2gateway/* ajp13 # JkMount /flashservices/gateway/* ajp13 # JkMount /messagebroker/* ajp13 JkMountCopy all JkLogFile /var/log/apache2/mod_jk.log </IfModule> I believe I understand most of this except the jk_module inclusion which I've noticed has an error that shows up in the logs that I can't sort out: [warn] No JkShmFile defined in httpd.conf. Using default /etc/apache2/logs/jk-runtime-status I've checked my Regular expression against the paths of the directories with RegexBuddy just to be sure that I wasn't correct. The problem doesn't appear to be Regex related although I may have something incorrect in the Directory directive. The Location directive seems to be working correctly for blocking out Railo admin site access.

    Read the article

< Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51  | Next Page >