Search Results

Search found 3358 results on 135 pages for 'ssl'.

Page 44/135 | < Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51  | Next Page >

  • Client authentication with RubyLDAP ldap

    - by Marcelo de Moraes Serpa
    Hello all, I'm trying to implement a feature that uses LDAP over SSL (SSL, not TLS), it needs to connect to a SSL-enabled LDAP server (i.e OpenLDAP), bind and then do any additional queries. It also needs to support client-authentication, and this is where things get tricky: The client is a web application written in Ruby, and we are using RubyLDAP (so far we have used it for non-SSL ldap stuff with great success). My question is: Is there a way to load a client certificate and send its data over the wire to the LDAP server when doing a LDAP::SSLConn? I haven't found anything obvious on the API docs (http://ruby-ldap.sourceforge.net/rdoc/) nor while googling around. I know I that I can prevent the server from asking for a certificate by putting the following on slapd.conf (OpenLDAP): TLSVerifyClient never However, this is not an option here. Thanks, Marcelo.

    Read the article

  • authorizet.net local testing and ssl certificate

    - by Funky Dude
    hi i am integrating authorize.net AIM api into my shopping cart. i have a developer account from auth.net and i am working locally. when i do auth.net api call, i get SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed i assume it's because i dont have ssl on my local machine. how do i get over this so i can test on my local machine? thank you

    Read the article

  • Wildcard SSL and Apache configuration

    - by Nitai
    Hi all, I'm pulling my hard on this configuration, which probably is simply. I have a wildcard ssl certificate which is working. I have the website setup to run on domain.com under SSL. Now, I'm in need to run many subdomains (*.domain.com) on the same server with the same SSL certificate. Shouldn't be that hard, right? Well, I can't get it going. Point is, that the first config is another Tomcat server that serves another site and listens to domain.com and www.domain.com. The other config listens to *.domain.com and pulls the content from another Tomcat server. I already tried this whole setup with mod_rewrite, but simply don't see what I'm doing wrong. Any help very much appreciated. Here is my conf in Apache 2.2: <VirtualHost *:443> SSLEngine on SSLCertificateFile ... SSLCertificateKeyFile ... SSLCertificateChainFile ... ServerName domain.com ServerAlias www.domain.com ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On ProxyPass / ajp://localhost:8010/ ProxyPassReverse / ajp://localhost:8010/ </VirtualHost> <VirtualHost *:443> SSLEngine on SSLCertificateFile ... SSLCertificateKeyFile ... SSLCertificateChainFile ... ServerName domain.com ServerAlias *.domain.com ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On ProxyPass / ajp://localhost:8009/ ProxyPassReverse / ajp://localhost:8009/ </VirtualHost> Thanks.

    Read the article

  • iphone: is there any secure way to establish 2-way SSL from an application

    - by pmilosev
    Hi I need to establish a HTTPS 2-way SSL connection from my iPhone application to the customer's server. However I don't see any secure way to deliver the client side certificates to the application (it's an e-banking app, so security is really an issue). From what I have found so far the only way that the app would be able to access the certificate is to provide it pre-bundeled with the application itself, or expose an URL from which it could be fetched (http://stackoverflow.com/questions/2037172/iphone-app-with-ssl-client-certs). The thing is that neither of this two ways prevent some third party to get the certificate, which if accepted as a risk eliminates the need for 2-way SSL (since anyone can have the client certificate). The whole security protocol should look like this: - HTTPS 2-way SSL to authenticate the application - OTP (token) based user registration (client side key pair generated at this step) - SOAP / WSS XML-Signature (requests signed by the keys generated earlier) Any idea on how to establish the first layer of security (HTTPS) ? regards

    Read the article

  • Debug HTTPS errors

    - by Murkin
    Hello everyone, When accessing my site, the SSL session is successful while the page loads. A few seconds after the page loaded FireFox shows that SSL is no longer available. I am guessing its some script (all I have is Google Analytics and Facebook). How can I see what caused FireFox (or IE/Chrome) to drop the SSL and why ?

    Read the article

  • Running HTTP and HTTPS connections for a single domain (say, www.example.com) through a Cisco ACE SS

    - by Paddu
    My web application config has a Cisco ACE load balancing across a server farm and I want to use the ACE as an SSL endpoint as well. To make this work, the network architect has come up with a design where all secure pages have to be served from secure.my-domain.com, while non-secure pages are served up from www.my-domain.com. The reason for this is apparently that the configuring the Cisco ACE to accept HTTPS requests on port 443 for a particular public IP prevents the simultaneous acceptance of HTTP requests on port 80 for the same IP. While I'm not a networking (or Cisco) expert, this seems to be intuitively wrong, as it would prevent any website using the Cisco ACE to serve pages on http://www.my-domain.com and https://www.my-domain.com simultaneously. In this situation, my questions are: Is this truly a limitation of the Cisco ACE when used as an SSL endpoint? If not, then can I assume that we can set up the ACE to accept connections for a particular IP on ports 80 and 443, and function as an SSL endpoint for the incoming requests on 443? Links to appropriate documentation most welcome here. Assuming the setup in the previous question, can I then redirect both sets of requests to the same server farm on the same port?

    Read the article

  • How do I Install Intermediate Certificates (in AWS)?

    - by getmizanur
    I have installed private key (pem encoded) and public key certificate (pem encoded) on Amazon Load Balancer. However, when I check the SSL with site test tool, I get the following error: Error while checking the SSL Certificate!! Unable to get the local issuer of the certificate. The issuer of a locally looked up certificate could not be found. Normally this indicates that not all intermediate certificates are installed on the server. I converted crt file to pem using these commands from this tutorial: openssl x509 -in input.crt -out input.der -outform DER openssl x509 -in input.der -inform DER -out output.pem -outform PEM During setup of Amazon Load Balancer, the only option I left out was certificate chain. (pem encoded) However, this was optional. Could this be cause of my issue? And if so; How do I create certificate chain? UPDATE If you make request to VeriSign they will give you a certificate chain. This chain includes public crt, intermediate crt and root crt. Make sure to remove the public crt from your certificate chain (which is the top most certificate) before adding it to your certification chain box of your Amazon Load Balancer. If you are making HTTPS requests from an Android app, then above instruction may not work for older Android OS such as 2.1 and 2.2. To make it work on older Android OS: go here click on "retail ssl" tab and then click on "secure site" "CA Bundle for Apache Server" copy and past these intermediate certs into certificate chain box. just incase if you have not found it here is the direct link. If you are using geo trust certificates then the solution is much the same for Android devices, however, you need to copy and paste their intermediate certs for Android.

    Read the article

  • LDAP SSL connect problem

    - by juergen
    I set up a test domain for my LDAP SSL tests and it is not working. I am using Windows Server 2008 R2 SP 1. I came so far: 1. i generated and installed my self signed certificate on the test domain controller 2. on the server i can log into ldap over SSL with the MS ldp.exe tool. 3. using ldp.exe on a client that is no in this domain the login fails with error 0x51 = "failed to connect". (i don't have a client computer that is in this domain right now) 4. I testet the certificate by using it in the IIS on the test server and I can reach the default page of the test server over SSL. (from the client that is not in the domain) 5. analysing the traffic between client and server I can see that the server is sending a certificate to the client. why isn't this working on my client computer?

    Read the article

  • HAProxy crashes on all requests in 1.5-dev12

    - by Daniel Hough
    I'm having an issue where HAProxy is crashing with no explanation when I switch from 1.4.12 to 1.5-dev12. The reason I'm switching is for the SSL offloading. My config file doesn't have any errors, it's quite simple and it works well with 1.4 - but for some reason when I run it with 1.5-dev12 I see the logs noting that the two backends I have have been set up, and then when I hit one of the frontends, I get an HTTP 400 in the browser and suddenly HAProxy isn't running anymore when I check. I understand that a common workaround to the lack of SSL support for HAProxy is to use Stud, and I may go with that since I am in need of an SSL solution for my service, but before I dele into that world I thought I might see if anybody has experienced the same problems and might know how to fix it. The server is Ubuntu 10.04 and I followed the make instructions on the Exceliance blog here. EDIT: On the advice of Kyle Brandt, I did a bit more investigation. I attached gdb to the haproxy process and when the crash occurred this is what I got: Program received signal SIGSEGV, Segmentation fault. 0x0804e5c2 in dequeue_all_listeners (list=0x9e1a418) at src/protocols.c:184 184 list_for_each_entry_safe(listener, l_back, list, wait_queue) { P.S. HAProxy is awesome, so thank you Exceliance for providing us with something so useful :)

    Read the article

  • Is it bad to redirect http to https?

    - by jasondavis
    I just installed an SSL Certificate on my server. I use a web hosting panel called ZPanel that is an open source project. It then set up a redirect for all traffic on my domain on Port 80 to redirect it to Port 443. In other words, all my http://example.com traffic is now redirected to the appropriate https://example.com version of the page. The redirect is done in my Apache Virtual Hosts file with something like this... RewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] My question is, are there any drawbacks to using SSL? Since this is not a 301 Redirect, will I lose link juice/ranking in search engines by switching to https? I appreciate the help. I have always wanted to set up SSL on a server, just for the practice of doing it, and I finally decided to do it tonight. It seems to be working well so far, but I am not sure if it's a good idea to use this on every page. My site is not eCommerce and doesn't handle sensitive data; it's mainly for looks and the thrill of installing it for learning. UPDATED ISSUE Strangely Bing creates this screenshot from my site now that it is using HTTPS everywhere...

    Read the article

  • Invisible Apache redirect

    - by Guilhem Soulas
    I would like subdomain.mydomain.com to invisibly redirect to https://[myServerIP]:2083. (There is an SSL issue here). So far I managed to do it, but the redirection is visible and I don't want it: RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^subdomain.\.mydomain\.com$ RewriteRule ^ https://[myServerIP]:2083/ Would it be a way to achieve the same redirection while maintaining permanently my beautiful "subdomain.mydomain.com" in the address bar? EDIT with the ProxyPass directive: I tried some variations with ProxyPass but it will still change the URL in the address bar: ServerName subdomain.mydomain.com <Location /> ProxyPass https://[myServerIP]:2083/ ProxyPassReverse https://[myServerIP]:2083/ </Location> RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^subdomain\.mydomain\.com$ RewriteRule ^ https://[myServerIP]:2083/ EDIT2: It still doesn't work: #non SSL ServerName subdomain.mydomain.com #SSL! <Location /> ProxyPass https://[myServerIP]:2083/ ProxyPassReverse https://[myServerIP]:2083/ </Location> EDIT3: It now works using the SSLProxyEngine directive: SSLProxyEngine on ServerName subdomain.mydomain.com <Location /> ProxyPass https://[myServerIP]:2083/ ProxyPassReverse https://[myServerIP]:2083/ </Location> I can now access my login interface (cPanel). However, once I'm logged in it doesn't redirect to the next page subdomain.mydomain.com/cpsess5850710203/.

    Read the article

  • How to turn off SSL on heroku

    - by rockyroadster555
    I'm redirecting a domain to Heroku using a cname. Currently Its working but is giving me an ssl error. Is there a way to turn off ssl on heroku? Heres the SSL Error This is probably not the site you are looking for! You attempted to reach app.grewpr.com, but instead you actually reached a server i identifying itself as *.herokuapp.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of app.grewpr.com. You should not proceed, especially if you have never seen this warning before for this site. When I try to go to http://pure-chamber-1979.herokuapp.com/ it automatically redirects me to the ssl version. Is there a way to turn this off?

    Read the article

  • HttpWebRequest and Ignoring SSL Certificate Errors

    - by Rick Strahl
    Man I can't believe this. I'm still mucking around with OFX servers and it drives me absolutely crazy how some these servers are just so unbelievably misconfigured. I've recently hit three different 3 major brokerages which fail HTTP validation with bad or corrupt certificates at least according to the .NET WebRequest class. What's somewhat odd here though is that WinInet seems to find no issue with these servers - it's only .NET's Http client that's ultra finicky. So the question then becomes how do you tell HttpWebRequest to ignore certificate errors? In WinInet there used to be a host of flags to do this, but it's not quite so easy with WebRequest. Basically you need to configure the CertificatePolicy on the ServicePointManager by creating a custom policy. Not exactly trivial. Here's the code to hook it up: public bool CreateWebRequestObject(string Url) {    try     {        this.WebRequest =  (HttpWebRequest) System.Net.WebRequest.Create(Url);         if (this.IgnoreCertificateErrors)            ServicePointManager.CertificatePolicy = delegate { return true; };}One thing to watch out for is that this an application global setting. There's one global ServicePointManager and once you set this value any subsequent requests will inherit this policy as well, which may or may not be what you want. So it's probably a good idea to set the policy when the app starts and leave it be - otherwise you may run into odd behavior in some situations especially in multi-thread situations.Another way to deal with this is in you application .config file. Normal 0 false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} <configuration>   <system.net>     <settings>       <servicePointManager           checkCertificateName="false"           checkCertificateRevocationList="false"                />     </settings>   </system.net> </configuration> This seems to work most of the time, although I've seen some situations where it doesn't, but where the code implementation works which is frustrating. The .config settings aren't as inclusive as the programmatic code that can ignore any and all cert errors - shrug. Anyway, the code approach got me past the stopper issue. It still amazes me that theses OFX servers even require this. After all this is financial data we're talking about here. The last thing I want to do is disable extra checks on the certificates. Well I guess I shouldn't be surprised - these are the same companies that apparently don't believe in XML enough to generate valid XML (or even valid SGML for that matter)...© Rick Strahl, West Wind Technologies, 2005-2011Posted in .NET  CSharp  HTTP  

    Read the article

  • TFS 2010 and SSL Configuration: Part 1 Certificates in Place

    - by Enrique Lima
    What is needed?  For starters, an understanding on the how to properly configure a certificate in IIS. Many people have found challenges in working with certificates in IIS 7 First thing is to get your certificate created, and then proceed to add it to IIS 7 By clicking on Server Certificates, we will get to this And we will be able to see the certificate or certificates installed. What options do we have to get certificates? They can be generated “in-house” or purchase them from certification authorities.  If it is “in-house”, you will those options in the Server Certificates area of IIS Manager.

    Read the article

  • Seeking htaccess help: Converting multiple subdomains (both http and https) to www.domain.com using .htaccess

    - by Joshua Dorkin
    I've been trying to get an answer to this question on other forums (the folks at SuperUser thought this was the place I needed to post) and via my connections, but I haven't gotten very far. Hopefully you guys can help me find an answer: I've got a dozen old subdomains that have been indexed by Google. These have been indexed as both http AND https. I've managed to redirect all the subdomains properly, provided they are not https, but can't get any of the https subdomains to property redirect. Here's the code I'm using: RewriteCond %{HTTP_HOST} ^subdomain1.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] RewriteCond %{HTTP_HOST} ^subdomain2.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] RewriteCond %{HTTP_HOST} ^subdomain3.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] This works great until someone goes to: https://subdomain2.mysite.com$ which is not redirected back to http://www.mysite.com$ How can I get this to work? Additionally, I'm guessing there is an easier way to make it happen than setting up a dozen pairs of Rewrite conditions/rewrite rule? Is there any way to do this in just a few lines, including one where I list all the subdomains? I'd actually also like to redirect everything on https://www.mysite.com$ to http://www.mysite.com$ except for 3 folders These are mysite.com/secure, mysite.com/store, mysite.com/user -- is there any good way to add this to the htaccess file? Any suggestions would be great! Thank you in advance for any help.

    Read the article

  • Setting up an SSL Certificate in Apache

    When the HTTP protocol was designed, it was assumed that data transmission would be secure. Times have changed and network security has become much more important to us, especially for certain tasks. Sukrit Dhandhania shows you how to set up Secure Sockets Layer.

    Read the article

  • Python HTTPS requests (urllib2) fails on Ubuntu 12.04 without proxy

    - by Pablo
    I have an little app I wrote in Python and it used to work... until yesterday, when it suddenly started giving me an error in a HTTPS connection. I don't remember if there was an update, but both Python 2.7.3rc2 and Python 3.2 are failing just the same. I googled it and found out that this happens when people are behind a proxy, but I'm not (and nothing have changed in my network since the last time it worked). My syster's computer running windows and Python 2.7.2 has no problems (in the same network). response = urllib2.urlopen(url).read() File "/usr/lib/python2.7/urllib2.py", line 126, in urlopen return _opener.open(url, data, timeout) File "/usr/lib/python2.7/urllib2.py", line 400, in open response = self._open(req, data) File "/usr/lib/python2.7/urllib2.py", line 418, in _open '_open', req) File "/usr/lib/python2.7/urllib2.py", line 378, in _call_chain result = func(*args) File "/usr/lib/python2.7/urllib2.py", line 1215, in https_open return self.do_open(httplib.HTTPSConnection, req) File "/usr/lib/python2.7/urllib2.py", line 1177, in do_open raise URLError(err) urllib2.URLError: <urlopen error [Errno 8] _ssl.c:504: EOF occurred in violation of protocol> What's wrong? Any help is appreciated. PS.: Older python versions don't work either, not in my system and not in a live session from USB, but DO work in a Ubuntu 11.10 live session.

    Read the article

  • HTTPS on all pages where user is logged on

    - by Tom Gullen
    I know this is considered best practise to prevent cookie hijacking. I would like to adopt this approach, but ran across a problem on our forum where the users post images which either aren't posted with URL's over HTTPS or the url itself doesn't support HTTPS. This throws up a lot of ugly browser warnings. I see I have two options: Disable HTTPS for the forum Force all user posted content to start with // in the url so it selects the right protocol, if it doesn't support HTTPS so be it Do I have any other options? How do other sites deal with this?

    Read the article

  • Nginx and Google Appengine Reverse Proxy Security

    - by jmq
    The scenario is that I have a Google compute node running Nginx as a reverse proxy to the google appengine. The appengine is used to service REST calls from an single page application (SPA). HTTPS is used to the Nginx front end from the Internet. Do I also need to make the traffic from the Nginx reverse proxy to the appengine secure by turning on HTTPS on the appengine? I would like to avoid the overhead of HTTPS between the proxy and the backend. My thinking was that once the traffic has arrived at Nginx encrypted, decrypted in Nginx, and then sent via the reverse proxy inside of Google's infrastructure it would be secure. Is it safe in this case to not use HTTPS?

    Read the article

  • Is there a way to disallow only crawling in https in robots.txt?

    - by David Wilkins
    I just realized that Bingbot is crawling my company's website's pages over https. Bing already crawls the site over http, so this seems frivolous. Is there a way to specify Disallow: / for https only? According to Wikipedia, each protocol has its own robots.txt And according to Google's Robots.txt Specification, the robots.txt applies to http AND https I don't want to Disallow: / for Bing totally, just over https.

    Read the article

  • How can I set the default page for an https request?

    - by Rachel
    We have a website which has a Virtual Directory containing the secure portion of the website. If users come to http://www.mydomain.com, they should get directed to default.aspx of the main site, but if they go to https://www.mydomain.com, they should go to default.aspx of the virtual directory. The default page for the main site works fine, however I can't figure out how to set the default page for https traffic. Right now going to https://www.mydomain.com simply gives me a Page Not Found error. How can I set this up in IIS on Windows Server 2003?

    Read the article

  • Seeking .htaccess help: Converting multiple subdomains (both HTTP and HTTPS) to www.domain.com using .htaccess

    - by Joshua Dorkin
    I've been trying to get an answer to this question on other forums (the folks at SuperUser thought this was the place I needed to post) and via my connections, but I haven't gotten very far. Hopefully you guys can help me find an answer. I've got a dozen old subdomains that have been indexed by Google. These have been indexed as both HTTP AND HTTPS. I've managed to redirect all the subdomains properly, provided they are not HTTPS, but can't get any of the HTTPS subdomains to property redirect. Here's the code I'm using: RewriteCond %{HTTP_HOST} ^subdomain1.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] RewriteCond %{HTTP_HOST} ^subdomain2.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] RewriteCond %{HTTP_HOST} ^subdomain3.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] This works great until someone goes to: https://subdomain2.mysite.com$ which is not redirected back to http://www.mysite.com$ How can I get this to work? Additionally, I'm guessing there is an easier way to make it happen than setting up a dozen pairs of RewriteCond/RewriteRule? Is there any way to do this in just a few lines, including one where I list all the subdomains? I'd actually also like to redirect everything on https://www.mysite.com$ to http://www.mysite.com$ except for 3 folders. These are mysite.com/secure, mysite.com/store, mysite.com/user. Is there any good way to add this to the .htaccess file?

    Read the article

  • What is recommended - UC or EV or EV UC certificate?

    - by Abdel Olakara
    We are implementing Exchange 2010 server and an eCommerce site. Both of these need certificates and I am confused what to use? I know Exchange need UC certificate. Can I use it for the ecommerce site as well? I did read EV is recommended for web sites.. I would like to know what to use and the recommended procedures. Here how we will be using the certificates: We are planning to use *.net for testing Exchange server Will be using *.com for Exchange server (Production) Will be using *.com for ecommerce site (Production) I also heard about certificates which are both EV UC.. please recommend the correct certificates to use.

    Read the article

  • Encrypting and decrypting single file with master password and passphrase

    - by Iori
    Last night my system shutdown unexpectedly and when i restart it, it gave me superblock error. will then i fixed a little but. i was able to retrive my encrypted files which i encrypted my pgp public key but i was not able to retrive my private key or public key now i have ecrypted file which cannot be open because i have lost my private key. is there any way that i can encrypt my file by providing only master password and passphrase and no physical key or private key and when i am on another computer i can easily open it my same master password and passphrase. Thanks in advance

    Read the article

< Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51  | Next Page >