Search Results

Search found 8613 results on 345 pages for 'ssl keys'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 50/345 | < Previous Page | 46 47 48 49 50 51 52 53 54 55 56 57  | Next Page >

  • IPv6 working fine, IPv4 throws OpenSSL error

    - by jippie
    I am building a webserver ( http://blog.linformatronics.nl/ ), which functions just fine on both IPv4 and IPv6 and when using a non-SSL connection. However when I connect to it through https, IPv6 works as expected, but an IPv4 connection throws a client side error. Server side logs are empty for the IPv4/https connection. Summarized in a table: | http | https -----+-------+------------------------------------------------------- IPv4 | works | OpenSSL error, failed. No server side logging. -----+-------+------------------------------------------------------- IPv6 | works | self signed certificate warning, but works as expected Apparently the SSL tunnel isn't even set up, which accounts for the Apache logs being empty. But why does it work fine for IPv6 and fail for IPv4? My question is why is this OpenSSL error being thrown and how can I solve it? Below is some extra information about the setup. IPv6 https Command used to reproduce IPv6/https behaviour: $ wget --no-check-certificate -O /dev/null -6 https://blog.linformatronics.nl --2012-11-03 15:46:48-- https://blog.linformatronics.nl/ Resolving blog.linformatronics.nl (blog.linformatronics.nl)... 2001:980:1b7f:1:a00:27ff:fea6:a2e7 Connecting to blog.linformatronics.nl (blog.linformatronics.nl)|2001:980:1b7f:1:a00:27ff:fea6:a2e7|:443... connected. WARNING: cannot verify blog.linformatronics.nl's certificate, issued by `/CN=localhost': Self-signed certificate encountered. WARNING: certificate common name `localhost' doesn't match requested host name `blog.linformatronics.nl'. HTTP request sent, awaiting response... 200 OK Length: 4556 (4.4K) [text/html] Saving to: `/dev/null' 100%[=======================================================================>] 4,556 --.-K/s in 0s 2012-11-03 15:46:49 (62.5 MB/s) - `/dev/null' saved [4556/4556] IPv4 https Command used to reproduce IPv6/https behaviour: $ wget --no-check-certificate -O /dev/null -4 https://blog.linformatronics.nl --2012-11-03 15:47:28-- https://blog.linformatronics.nl/ Resolving blog.linformatronics.nl (blog.linformatronics.nl)... 82.95.251.247 Connecting to blog.linformatronics.nl (blog.linformatronics.nl)|82.95.251.247|:443... connected. OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol Unable to establish SSL connection. Notes I am on Ubuntu Server 12.04.1 LTS

    Read the article

  • HTTPS Proxy which answers CONNECT with own certificate

    - by user1109542
    I'm configuring a DMZ which has the following Scheme: Internet - Server A - Security Appliance - Server B - Intranet In this DMZ I need a Proxy server for http(s) connections from the Intranet to Internet. The Problem is, that all Traffic should be scanned by the Security Appliance. For this I have to terminate the SSL Connection at Server B, proxy it as plain http to Server A through the Security Appliance and then further as https into the Internet. An encryption is then persistent between the Client and Server B and the Target Server and Server A. The communication between Server A and Server B is unencrypted. I know about the security risks and that the client will see some warning about the unknown CA of Server B's certificate. As Software I want to use Apache Web Servers on Server A and Server B. As first step I tried to configure Server B that it serves as endpoint for the SSL Encryption. So it has to establish the encryption with the client (answering HTTP CONNECT). Listen 8443 <VirtualHost *:8443> ProxyRequests On ProxyPreserveHost On AllowCONNECT 443 # SSL ErrorLog logs/ssl_error_log TransferLog logs/ssl_access_log LogLevel debug SSLProxyEngine on SSLProxyMachineCertificateFile /etc/pki/tls/certs/localhost_private_public.crt <Proxy *> Order deny,allow Deny from all Allow from 192.168.0.0/22 </Proxy> </VirtualHost> With this Proxy only the CONNECT request is passed through and an encrypted Connection between the client and the target is established. Unfortunately there is no possibility to configure mod_proxy_connect to decrypt the SSL connection. Is there any possibility to accomplish that kind of proxying with Apache?

    Read the article

  • LDAPS being redirected to 389

    - by Ikkoras
    We're trying to perform an LDAPS bind to a server which blocks 389 with a firewall so all traffic must travel over 636. In our test lab we're connecting to a test ldap (located on the same server) which does not have this firewall so both ports are exposed. Running ldp.exe on the test server we generate the trace below which seems to suggest that it is successfully binding over 636. However if we monitor the traffic with wireshark all the traffic is being sent to 389 with no attempt to even contact 636. Other tools will bind only with SSL on 636 or without SSL on 389 whjich seems to suggest it is behaving correctly but Wireshark shows 389. Only the test server we are using RawCap to capture the local loopback traffic. Any ideas? 0x0 = ldap_unbind(ld); ld = ldap_sslinit("WIN-GF49504Q77T.test.com", 636, 1); Error 0 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION, 3); Error 0 = ldap_connect(hLdap, NULL); Error 0 = ldap_get_option(hLdap,LDAP_OPT_SSL,(void*)&lv); Host supports SSL, SSL cipher strength = 128 bits Established connection to WIN-GF49504Q77T.test.com. Retrieving base DSA information... Getting 1 entries: Dn: (RootDSE)

    Read the article

  • I'm capturing keys on my WinForm but I'm trying to see if the pressed key is a 'String' - getting an

    - by Sergio Tapia
    Here's my code: void gkh_KeyDown(object sender, KeyEventArgs e) { if (e.KeyCode == neededLetter as Keys) { if (neededLetter == "n") { neededLetter = "o"; } else if (neededLetter == "o") { neededLetter = "t"; } else if (neededLetter == "t") { neededLetter = "e"; } else if (neededLetter == "e") { this.Show(); } } else { neededLetter = "n"; } } I'm getting an error on the first If block: The as operator must be used with a reference type or nullable type

    Read the article

  • Windows Keys Extender – tool for XP/Vista users to using hotkeys Win+[Left|Right|Up|Down]

    - by outcoldman
    In Windows 7, I really liked an opportunity to change the position of the windows by pressing hotkeys Win + (Left | Right | Up | Bottom): Win + Left - window attached to the left side Win + Right - window attached to the right side Win + Up - window is maximized Win + Bottom - window in the normal state I’m talking about this: This is really useful hotkeys and really comfortable work with windows. But not all can use Windows 7 right now. When Windows7 was in beta and RC states I really wanted to use this features right now in current Windows version (I had Vista). So I spent my time and wrote this tool. In addition, the tool has functional which can change position of windows (It is useful for laptops, you can move windows with hotkeys). And of course this tool can move windows between monitors. Hot keys can be customized. Interface in English. Now I don’t want to add new functionality, because now I’m using Windows 7 with all functions that this tool have. I wrote this tool on C# with .NET 3.5. You can use this source code for knowing how to work with hotkeys with C#. At first I placed source code on Google Code and then placed it on CodePlex too. So you can download it from one of them. I would be glad if someone will use it. :)

    Read the article

  • How to find keycodes for Fn + keys?

    - by budwiser
    I'm trying to find out the keycode for Fn+? keypress (left arrow). Xev outputs FocusOut event, serial 36, synthetic NO, window 0x3c00001,    mode NotifyGrab, detail NotifyAncestor FocusIn event, serial 36, synthetic NO, window 0x3c00001,    mode NotifyUngrab, detail NotifyAncestor KeymapNotify event, serial 36, synthetic NO, window 0x0,    keys:  4294967213 0   0   0   0   0   0   0   0   0   0   0   0   0   0   0              0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   If it is telling me the keycode here, I'm not able to interpret it so help would be appreciated. I'm also curious for finding out if it's possible to bind something to Fn+Del but when trying out this combination, Xev outputs KeyPress event, serial 36, synthetic NO, window 0x3c00001, root 0xad, subw 0x0, time 1984903, (-666,480), root:(53,533), state 0x0, keycode 119 (keysym 0xffff, Delete), same_screen YES, XLookupString gives 1 bytes: (7f) " " XmbLookupString gives 1 bytes: (7f) " " XFilterEvent returns: False KeyRelease event, serial 36, synthetic NO, window 0x3c00001, root 0xad, subw 0x0, time 1985008, (-666,480), root:(53,533), state 0x0, keycode 119 (keysym 0xffff, Delete), same_screen YES, XLookupString gives 1 bytes: (7f) " " XFilterEvent returns: False which is exactly the same as pressing del without Fn. So, summary for short How can I find keycode for Fn+? (left arrow)? Is it even possible to bind something to Fn+Del or am I facing windmills here?

    Read the article

  • How to find keycodes for Fn + keys in Ubuntu 11.10

    - by budwiser
    I'm trying to find out the keycode for Fn+? keypress (left arrow). Xev outputs FocusOut event, serial 36, synthetic NO, window 0x3c00001,    mode NotifyGrab, detail NotifyAncestor FocusIn event, serial 36, synthetic NO, window 0x3c00001,    mode NotifyUngrab, detail NotifyAncestor KeymapNotify event, serial 36, synthetic NO, window 0x0,    keys:  4294967213 0   0   0   0   0   0   0   0   0   0   0   0   0   0   0              0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   If it is telling me the keycode here, I'm not able to interpret it so help would be appreciated. I'm also curious for finding out if it's possible to bind something to Fn+Del but when trying out this combination, Xev outputs KeyPress event, serial 36, synthetic NO, window 0x3c00001, root 0xad, subw 0x0, time 1984903, (-666,480), root:(53,533), state 0x0, keycode 119 (keysym 0xffff, Delete), same_screen YES, XLookupString gives 1 bytes: (7f) " " XmbLookupString gives 1 bytes: (7f) " " XFilterEvent returns: False KeyRelease event, serial 36, synthetic NO, window 0x3c00001, root 0xad, subw 0x0, time 1985008, (-666,480), root:(53,533), state 0x0, keycode 119 (keysym 0xffff, Delete), same_screen YES, XLookupString gives 1 bytes: (7f) " " XFilterEvent returns: False which is exactly the same as pressing del without Fn. So, summary for short How can I find keycode for Fn+? (left arrow)? Is it even possible to bind something to Fn+Del or am I facing windmills here?

    Read the article

  • Deploying an SSL Application to Windows Azure &ndash; The Dark Secret

    - by ToStringTheory
    When working on an application that had been in production for some time, but was about to have a shopping cart added to it, the necessity for SSL certificates came up.  When ordering the certificates through the vendor, the certificate signing request (CSR) was generated through the providers (http://register.com) web interface, and within a day, we had our certificate. At first, I thought that the certification process would be the hard part…  Little did I know that my fun was just beginning… The Problem I’ll be honest, I had never really secured a site before with SSL.  This was a learning experience for me in the first place, but little did I know that I would be learning more than the simple procedure.  I understood a bit about SSL already, the mechanisms in how it works – the secure handshake, CA’s, chains, etc…  What I didn’t realize was the importance of the CSR in the whole process.  Apparently, when the CSR is created, a public key is created at the same time, as well as a private key that is stored locally on the PC that generated the request.  When the certificate comes back and you import it back into IIS (assuming you used IIS to generate the CSR), all of the information is combined together and the SSL certificate is added into your store. Since at the time the certificate had been ordered for our site, the selection to use the online interface to generate the CSR was chosen, the certificate came back to us in 5 separate files: A root certificate – (*.crt file) An intermediate certifcate – (*.crt file) Another intermediate certificate – (*.crt file) The SSL certificate for our site – (*.crt file) The private key for our certificate – (*.key file) Well, in case you don’t know much about Windows Azure and SSL certificates, the first thing you should learn is that certificates can only be uploaded to Azure if they are in a PFX package – securable by a password.  Also, in the case of our SSL certificate, you need to include the Private Key with the file.  As you can see, we didn’t have a PFX file to upload. If you don’t get the simple PFX from your hosting provider, but rather the multiple files, you will soon find out that the process has turned from something that should be simple – to one that borders on a circle of hell… Probably between the fifth and seventh somewhere… The Solution The solution is to take the files that make up the certificates chain and key, and combine them into a file that can be imported into your local computers store, as well as uploaded to Windows Azure.  I can not take the credit for this information, as I simply researched a while before finding out how to do this. Download the OpenSSL for Windows toolkit (Win32 OpenSSL v1.0.1c) Install the OpenSSL for Windows toolkit Download and move all of your certificate files to an easily accessible location (you'll be pointing to them in the command prompt, so I put them in a subdirectory of the OpenSSL installation) Open a command prompt Navigate to the folder where you installed OpenSSL Run the following command: openssl pkcs12 -export –out {outcert.pfx} –inkey {keyfile.key}      –in {sslcert.crt} –certfile {ca1.crt} –certfile (ca2.crt) From this command, you will get a file, outcert.pfx, with the sum total of your ssl certificate (sslcert.crt), private key {keyfile.key}, and as many CA/chain files as you need {ca1.crt, ca2.crt}. Taking this file, you can then import it into your own IIS in one operation, instead of importing each certificate individually.  You can also upload the PFX to Azure, and once you add the SSL certificate links to the cloud project in Visual Studio, your good to go! Conclusion When I first looked around for a solution to this problem, there were not many places online that had the information that I was looking for.  While what I ended up having to do may seem obvious, it isn’t for everyone, and I hope that this can at least help one developer out there solve the problem without hours of work!

    Read the article

  • What feature is at play when Ctrl+Shift+Alt+U,E "types" an unprintable hex 000E?

    - by Peter.O
    I tend to use Ctrl+Shift+Alt for my customized system-wide keybindings. When I tried Ctrl+Shift+Alt+U it printed an underscored u and waited for more keyboard input!... Some keys were accepted and some were not... eg. Numbers were accepted and they too were underlined, but only a few keys allowed me to break out. I then tried Ctrl+Shift+Alt+U immediately followed by Ctrl+Shift+Alt+E. This produced an unprintable hex 000E(?) and broke out of the loop... The unprintable character got me thinking that this may be Unicode related. If so, how so? What is happening here? Is this underscored u a trigger for an Input Method Editor? This behaviour occurs: Here (as I type), "gedit", text-edit fields... (but not in the Terminal)... and "gvim" reported "pattern not found"...

    Read the article

  • XF86 keybinds in Openbox

    - by vasa1
    Lubuntu uses Openbox as its window manager. ~/.config/openbox/lubuntu-rc.xml is a file that specifies, among other things, keybinds for various commands. Most of the keybinds in lubuntu-rc.xml use modifier keys such as Control, Shift, Alt, and Super. For example, one way of opening a terminal window would be by pressing Control+Alt+T together: <!-- Launch a terminal on Ctrl + Alt + T--> <keybind key="C-A-T"> <action name="Execute"> <command>lxsession-default terminal</command> </action> </keybind> But there is also this: <!-- Keybinding for terminal button--> <keybind key="XF86WWW"> <action name="Execute"> <command>lxsession-default terminal</command> </action> </keybind> <keybind key="XF86Terminal"> <action name="Execute"> <command>lxsession-default terminal</command> </action> </keybind> What are keybind key="XF86WWW" and keybind key="XF86Terminal"? How do I locate these keys on my laptop's keyboard? My laptop is a Dell Inspiron N 1545 from 2008.

    Read the article

  • SSH tunnel over http proxy with blocked 443 (SSL)

    - by Evgeny Zhulenev
    Is it possible to create an SSH tunnel over http-proxy when https access is denied? I had such configuration in .ssh\config Host home User root Hostname *my-home-pc-with-ssh-access-allowed* Port 8090 ProxyCommand corkscrew db-isa-01 8080 %h %p ~/.ssh/.corkscrew-db-isa-auth IdentityFile ~/.ssh/id_rsa Where db-isa-01 is my corporate proxy server. Today the admins blocked all https access and allowed it only for few servers on the white list. I used this command to create a tunnel: ssh -D 7070 -o 'GatewayPorts yes' -A -q -g -t root@home and now it doesn't work. As I can understand, that's because our proxy denies all https connections Proxy could not open connnection to ***: Proxy Error ( The specified Secure Sockets Layer (SSL) port is not allowed. Forefront TMG is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. ) P.S. I use Windows 7, and corscskrew with cygwin, so Linux solutions not suitable for me.

    Read the article

  • Retrieving an RSA key from a running instance of Apache?

    - by Nathan Osman
    I created an RSA keypair for an SSL certificate and stored the private key in /etc/ssl/private/server.key. Unfortunately this was the only copy of the private key that I had. Then I accidentally overwrote the file on disk (yes, I know). Apache is still running and still serving SSL requests, leading me to believe that there may be hope in recovering the private key. (Perhaps there is a symbolic link somewhere in /proc or something?) This server is running Ubuntu 12.04 LTS.

    Read the article

  • SSLCipherSuite - disable weak encryption, cbc cipher and md5 based algorithm

    - by John
    A developer recently ran a PCI Scan with TripWire against our LAMP server. They identified several issues and instructed the following to correct the issues: Problem: SSL Server Supports Weak Encryption for SSLv3, TLSv1, Solution: Add the following rule to httpd.conf SSLCipherSuite ALL:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM Problem: SSL Server Supports CBC Ciphers for SSLv3, TLSv1 Solution: Disable any cipher suites using CBC ciphers Problem: SSL Server Supports Weak MAC Algorithm for SSLv3, TLSv1 Solution: Disable any cipher suites using MD5 based MAC algorithms I tried searching google for a comprehensive tutorial on how to construct an SSLCipherSuite directive to meet my requirements, but I didn't find anything I could understand. I see examples of SSLCipherSuite directives, but I need an explanation on what each component of the directive does. So even in the directive SSLCipherSuite ALL:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM, I dont understand for example what the !LOW means. Can someone either a) tell me the SSLCipherSuite directive that will meet my needs or b) show me a resource that clearly explains each segment of a SSLCipherSuite is and how to construct one?

    Read the article

  • postfix, TLS and rapidssl - "verify error:num=19:unable to get local issuer certificate"

    - by technobuddha
    I have been googeling for days! I have a cert from rapidssl. I read up that the problem with num=20, is that indicates it doesn't know the issuer, or doesn't know the ROOT Cert, right? I run this command: openssl s_client -showcerts -connect smtp.server.com:465 I get this error: verify error:num=19:self signed certificate in certificate chain Here is what i have in my postfix main.cf, and what i have done: smtpd_tls_key_file = /etc/postfix/ssl/smtp.server.com.rsa.key (this is the private key) smtpd_tls_cert_file = /etc/postfix/ssl/smtp.server.com.PUBLIC.key (this is the public key given to me by rapidssl) smtpd_tls_CAfile = /etc/postfix/ssl/combo.csr.key This key has both the intermediate keys ON TOP, and the ROOT KEY on the bottom. Here is the Intermediate keys: https://knowledge.geotrust.com/library/VERISIGN/ALL_OTHER/geotrust%20ca/GT_QuickSSL_and_Premium_and_Trial_intermediate_bundle.pem and here is the root CERT: http://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer anyone know how to use rapidssl certs?

    Read the article

  • Sharepoint site settings add on ssl port number?

    - by Mike
    WSS 3.0 IIS6/WinSever2003 CAG We have several WSS sites on a SharePoint WSS box that talk to the outside, all of which are SSL enabled. So you get a CAG(Citrix Access Gateway) to translate the 443 port to the local ssl port on the server. Everything is set up and works fine until you get into the Site Settings and start rooting around, it seems like a very unstable link library. Links will try to use the local ssl port number instead of the 443 standard; it will try to skip the step. Is that the site? Any ideas on how to fix it?

    Read the article

  • Enabling spdy in nginx fails spdycheck.org

    - by tulio84z
    I'm trying to enable spdy with nginx 1.6.0 but spdycheck.org is giving me two complaints: And My nginx configuration file is as such: server { listen 80; listen 443 ssl spdy; server_name 54.201.32.118; ssl_certificate /etc/nginx/ssl/tulio.crt; ssl_certificate_key /etc/nginx/ssl/tulio.key; if ($ssl_protocol = "") { rewrite ^ https://$server_name$request_uri? permanent; } root /usr/share/nginx/html; index index.html index.htm; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # Uncomment to enable naxsi on this location # include /etc/nginx/naxsi.rules } } The other info of spdycheck you can find at: http://spdycheck.org/#54.201.32.118

    Read the article

  • OpenSSL without prompt

    - by JP19
    Hi, I am using following code to generate keys: apt-get -qq -y install openssl; mkdir -p /etc/apache2/ssl; openssl genrsa -des3 -out server.key 1024; openssl req -new -key server.key -out server.csr; cp server.key server.key.org; openssl rsa -in server.key.org -out server.key; openssl x509 -req -days 12000 -in server.csr -signkey server.key -out server.crt; mv server.crt /etc/apache2/ssl/cert.pem; mv server.key /etc/apache2/ssl/cert.key; rm -f server.key.orig; rm -f server.csr How can I skip the passphrase prompting? thanks JP

    Read the article

  • Sonicwall NSA 3500, public ip for SSL VPN clients is not visible

    - by SlyMcFly
    I have a Sonciwall NSA 3500 and I'm setting up the SSL VPN according to this guide. I get through setting up the Sonicwall router, but then to test it says "Users can now go to the public IP of the sonicwall. Notice the new “click here for SSL login” hyper link". However, when I go to the public ip of the Sonicwall I don't get a web page, it just times out. Is there some other setting that I'm missing in order to make the SSL VPN login page public?

    Read the article

  • Apache https configurations

    - by sissonb
    I am trying to setup my domain name with a self signed cert. I created the cert and placed the server.key and server.crt files into C:/apache/config/ Then I updated my httpd.confg host to include the following, <VirtualHost 192.168.5.250:443> DocumentRoot C:/www ServerName mydomain.com:443 ServerAlias www.mydomain.com:443 SSLEngine on SSLCertificateFile C:/apache/conf/server.crt SSLCertificateKeyFile C:/apache/conf/server.key SSLVerifyClient none SSLProxyEngine off SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> Now when I go to https://mydomain.com I get the following error. SSL connection error Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. Can anyone see what I'm doing wrong? Thanks!

    Read the article

  • Nginx HTTPS redirects causing loop

    - by Ben Chiappetta
    I've been banging my head against the wall trying to figure this out, so if anyone can help I'd appreciate it. My Nginx conf has three different redirect loops, haven't been able to get any of the three to work right. The three problem areas are: Redirecting memcache directory to SSL Redirecting accounts directory to SSL Redirecting SSL to www if non-www nginx.conf: user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; error_log /var/log/nginx/error.log notice; sendfile on; #tcp_nopush on; keepalive_timeout 65; proxy_set_header X-Url-Scheme $scheme; #gzip on; rewrite_log on; include /etc/nginx/conf.d/*.conf; } conf.d/default.conf: server { listen 80; server_name <redacted>.net; rewrite ^(.*) http://www.<redacted>.net$1; } server { listen 80; server_name www.<redacted>.net; set_real_ip_from 192.168.30.4; set_real_ip_from 192.168.30.5; set_real_ip_from 192.168.30.10; real_ip_header X-Forwarded-For; #charset koi8-r; access_log /var/log/nginx/host.access.log main; root /var/www/html; index index.php index.html index.htm; location =/memcache { rewrite ^/(.*)$ https://$server_name$request_uri? permanent; } location /accounts { rewrite ^/(.*)$ https://$server_name$request_uri? permanent; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; try_files $uri = 404; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\.ht { deny all; } } conf.d/ssl.conf: # HTTPS server # server { listen 443; server_name <redacted>.net; rewrite ^(.*) https://www.<redacted>.net$1; } server { listen 443 default_server ssl; server_name www.<redacted>.net; set_real_ip_from 192.168.30.4; set_real_ip_from 192.168.30.5; set_real_ip_from 192.168.30.10; real_ip_header X-Forwarded-For; proxy_set_header X-Forwarded_Proto https; proxy_set_header Host $host; proxy_redirect off; proxy_max_temp_file_size 0; proxy_set_header X-Forwarded-Ssl on; set $https_enabled on; ssl_certificate <redacted>.crt; ssl_certificate_key <redacted>.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; root /var/www/html; index index.php index.html index.htm; location /memcache { auth_basic "Restricted"; auth_basic_user_file $document_root/memcache/.htpasswd; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS on; include /etc/nginx/fastcgi_params; try_files $uri = 404; } }

    Read the article

  • can't send with postfix but I can whith one user

    - by CvR_XX
    I have a postfix and dovecot server but when i try to send an email i get an time -out. Im trying to send with the email [email protected]. A telnet session isn't helping much ether. I get a blank screen. Local it's working fine. My smtp service is running on treadity.com:25. The strange thing is that the logs are completely empty with any info regarding sending emails. Receiving is working alright. Another strange thing is that i've send some message's and that it worked. But that is only with one email. I can still send from that account but other emails are failing any idea's? config file: # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key #smtpd_use_tls=yes #smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache #smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_cert_file=/etc/ssl/certs/dovecot.pem smtpd_tls_key_file=/etc/ssl/private/dovecot.pem smtpd_use_tls=yes # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key #smtpd_use_tls=yes #smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache #smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_cert_file=/etc/ssl/certs/dovecot.pem smtpd_tls_key_file=/etc/ssl/private/dovecot.pem smtpd_use_tls=yes # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key #smtpd_use_tls=yes #smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache #smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_cert_file=/etc/ssl/certs/dovecot.pem smtpd_tls_key_file=/etc/ssl/private/dovecot.pem smtpd_use_tls=yes smtpd_tls_auth_only = yes #Enabling SMTP for authenticated users, and handing off authentication to Dovecot smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes 1,1 Top

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 46 47 48 49 50 51 52 53 54 55 56 57  | Next Page >