Search Results

Search found 2034 results on 82 pages for 'certificate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 48/82 | < Previous Page | 44 45 46 47 48 49 50 51 52 53 54 55  | Next Page >

  • WCF with No security

    - by james.ingham
    Hi all, I've got a WCF service setup which I can consume and use as intendid... but only on the same machine. I'm looking to get this working over multiple computers and I'm not fussed about the security. However when I set (client side) the security to = none, I get a InvalidOperationException: The service certificate is not provided for target 'http://xxx.xxx.xxx.xxx:8731/Design_Time_Addresses/WcfServiceLibrary/ManagementService/'. Specify a service certificate in ClientCredentials. So I'm left with: <security mode="Message"> <message clientCredentialType="None" negotiateServiceCredential="false" algorithmSuite="Default" /> </security> But this gives me another InvalidOperationException: The service certificate is not provided for target 'http://xxx.xxx.xxx.xxx:8731/Design_Time_Addresses/WcfServiceLibrary/ManagementService/'. Specify a service certificate in ClientCredentials. Why would I have to provide a certificate if security was turned off? Server app config: <system.serviceModel> <services> <service name="Server.WcfServiceLibrary.CheckoutService" behaviorConfiguration="Server.WcfServiceLibrary.CheckoutServiceBehavior"> <host> <baseAddresses> <add baseAddress = "http://xxx:8731/Design_Time_Addresses/WcfServiceLibrary/CheckoutService/" /> </baseAddresses> </host> <endpoint address ="" binding="wsDualHttpBinding" contract="Server.WcfServiceLibrary.ICheckoutService"> <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> <service name="Server.WcfServiceLibrary.ManagementService" behaviorConfiguration="Server.WcfServiceLibrary.ManagementServiceBehavior"> <host> <baseAddresses> <add baseAddress = "http://xxx:8731/Design_Time_Addresses/WcfServiceLibrary/ManagementService/" /> </baseAddresses> </host> <endpoint address ="" binding="wsDualHttpBinding" contract="Server.WcfServiceLibrary.IManagementService"> <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> </services> <behaviors> <serviceBehaviors> <behavior name="Server.WcfServiceLibrary.CheckoutServiceBehavior"> <serviceMetadata httpGetEnabled="True"/> <serviceDebug includeExceptionDetailInFaults="False" /> <serviceThrottling maxConcurrentCalls="100" maxConcurrentSessions="50" maxConcurrentInstances="50" /> </behavior> <behavior name="Server.WcfServiceLibrary.ManagementServiceBehavior"> <serviceMetadata httpGetEnabled="True"/> <serviceDebug includeExceptionDetailInFaults="False" /> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> Client app config: <system.serviceModel> <bindings> <wsDualHttpBinding> <binding name="WSDualHttpBinding_IManagementService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:00:10" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" /> <security mode="Message"> <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" /> </security> </binding> </wsDualHttpBinding> </bindings> <client> <endpoint address="http://xxx:8731/Design_Time_Addresses/WcfServiceLibrary/ManagementService/" binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_IManagementService" contract="ServiceReference.IManagementService" name="WSDualHttpBinding_IManagementService"> <identity> <dns value="localhost" /> </identity> </endpoint> </client> </system.serviceModel> Thanks

    Read the article

  • C# WCF client configuration for X509 secured web service over https

    - by Kam
    Hi guys I been pulling my hair out for the past few days trying to connect to a web service using .Net 3.5 and WCF (have also tried using WSE 3.0) without much luck. The web service is hosted by a 3rd party and we can access via https. They also make use of X509 certificates for security, to sign the message. I've been given some basic info and am able to connect and test the service using SOAP UI 3.5 without any problems, so we know that this is not the issue. Just trying to get it done in code! I've added the X509 certificate into the certificate store using the mmc snap-in, and using tracing and logging i can see that the message is being signed, just unable to see which part i have got wrong. Any healp GREATLY appreciated :) I've been given an offline WSDL file, which I have imported in as a service reference is VS 2008. My calling code looks like so, simple enough: ServicePointManager.ServerCertificateValidationCallback = delegate(object sender,X509Certificate certificate,X509Chain chain, SslPolicyErrors sslErrors) { return true; }; GatewayClient gateway = new GatewayClient(); CheckStatusResponse response = gateway.CheckLineStatus(); And my config looks like so: <basicHttpBinding> <binding name="Gateway_1.0" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="Certificate" algorithmSuite="Default" /> </security> </binding> </basicHttpBinding> <customBinding> <binding name="Gateway_1"> <security authenticationMode="CertificateOverTransport" includeTimestamp="true" messageProtectionOrder="SignBeforeEncrypt"> <localClientSettings maxClockSkew="12:00:00" replayWindow="12:00:00" sessionKeyRolloverInterval="12:00:00" timestampValidityDuration="12:00:00" /> <localServiceSettings maxClockSkew="12:00:00" sessionKeyRolloverInterval="12:00:00" timestampValidityDuration="12:00:00" /> <secureConversationBootstrap /> </security> <textMessageEncoding messageVersion="Soap11" /> <sslStreamSecurity requireClientCertificate="true" /> <httpsTransport hostNameComparisonMode="WeakWildcard" /> </binding> </customBinding> <wsHttpBinding> <binding name="Gateway_1" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <security mode="TransportWithMessageCredential"> <message clientCredentialType="Certificate" negotiateServiceCredential="false" establishSecurityContext="true" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="https://XXX.XX.XXX.XX/SOAP" behaviorConfiguration="ClientCertificateBehavior" binding="wsHttpBinding" bindingConfiguration="Gateway_1" contract="B2BService.Gateway" name="Gateway_1_HTTPSPort"> <identity> <dns value="ext.test.com" /> </identity> </endpoint> </client> <behaviors> <endpointBehaviors> <behavior name="ClientCertificateBehavior"> <clientCredentials> <clientCertificate findValue="mycertificate.com" storeLocation="CurrentUser" storeName="Root" x509FindType="FindBySubjectName" /> <serviceCertificate> <authentication certificateValidationMode="PeerOrChainTrust" /> </serviceCertificate> </clientCredentials> </behavior> </endpointBehaviors> </behaviors> </system.serviceModel> Regardless of which config I use, the code fails for one reason or another, causing internal server errors, Error processing message for security, Undefined 'badEncoding' resource property, or expected http URI given https, and a few other! Been going round and round a bit, and I am sure it is very simple once the cofig is set :( I'm sure I've missed loads out, let me know if seeing the SOAP UI generated envelope and the currect WCF generated envelope will help. many thanks. Kam

    Read the article

  • IIS 7.0 informational HTTP status codes

    - by Samir R. Bhogayta
    1xx - Informational These HTTP status codes indicate a provisional response. The client computer receives one or more 1xx responses before the client computer receives a regular response. IIS 7.0 uses the following informational HTTP status codes: 100 - Continue. 101 - Switching protocols. 2xx - Success These HTTP status codes indicate that the server successfully accepted the request. IIS 7.0 uses the following success HTTP status codes: 200 - OK. The client request has succeeded. 201 - Created. 202 - Accepted. 203 - Nonauthoritative information. 204 - No content. 205 - Reset content. 206 - Partial content. 3xx - Redirection These HTTP status codes indicate that the client browser must take more action to fulfill the request. For example, the client browser may have to request a different page on the server. Or, the client browser may have to repeat the request by using a proxy server. IIS 7.0 uses the following redirection HTTP status codes: 301 - Moved permanently. 302 - Object moved. 304 - Not modified. 307 - Temporary redirect. 4xx - Client error These HTTP status codes indicate that an error occurred and that the client browser appears to be at fault. For example, the client browser may have requested a page that does not exist. Or, the client browser may not have provided valid authentication information. IIS 7.0 uses the following client error HTTP status codes: 400 - Bad request. The request could not be understood by the server due to malformed syntax. The client should not repeat the request without modifications. IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 400 error: 400.1 - Invalid Destination Header. 400.2 - Invalid Depth Header. 400.3 - Invalid If Header. 400.4 - Invalid Overwrite Header. 400.5 - Invalid Translate Header. 400.6 - Invalid Request Body. 400.7 - Invalid Content Length. 400.8 - Invalid Timeout. 400.9 - Invalid Lock Token. 401 - Access denied. IIS 7.0 defines several HTTP status codes that indicate a more specific cause of a 401 error. The following specific HTTP status codes are displayed in the client browser but are not displayed in the IIS log: 401.1 - Logon failed. 401.2 - Logon failed due to server configuration. 401.3 - Unauthorized due to ACL on resource. 401.4 - Authorization failed by filter. 401.5 - Authorization failed by ISAPI/CGI application. 403 - Forbidden. IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 403 error: 403.1 - Execute access forbidden. 403.2 - Read access forbidden. 403.3 - Write access forbidden. 403.4 - SSL required. 403.5 - SSL 128 required. 403.6 - IP address rejected. 403.7 - Client certificate required. 403.8 - Site access denied. 403.9 - Forbidden: Too many clients are trying to connect to the Web server. 403.10 - Forbidden: Web server is configured to deny Execute access. 403.11 - Forbidden: Password has been changed. 403.12 - Mapper denied access. 403.13 - Client certificate revoked. 403.14 - Directory listing denied. 403.15 - Forbidden: Client access licenses have exceeded limits on the Web server. 403.16 - Client certificate is untrusted or invalid. 403.17 - Client certificate has expired or is not yet valid. 403.18 - Cannot execute requested URL in the current application pool. 403.19 - Cannot execute CGI applications for the client in this application pool. 403.20 - Forbidden: Passport logon failed. 403.21 - Forbidden: Source access denied. 403.22 - Forbidden: Infinite depth is denied. 404 - Not found. IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 404 error: 404.0 - Not found. 404.1 - Site Not Found. 404.2 - ISAPI or CGI restriction. 404.3 - MIME type restriction. 404.4 - No handler configured. 404.5 - Denied by request filtering configuration. 404.6 - Verb denied. 404.7 - File extension denied. 404.8 - Hidden namespace. 404.9 - File attribute hidden. 404.10 - Request header too long. 404.11 - Request contains double escape sequence. 404.12 - Request contains high-bit characters. 404.13 - Content length too large. 404.14 - Request URL too long. 404.15 - Query string too long. 404.16 - DAV request sent to the static file handler. 404.17 - Dynamic content mapped to the static file handler via a wildcard MIME mapping. 404.18 - Querystring sequence denied. 404.19 - Denied by filtering rule. 405 - Method Not Allowed. 406 - Client browser does not accept the MIME type of the requested page. 408 - Request timed out. 412 - Precondition failed. 5xx - Server error These HTTP status codes indicate that the server cannot complete the request because the server encounters an error. IIS 7.0 uses the following server error HTTP status codes: 500 - Internal server error. IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 500 error: 500.0 - Module or ISAPI error occurred. 500.11 - Application is shutting down on the Web server. 500.12 - Application is busy restarting on the Web server. 500.13 - Web server is too busy. 500.15 - Direct requests for Global.asax are not allowed. 500.19 - Configuration data is invalid. 500.21 - Module not recognized. 500.22 - An ASP.NET httpModules configuration does not apply in Managed Pipeline mode. 500.23 - An ASP.NET httpHandlers configuration does not apply in Managed Pipeline mode. 500.24 - An ASP.NET impersonation configuration does not apply in Managed Pipeline mode. 500.50 - A rewrite error occurred during RQ_BEGIN_REQUEST notification handling. A configuration or inbound rule execution error occurred. Note Here is where the distributed rules configuration is read for both inbound and outbound rules. 500.51 - A rewrite error occurred during GL_PRE_BEGIN_REQUEST notification handling. A global configuration or global rule execution error occurred. Note Here is where the global rules configuration is read. 500.52 - A rewrite error occurred during RQ_SEND_RESPONSE notification handling. An outbound rule execution occurred. 500.53 - A rewrite error occurred during RQ_RELEASE_REQUEST_STATE notification handling. An outbound rule execution error occurred. The rule is configured to be executed before the output user cache gets updated. 500.100 - Internal ASP error. 501 - Header values specify a configuration that is not implemented. 502 - Web server received an invalid response while acting as a gateway or proxy. IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 502 error: 502.1 - CGI application timeout. 502.2 - Bad gateway. 503 - Service unavailable. IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 503 error: 503.0 - Application pool unavailable. 503.2 - Concurrent request limit exceeded.

    Read the article

  • Cannot import the following keyfile: blah.pfx. The keyfile may be password protected.

    - by JasonD
    We just upgraded our Visual Studio 2008 projects to VS2010. All of our assemblies were strong signed using a Verisign code signing certificate. Since the upgrade we continuously get the following error: Cannot import the following key file: companyname.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_3E185446540E7F7A This happens on some developer machines and not others. Some methods used to fix this that worked some of the time include: re-installing the key file from Windows Explorer (right click on the PFX file and click Install) installing VS2010 on a fresh machine for the first time prompts you for the password the first time you open the project, and then it works. On machines upgraded from VS2008, you don't get this option. I've tried using the SN.EXE utility to register the key with the Strong Name CSP as the error message suggests, but whenever I run the tool with any options using the version that came with VS2010, SN.EXE just lists its command line arguments instead of doing anything. This happens regardless of what arguments I supply. Does anyone know WHY this is happening, and have clear steps to fix it? I'm about to give up on Click Once installs and Microsoft Code Signing. Thanks for any help!

    Read the article

  • [C#] RSACryptoServiceProvider Using the Public Key to decrypt Private Key encrypted Data ?

    - by prixone
    Hello, i went thru lots and lots of searchs and results and pages considering this matter but havent found the solution yet. Like i described in the title i want to decrypt data using my Public Key which is something i am able to do with my PHP code, my certificate is generated from my PHP page. Here is a sample of what i am trying: public string Decrypt(string data) { X509Certificate2 cert = new X509Certificate2(); cert.Import(Encoding.ASCII.GetBytes(webApi["PublicDefaultKey"])); RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PublicKey.Key; byte[] ciphertextBytes = Convert.FromBase64String(data); byte[] plaintextBytes = rsa.Decrypt(ciphertextBytes, false); return System.Text.Encoding.UTF8.GetString(plaintextBytes); } MessageBox.Show(Decrypt("pgcl93TpVfyHubuRlL72/PZN0nA4Q+HHx8Y15qGvUyTNpI6y7J13YG07ZVEyB7Dbgx63FSw9vEw1D1Z3bvNbI0gqalVfKTfHv5tKVc7Y6nQwQYwoODpUhVpa/K9OP1lqx4esnxqwJx95G0rqgJTdS+Yo773s5UcJrHzzbsX2z+w=")); here is the public key i am using for tests: -----BEGIN CERTIFICATE----- MIIDxDCCAy2gAwIBAgIBADANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVUsx EDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjESMBAGA1UEChMJTU1P Q2xldmVyMSMwIQYDVQQLExpNTU9DbGV2ZXIgRGV2ZWxvcGVyJ3MgVGVhbTESMBAG A1UEAxMJTU1PQ2xldmVyMSQwIgYJKoZIhvcNAQkBFhVzdXBwb3J0QG1tb2NsZXZl ci5jb20wHhcNMTAwNTE2MTkxNDQ4WhcNMTEwNTE2MTkxNDQ4WjCBozELMAkGA1UE BhMCVUsxEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjESMBAGA1UE ChMJTU1PQ2xldmVyMSMwIQYDVQQLExpNTU9DbGV2ZXIgRGV2ZWxvcGVyJ3MgVGVh bTESMBAGA1UEAxMJTU1PQ2xldmVyMSQwIgYJKoZIhvcNAQkBFhVzdXBwb3J0QG1t b2NsZXZlci5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMozHr17PL+N seZyadobUmpIV+RKqmRUGX0USIdj0i0yvwvltu3AIKAyRhGz16053jZV2WeglCEj qfiewF9sYTAAoIVGtdd/sZvO4uUcng9crSzDo0CrEPs/Tn5SunmlmyFlZfdlqpAM XXLno/HMo9cza0CrcMnRokaTiu8szBeBAgMBAAGjggEEMIIBADAdBgNVHQ4EFgQU zip+3/hBIpjvdcSoWQ2rW+xDEWAwgdAGA1UdIwSByDCBxYAUzip+3/hBIpjvdcSo WQ2rW+xDEWChgamkgaYwgaMxCzAJBgNVBAYTAlVLMRAwDgYDVQQIEwdFbmdsYW5k MQ8wDQYDVQQHEwZMb25kb24xEjAQBgNVBAoTCU1NT0NsZXZlcjEjMCEGA1UECxMa TU1PQ2xldmVyIERldmVsb3BlcidzIFRlYW0xEjAQBgNVBAMTCU1NT0NsZXZlcjEk MCIGCSqGSIb3DQEJARYVc3VwcG9ydEBtbW9jbGV2ZXIuY29tggEAMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAyU6RLifBXSyQUkBFnTcI6h5ryujh+6o6 eQ1wuPOPmRdYJZuWx/5mjMpIF13sYlNorcOv5WaEnp8/Jfuwc9h/jXlcujser0UE WoaaFwK81O801Xkv2zEm2UUWiOabrGTIT4FVy3gCUXJYjaCnvfSdmkfLJOQxNHVt 4NTMp7IeF60= -----END CERTIFICATE----- by default, the PHP generates the key in PKCS as far as i know, from my C# code i can encrypt using my publick key with out any problems and decrypt it on my php page but so far i was not able to decrypt data sent from my php page encrypted with the private key which is something i can do on my php... i did like some help to understand what i am doing wrong... the error when i run the functions is "bad data" at rsa.Decrypt(ciphertextBytes, false); which i couldnt found anymore information at it... Thanks for any and all the help :)

    Read the article

  • X509 Certificates, DigitalSignature vs NonRepudiation (C#)

    - by Eyvind
    We have been handed a set of test sertificates on smart cards for developing a solution that requires XML messages to be signed using PKI. Each (physical) smart card seems to have two certificates stored on it. I import them into the Windows certificate store using software supplied by the smart card provider, and then use code resembling the following to iterate over the installed certificates: foreach (X509Certificate2 x509 in CertStore.Certificates) { foreach (X509Extension extension in x509.Extensions) { if (extension.Oid.Value == "one we are interested in") { X509KeyUsageExtension ext = (X509KeyUsageExtension)extension; if ((ext.KeyUsages & X509KeyUsageFlags.DigitalSignature) != X509KeyUsageFlags.None) { // process certs here We have been told to use the certificates that have the NonRepudiation key usage flag set to sign the XMLs. However, the certificate that has the NonRepudiation flag has this flag only, and not for instance the DigitalSignature flag which I check for above. Does this strike anyone but me as slightly odd? I am in other words told to sign with a certificate that does not (appear to) have the DigitalSignature usage flag set. Is this normal procedure? Any comments? Thanks.

    Read the article

  • how many types of code signing certificates do I need?

    - by gerryLowry
    in Canada, website SSL certificates can be had for as low as US$10. unfortunately, code signing certificates cost about 10 time as much, one website mentions Vista compatibility ... this seems strange because my assumption is they must support XP, Vista, Windows 7, Server 2003, and Server 2008 or they would be useless. https://secure.ksoftware.net/code_signing.html US$99 Support Platforms Microsoft Authenticode. Sign any Microsoft executable format (32 and 64 bit EXE, DLL, OCX, DLL or any Active X control). Signing hardware drivers is not currently supported. Abode AIR. Sign any Adobe AIR application. Java. Sign any JAR applet Microsoft Office. Sign any MS Office Macro or VBA (Visual Basic for Applications) file. Mozilla. Sign any Mozilla Object file. The implication is that a single code signing certificate can do ALL of the above. ksoftware actually discounts Commodo certificates and the Commode website is unclear. QUESTION: Will ONE code signing certificate be enough or do I need one for Microsoft executables, and a second for things like Word and Excel macros? my main goal is to sign things like vs2008 code snippets so that I can export them securely; however, I would like to be able to use the same code signing certificate for signing other items too. Thank you ~~ regards, Gerry (Lowry)

    Read the article

  • Rails : soap4r - Error while running wsdl2ruby.rb

    - by Mathieu
    when I execute Mathieu$ /Users/Mathieu/.gem/ruby/1.8/bin/wsdl2ruby.rb path --wsdl https://www.arello.com/webservice/verify.cfc?wsdl --type client --force I get at depth 0 - 20: unable to get local issuer certificate F, [2010-05-06T10:41:11.040288 #35933] FATAL -- app: Detected an exception. Stopping ... SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError) /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:247:in connect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:247:inssl_connect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:639:in connect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/timeout.rb:128:intimeout' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:631:in connect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:522:inquery' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:147:in query' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:953:indo_get_block' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:765:in do_request' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:848:inprotect_keep_alive_disconnected' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:764:in do_request' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:833:infollow_redirect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:519:in get_content' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/xmlSchema/importer.rb:73:infetch' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/xmlSchema/importer.rb:36:in import' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/importer.rb:18:inimport' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/soap/wsdl2ruby.rb:206:in import' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/soap/wsdl2ruby.rb:36:inrun' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/bin/wsdl2ruby.rb:46:in run' /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/logger.rb:659:instart' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/bin/wsdl2ruby.rb:137 /Users/Mathieu/.gem/ruby/1.8/bin/wsdl2ruby.rb:19:in `load' /Users/Mathieu/.gem/ruby/1.8/bin/wsdl2ruby.rb:19 I, [2010-05-06T10:41:11.040855 #35933] INFO -- app: End of app. (status: -1)

    Read the article

  • WebBrowser control won't display an https site that IE8 on the same PC will

    - by Velika
    In IE8, I get the follow warning, but if I choose to continue the site displays properly. There is a problem with this website's security certificate. The security certificate presented by this website was issued for a different website's address. Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. We recommend that you close this webpage and do not continue to this website. Click here to close this webpage. Continue to this website (not recommended). More information In the WebBrowser control, I get this at first: Navigation to the webpage was canceled What you can try: Refresh the page. When I hit the refresh teh page, this time, I get the same wanting as I originally get in IE8, but when I click "Continue to this website (not recommended)", the page refresh again, displaying the same warning. What can I do to get the site to display in the WebBrowser control as it does in IE8. I would've thought that the control would be using the same core logic and therefore expected the same result.

    Read the article

  • Public key of Android project and keystore created in Eclipse?

    - by user578056
    I created an Android project using Eclipse (under Windows FWIW) and let Eclipse create the keypair during the Export Android Application process. I successfully used Eclipse to make a signed release build that is now on the Market. Now I want to now use ProGuard, which I believe means using Ant instead of Eclipse to build. It was a pain, but Ant building works in both debug and release, until it tries to sign the APK. I get: [signjar] jarsigner: Certificate chain not found for: redacted. redacted must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain. keytool -list -keystore redacted gives me: Keystore type: JKS Keystore provider: SUN Your keystore contains 1 entry redacted, Jan 16, 2011, PrivateKeyEntry, Certificate fingerprint (MD5): BD:0F:70:C1:39:F5:FE:5B:BC:CD:89:0B:C8:66:95:E0 Which brings me to the actual question: where is my public key? I have some sort of public key on my Android Market profile, but is that the pair for my private key? If so, how do I store that in the keystore so that jarsigner will work?

    Read the article

  • How to exploit Diffie-hellman to perform a man in the middle attack

    - by jfisk
    Im doing a project where Alice and Bob send each other messages using the Diffie-Hellman key-exchange. What is throwing me for a loop is how to incorporate the certificate they are using in this so i can obtain their secret messages. From what I understand about MIM attakcs, the MIM acts as an imposter as seen on this diagram: Below are the details for my project. I understand that they both have g and p agreed upon before communicating, but how would I be able to implement this with they both having a certificate to verify their signatures? Alice prepares ?signA(NA, Bob), pkA, certA? where signA is the digital signature algorithm used by Alice, “Bob” is Bob’s name, pkA is the public-key of Alice which equals gx mod p encoded according to X.509 for a fixed g, p as specified in the Diffie-Hellman key- exchange and certA is the certificate of Alice that contains Alice’s public-key that verifies the signature; Finally, NA is a nonce (random string) that is 8 bytes long. Bob checks Alice's signature, and response with ?signB{NA,NB,Alice},pkB,certB?. Alice gets the message she checks her nonce NA and calculates the joint key based on pkA, pkB according to the Diffie-Hellman key exchange. Then Alice submits the message ?signA{NA,NB,Bob},EK(MA),certA? to Bob and Bobrespondswith?SignB{NA,NB,Alice},EK(MB),certB?. where MA and MB are their corresponding secret messages.

    Read the article

  • Printing an invisible NSView

    - by Rodger Wilson
    Initially I created a simple program with a custom NSView. I drew a picture (certificate) and printed it! beautiful! Everything worked great! I them moved my custom NSView to an existing application. My hope was that when a user hit print it would print this certificate. Simple enough. I figured a could have a NSView pointer in my controller code. Then at initialization I would populate the pointer. Then when someone wanted to print the certificate it would print. The problem is that all of my drawing code is in the "drawRect" method. This method doesn't get called because this view is never displayed in a window. I have heart that others use non-visible NSView objects just for printing. What do I need to do. I really don't want to show this view to the screen. Rodger

    Read the article

  • Problem with cruise control and visual svn

    - by Andrew
    Hi Wonder if anyone can help, I am experiencing a strange issue with my configuration of cruisecontrol.net and visual svn. I am setting the current ccnet.config <sourcecontrol type="svn"> <trunkUrl>https://bladerunner.azullo.local:8443/svn/application/trunk</trunkUrl> <executable>C:\Program Files (x86)\VisualSVN Server\bin\svn.exe</executable> <username>test</username> <password>test</password> <workingDirectory>D:\Development\Build\application\</workingDirectory> </sourcecontrol> <publishers> <xmllogger/> </publishers> <modificationDelaySeconds>10</modificationDelaySeconds> </project> When I run this I expect it to go to https://bladerunner.azullo.local:8443/svn/application/trunk, however i get the following ThoughtWorks.CruiseControl.Core.CruiseControlException: Source control operation failed: svn: OPTIONS of 'http://bladerunner.azullo.local:8080/svn/application/trunk': could not connect to server (http://bladerunner.azullo.local:8080) . Process command: C:\Program Files (x86)\VisualSVN Server\bin\svn.exe update D:\Development\build\application\ --username test --password ** --no-auth-cache --non-interactive at ThoughtWorks.CruiseControl.Core.Sourcecontrol.ProcessSourceControl.Execute(ProcessInfo processInfo) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.Svn.UpdateSource(IIntegrationResult result) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.Build(IIntegrationResult result) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.Integrate(IntegrationRequest request) So for some reason it goes to 'http://bladerunner.azullo.local:8080/svn/application/trunk' If I remove the username and password elements in the ccnet.config. It goes to the correct url. I dont understand this behaviour. I have configured visual svn with a certificate using Active directory Certificate Services, if this was the problem I would expect it to show an error regarding the certificate instead of changing the url. I have cleared our state etc Any Ideas

    Read the article

  • how to create nettcpbinding of this custombinding

    - by evgeni
    I am new at wcf programming model and i want to use nettcpbinding. before i ask my question below is my custom binding : <customBinding> <binding name="basic"> <security authenticationMode="UserNameForCertificate"/> <binaryMessageEncoding/> <httpsTransport/> </binding> </customBinding> when i create a service reference using a simple console application it finds a certificate and ask me to use it.and this way i can use the webservice ... but when i change binding to nettcpbinding with TransportWithMessageCredential the service is looking for certificate and could not find it like this : </binding> </netTcpBinding> ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByIssuerName, "Contoso.com"). at this point i use a customnamevalidator and i do it programmatically. so why when i use nettcpbinding with TransportWithMessageCredential why is SetCertificate could not find the installed certificate ? am i missed something ? or do i have to ad something? thanks .

    Read the article

  • Tomcat 4.1.31 - HTTPS not working intermittently | "Page Cannot be Displayed" problems

    - by cedar715
    We are facing this error intermittently. If we restart the server it works for some time and again the problem start. We also have another load balanced server with similar configuration and that is working fine. The server is running on Linux box. If we do the "ps -ef" its listing the TOMCAT process. URL : https://xyz.abc.com:9234/axis/servlet/AxisServlet Following the configuration in server.xml file. <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="9234" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="100" debug="0" scheme="https" secure="true" useURIValidationHack="false" disableUploadTimeout="true"> <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" clientAuth="false" protocol="TLS" /> </Connector> Is it the problem with our load balancer which is forwarding most requests to this server? Is it any way related to the "maxProcessors" or "acceptCount" attributes defined in the above configuration? Is it the problem with the port number?? Does it have to do any thing with the certificate. The certificate is generated using Java Keytool. ( However, the other load balanced server is also using the same certificate and working fine) Please suggest in resolving this issue. thanks

    Read the article

  • How to verify the SSL connection when calling a URI?

    - by robertokl
    Hello, I am developing a web application that is authenticated using CAS (A single-sign-on solution: http://www.ja-sig.org/wiki/display/CAS/Home). For security reasons, I need two things to work: The communication between CAS and my application needs to be secure My application needs to accept the certification coming from CAS, so that I can guarantee that the CAS responding is the real CAS server This is what I got so far: uri = URI.parse("https://www.google.com/accounts") https = Net::HTTP.new(uri.host, uri.port) https.use_ssl = (uri.scheme == 'https') https.verify_mode = (OpenSSL::SSL::VERIFY_PEER) raw_res = https.start do |conn| conn.get("#{uri.path}?#{uri.query}") end This works just great in Mac OS X. When I try to reach an insecure URI, it raises an exception, and when I try to reach a secure URI, it allows me normally, just like expected. The problem starts when I deploy my application on my Linux server. I tried in both Ubuntu and Red Hat. Independent of what URI I try to reach, it always raises this exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed from /usr/local/lib/ruby/1.8/net/http.rb:586:in `connect' from /usr/local/lib/ruby/1.8/net/http.rb:586:in `connect' from /usr/local/lib/ruby/1.8/net/http.rb:553:in `do_start' from /usr/local/lib/ruby/1.8/net/http.rb:542:in `start' from (irb):7 I think this have something to do with my installed OpenSSL package, but I can't be sure. This are my installed OpenSSL packages: openssl.x86_64 0.9.8e-12.el5 installed openssl-devel.x86_64 0.9.8e-12.el5 installed I tried using HTTParty as well, but it just ignores the SSL certificate. I hope someone can help me, or tell me about a gem that works the way I need. Thanks.

    Read the article

  • Reading Certificates on iOS Problem

    - by David Schiefer
    I am trying to read certificates from various URLs in iOS. My code however is not working well - the array that should return the information I need always returns null. What am I missing? - (void)findCertificate:(NSString *)url { NSInputStream*input = [[NSInputStream inputStreamWithData:[NSData dataWithContentsOfURL:[NSURL URLWithString:@"https://store.writeitstudios.com"]]] retain]; [input setDelegate:self]; [input scheduleInRunLoop:[NSRunLoop mainRunLoop] forMode:NSDefaultRunLoopMode]; [input open]; NSLog(@"Status: %i",[input streamStatus]); } - (void)stream:(NSStream *)aStream handleEvent:(NSStreamEvent)eventCode { NSLog(@"handle Event: %i",eventCode); if (eventCode == NSStreamStatusOpen) { NSArray *certificates = (NSArray*)CFReadStreamCopyProperty((CFReadStreamRef)aStream, kCFStreamPropertySSLPeerCertificates); NSLog(@"Certs: %@",CFReadStreamCopyProperty((CFReadStreamRef)aStream, kCFStreamPropertySSLPeerCertificates)); if ([certificates count] > 0) { SecCertificateRef certificate = (SecCertificateRef)[certificates objectAtIndex:0]; NSString *description = (NSString*)SecCertificateCopySubjectSummary(certificate); NSData *data = (NSData *)SecCertificateCopyData(certificate); NSLog(@"Description: %@",description); } } } And yes, I am aware that I am leaking memory. This is just a snippet.

    Read the article

  • SSL signed certificates for internal use

    - by rogueprocess
    I have a distributed application consisting of many components that communicate over TCP (for examle JMS) and HTTP. All components run on internal hardware, with internal IP addresses, and are not accessible to the public. I want to make the communication secure using SSL. Does it make sense to purchase signed certificates from a well-known certificate authority? Or should I just use self-signed certs? My understanding of the advantage of trusted certs is that the authority is an entity that can be trusted by the general public - but that is only an issue when the general public needs to be sure that the entity at a particular domain is who they say they are. Therefore, in my case, where the same organization is responsible for the components at both ends of the communication, and everything in between, a publicly trusted authority would be pointless. In other words, if I generate and sign a certificate for my own server, I know that it's trustworthy. And no one from outside the organization will ever be asked to trust this certificate. That is my reasoning - am I correct, or is there some potential advantage to using certs from a known authority?

    Read the article

  • How to OpenSSL decrypt smime.p7m

    - by tntu
    I have received an email that has no content, just a file called smime.p7m attached. I was looking into the OpenSSL and it's smime module but I cannot figure out exactly how. I must be doing something wrong. I extracted the certificate chain form the p7m file. # openssl pkcs7 -inform DER -in smime.p7m -out pkcs7.pem # openssl pkcs7 -in pkcs7.pem -print_certs -out certs.pem Then I tried to decrypt: # openssl smime -decrypt -in smime.p7m -signer certs.pem -out smime.eml No recipient certificate or key specified And also with my server's SSL cert: # openssl smime -decrypt -in smime.p7m -recip server.nopass.key.crt.ca.pem -out smime.eml Error reading S/MIME message 140078540371784:error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no content type:asn_mime.c:447: Can anyone shed some light on what steps I need to take to extract the email?

    Read the article

  • How do I resolve the error "Binding already being used by a product other than IIS"

    - by magnifico
    I have an SSL cert with its own unique IP address on a 2008 R2 server. I have created a basic website using IIS Manager, with a file called “Hello.html” in the root. When trying to add an https binding I receive the following error after choosing my certificate: This binding is already being used by a product other than IIS. If you continue you might overwrite the existing certificate for this IP Address:Port combnation. Do you want to use this binding anyway?" I click Yes to this prompt and the binding is created. When I try to retrieve my file using the server’s own browser, the request times out. I have another server which has a shared configuration with this one, and it works fine. Does anyone have any suggestions how to find out which application may be using this binding other than IIS, and how to resolve?

    Read the article

  • Resolving “ssl handshake failure” error in PostgresQL

    - by Mitch
    I would like to connect to my Postgres 8.3 database using SSL from my XP client using OpenSSL. This works fine without SSL. When I try it with SSL (no client certificate), I get the error: error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure I have followed the instructions in the Postgres manual for SSL including creating a self-signed certificate. In my pg_hba.conf there is a line: host dbname loginname 123.45.67.89/32 md5 The version of OpenSSL on the server is 0.9.8g and on the client is 0.9.8j. I'd appreciate any suggestions for tracking down the problem. Edit: The uncommented lines from postgresql.conf are: data_directory = '/var/ebs0/postgres/main' hba_file = '/etc/postgresql/8.3/main/pg_hba.conf' ident_file = '/etc/postgresql/8.3/main/pg_ident.conf' external_pid_file = '/var/run/postgresql/8.3-main.pid' listen_addresses = '*' port = 5432 max_connections = 100 unix_socket_directory = '/var/run/postgresql' ssl = true shared_buffers = 24MB

    Read the article

  • Windows Server 2008 R2 LDAPS

    - by Chad Moran
    I have a Server 2008 R2 server with ADDS installed. I'm trying to configure HP's ILO utility to connect to it over SSL. I installed the Active Directory Certificate Service, after doing so I'm still not able to connect to LDAP over SSL. I checked the event log and it's showing warnings with Event ID 36886 saying that there aren't default credentials yet. I'm not too sure why this is happening. I haven't done anything with ADCS other than installing the service do I need to create a certificate for the server?

    Read the article

  • Resolving “ssl handshake failure” error in PostgresQL

    - by Mitch
    I would like to connect to my Postgres 8.3 database using SSL from my XP client using OpenSSL. This works fine without SSL. When I try it with SSL (no client certificate), I get the error: error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure I have followed the instructions in the Postgres manual for SSL including creating a self-signed certificate. In my pg_hba.conf there is a line: host dbname loginname 123.45.67.89/32 md5 The version of OpenSSL on the server is 0.9.8g and on the client is 0.9.8j. I'd appreciate any suggestions for tracking down the problem. Edit: The uncommented lines from postgresql.conf are: data_directory = '/var/ebs0/postgres/main' hba_file = '/etc/postgresql/8.3/main/pg_hba.conf' ident_file = '/etc/postgresql/8.3/main/pg_ident.conf' external_pid_file = '/var/run/postgresql/8.3-main.pid' listen_addresses = '*' port = 5432 max_connections = 100 unix_socket_directory = '/var/run/postgresql' ssl = true shared_buffers = 24MB

    Read the article

  • Exposing the AnyConnect HTTPS service to outside network

    - by Maciej Swic
    We have a Cisco ASA 5505 with firmware ASA9.0(1) and ASDM 7.0(2). It is configured with a public ip address, and when trying to reach it from the outside by HTTPS for AnyConnect VPN, we get the following log output: 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Built inbound TCP connection 2889 for outside:<client-ip>/51000 (<client-ip>/51000) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Built inbound TCP connection 2890 for outside:<client-ip>/50999 (<client-ip>/50999) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Teardown TCP connection 2889 for outside:<client-ip>/51000 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Teardown TCP connection 2890 for outside:<client-ip>/50999 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency We finished the startup wizard and the anyconnect vpn wizard and here is the resulting configuration: Cryptochecksum: 12262d68 23b0d136 bb55644a 9c08f86b : Saved : Written by enable_15 at 07:08:30.519 UTC Mon Nov 12 2012 ! ASA Version 9.0(1) ! hostname vpn domain-name office.<redacted>.com enable password <redacted> encrypted passwd <redacted> encrypted names ip local pool vpn-pool 192.168.67.2-192.168.67.253 mask 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.68.250 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address <redacted> 255.255.255.248 ! ftp mode passive dns server-group DefaultDNS domain-name office.<redacted>.com object network obj_any subnet 0.0.0.0 0.0.0.0 pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu inside 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected ! object network obj_any nat (inside,outside) dynamic interface timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL http server enable http 192.168.68.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto ipsec security-association pmtu-aging infinite crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map inside_map interface inside crypto ca trustpoint _SmartCallHome_ServerCA crl configure crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=vpn proxy-ldc-issuer crl configure crypto ca trustpool policy crypto ca certificate chain _SmartCallHome_ServerCA certificate ca 6ecc7aa5a7032009b8cebcf4e952d491 <redacted> quit crypto ca certificate chain ASDM_TrustPoint0 certificate f678a050 <redacted> quit crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_TrustPoint0 telnet timeout 5 ssh 192.168.68.0 255.255.255.0 inside ssh timeout 5 console timeout 0 vpn-addr-assign local reuse-delay 60 dhcpd auto_config outside ! dhcpd address 192.168.68.254-192.168.68.254 inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ssl trust-point ASDM_TrustPoint0 inside ssl trust-point ASDM_TrustPoint0 outside webvpn enable outside enable inside anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 1 anyconnect image disk0:/anyconnect-linux-3.1.01065-k9.pkg 2 anyconnect image disk0:/anyconnect-macosx-i386-3.1.01065-k9.pkg 3 anyconnect profiles GM-AnyConnect_client_profile disk0:/GM-AnyConnect_client_profile.xml anyconnect enable tunnel-group-list enable group-policy GroupPolicy_GM-AnyConnect internal group-policy GroupPolicy_GM-AnyConnect attributes wins-server none dns-server value 192.168.68.254 vpn-tunnel-protocol ikev2 ssl-client default-domain value office.<redacted>.com webvpn anyconnect profiles value GM-AnyConnect_client_profile type user username <redacted> password <redacted> encrypted tunnel-group GM-AnyConnect type remote-access tunnel-group GM-AnyConnect general-attributes address-pool vpn-pool default-group-policy GroupPolicy_GM-AnyConnect tunnel-group GM-AnyConnect webvpn-attributes group-alias GM-AnyConnect enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global prompt hostname context call-home reporting anonymous Cryptochecksum:12262d6823b0d136bb55644a9c08f86b : end Clearly we are missing something, but the question is, what?

    Read the article

  • Dedicated IP for SSL

    - by MotionGrafika
    I'll be needing a Dedicated IP & SSL for a website. I've noticed that SSL will work for either www or canonical name - but not both. So does mean that Dedicated IP would be set to only one of them ? If I set SSL for www then if a user goes to a URL manually without the www it would show invalid certificate - how do I bypass this ? mod_rewrite in htaccess ? IF I need SSL for a subdomain, thats another SSL Certificate & Dedicated IP to purchase ?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 44 45 46 47 48 49 50 51 52 53 54 55  | Next Page >