Search Results

Search found 3673 results on 147 pages for 'pop3 ssl'.

Page 66/147 | < Previous Page | 62 63 64 65 66 67 68 69 70 71 72 73 | Next Page >

mod_ssl RPM conflict

- by 0A0D

I build Apache httpd into an RPM using these sites: http://erikwebb.net/blog/compile-and-install-apache-24-red-hat-enterprise-linux-rhel-6-or-centos-6 http://ramblin-dude.blogspot.com/2013/04/compiling-rpm-for-httpd-on-rhel-57.html I was successful at building apr* and httpd*. However, when I try to install httpd using rpm -Uvh httpd-devel-2.2.25-1.x86_64.rpm httpd-2.2.25-1.x86_64.rpm mod_ssl-2.2.25-1.x86_64.rpm I get the following error: package mod_ssl-2.2.3-82.el5_9.x86_64 (which is newer than mod_ssl-2.2.25-1.x86_64) is already installed. I have httpd 2.2.3-82 installed. Do I need to remove it first? Seems counterintuitive.

Read the article
How to generate new CSRs for TLS use in sendmail?

- by Mikey B

SendMail 8.13.8 | CentOS 5.x Hi Guys, I'm using ca-signed TLS certificates on my sendmail server and they are up for renewal soon. Our new CA doesn't like our old CSR so I need to generate a new CSR. Can someone point me to the procedure for doing this (without affecting the production certs that are already in use)? I'm paranoid of overwriting the old TLS certs in the process of generating a CSR. Most of the instructions I've found are for implementing self-signed TLS certs -- which isn't an option for me at this time. I'm thinking it would something like: openssl req -new -nodes -out new-tls.csr -keyout new-tls-private.key But I wasn't sure if I was missing some options there such as the -x509 option... -M

Read the article
How would you secure a home router with a self-signed certificate?

- by jldugger

littleblackbox is publishing "private keys" that are accessible on publicly available firmwares. Debian calls these "snake-oil" certs. Most of these routers are securing their HTTPS certs with these, and as I think about it, I've never seen one of these internal admin websites with certs that wasn't self signed. Given a webserver on IP 192.168.1.1, how do you secure it to the point that Firefox doesn't offer warnings (and is still secured)?

Read the article
How would you secure a home router with a self-signed certificate?

- by jldugger

littleblackbox is publishing "private keys" that are accessible on publicly available firmwares. Debian calls these "snake-oil" certs. Most of these routers are securing their HTTPS certs with these, and as I think about it, I've never seen one of these internal admin websites with certs that wasn't self signed. Given a webserver on IP 192.168.1.1, how do you secure it to the point that Firefox doesn't offer warnings (and is still secured)?

Read the article
IIS 6.0 mitigating BEAST

- by D3l_Gato

Recently, my PCI assessor informed me that my servers are vulnerable to BEAST and failed me. I did my homework and I want to change our webservers to prefer RC4 ciphers over CBC. I followed every guide I could find... I changed my reg keys for my weaker than 128bit encryption to Enabled = 0. completely removed the reg keys for the weaker encryptions. I downloaded IISCrypto and unchecked everything but RC4 128 ciphers and triple DES 168. My webserver still prefers AES-256SHA. Is there a trick in IIS 6.0 to get your webservers to prefer RC4 ciphers that I am not figuring out? It seems like in IIS 7 they made this very easy to fix but that doesn't help me now!

Read the article
What and how strong is 128bit RC4? [closed]

- by al nik

I notice that services like Gmail use RC4 128 bit as encryption. What is RC4 encryption and how does it work? Is 128-bit RC4 considered strong encryption?

Read the article
Our company claims that the DLP system can even monitor the contents of HTTPS traffic, how is this possible?

- by Ryan

There is software installed on all client machines for DLP (Data Loss Prevention) and HIPAA compliance. Supposedly it can read HTTPS data clearly. I always thought that between the browser and the server, this was encrypted entirely. How can software sneak in and grab this data from the browser prior to it is encrypted or after it is decrypted? I am just curious as to how this could be possible. I would think that a browser wouldn't be considered very secure if this was possible.

Read the article
Opening firewall to incoming port 443

- by jrdioko

I recently set up the ufw firewall on a Linux machine so that outgoing connections are allowed, incoming connections are denied, and denied connections are logged. This seems to work fine for most cases, but I see many denied connections that are incoming on port 443 (many with IPs associated with Facebook). I can open that port to incoming connections, but first wanted to ask what these could be. Shouldn't HTTPS requests be initiated by me and be treated as outbound, not inbound connections? Is it typical to open incoming port 443 on consumer firewalls?

Read the article
Encrypt client connection with squid forward proxy using SSL

- by Twisted Whisper

I'm setting up a Squid forward proxy and I'm wondering if I could configure Squid in such a way that the connection from my web browser to squid is https regardless of whether the connection from squid to the destination website is http or https. In other words, I want my connection from my web browser to my forward proxy to be encrypted even though I'm just surfing normal http website through that proxy. Can it be done?

Read the article
I am not able to open gmail and some other sites.

- by pam

Last day my system got hanged so I restarted and recovered windows to the the date of 1 day before. Now I am not able to open gmail, orkut and some other sites. When I try to open these sites I receive this message: This Connection is Untrusted www.google.com uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is only valid for 78-159-121-94.local (Error code: sec_error_untrusted_issuer)

Read the article
How can I persist certificates in Java's cacerts?

- by Alan Spark

We need to have a certificate in Java's cacerts keystore for one of our servers that is authenticated by LDAP. We are using Ubuntu server. We have successfully done this by updating the cacerts file in /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/security but occasionally a Java update is installed and the cacerts file seems to be getting replaced by a default one that doesn't contain our changes. This doesn't happen very often but it is becoming a bit of a pain when it does happen. Is there a better way of adding things to cacerts so that they don't get lost when a Java update happens? Thanks, Alan

Read the article
Need advise on linking apache and tomcat

- by hsnm

I have been searching this for hours with no luck. I have a web server that uses https on Apache2. I also have installed tomcat7 on the same server to run some Java webapp on it. I need to keep my https port 443 on Apache but forward the requests to the Java webapp to tomcat. I tried to use mod_jk to redirect the requests to tomcat but I failed. Most tutorials talk about redirecting plain http requests not https. I also could not let tomcat use https on 8443. I'm following the steps here but facing errors. The question: Can I redirect https traffic to tomcat without installing https on tomcat? Is there a good tutorial you can recommend to me?

Read the article
Windows 2003 Server, can't connect to an SSL Site from IE.

- by JL

I am trying to connect to connect to www.czebox.cz using internet explorer on Windows 2003 server. If you have a server to test from please do, and you'll notice that it does not connect instead returns - Internet Explorer cannot display the webpage. From Firefox it works fine on the server. From Windows 7 it works fine in Internet Explorer. How can I get it to work in Windows 2003 Server using IE?

Read the article
Two virtual host one with Domain name one with internal ip#?

- by Abhishek

Is it possible to have two virtual host configurations for the same server - one with internal ip address and one with domain name? Something like <VirtualHost {{internal-ipaddress}}:80> ....... </VirtualHost> <VirtualHost {{domain-name}}:80> ....... </VirtualHost> Note that the internal IP address and the domain name belong to the same server or same server instance. I am asking this to restrict some URLs for external users, redirect to https all external access and allow everything for internal users(without https)..

Read the article
Apache: serving SSL only

- by elect

I have a website that I want to be access only by https://myurl.com. A normal typing myurl.com should be forwarded to the https. I tried different things such as: RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://myurl.com/$1 [R,L] (rewrite mod ON) or NameVirtualHost *:80 <VirtualHost *:80> ServerName mysite.example.com DocumentRoot /usr/local/apache2/htdocs Redirect permanent /secure https://mysite.example.com/secure </VirtualHost> But they didnt work, which is the right way to do it? Debian & Apache 2

Read the article
IIRF - Redirecting all traffic to the http equivalent

- by GordonB

I'm using IIRF and having some trouble getting it to redirect all traffic to the secure version of my sites. So... I have a website with about 20 apps in virtual directories in IIS6. The website takes 80 and 443 traffic. I want to use IIRF to redirect all port 80 traffic EG; http://myserver/app1/page1/param1 http://myserver/app2/ http://myserver To the secure equivalent (https). Here's my config so far; # Iirf.ini # # ini file for IIRF # RewriteLogLevel 1 RewriteLog D:\Websites\Apptemetry\IirfLogs RewriteEngine ON StatusInquiry ON IterationLimit 5 RewriteLogLevel 3 RewriteCond %{HTTPS} off RewriteCond %{SERVER_PORT} ^80$ RedirectRule ^http(.*)$ https$1 Can anyone advise the correct configuration to use, to redirect all traffic?

Read the article
Setting up a subdomain SSL with custom port

- by Webnet

I'm setting up a subdomain on a dedicated server that I'm going to use for SVN services. The SVN server is up and running I just need to setup the subdomain. The https has been switched to a custom port because there's a confliction with a port forward pointing to another server. Should I do this through GoDaddy or Apache?

Read the article
ssl_prefer_server_cipers unknown directive

- by trobrock

I just compiled nginx v1.2.3 from source on a CentOS 6.3 server and am trying to use the ssl_prefer_server_ciphers directive, but I am getting an error nginx: [emerg] unknown directive "ssl_prefer_serfver_cipers" in /etc/nginx/sites-enabled/application:5 I am not seeing anywhere that this directive depends on any specific versions of other libraries, or even specific versions of nginx. What could I be doing wrong here?

Read the article
Using nginx as a reverse proxy for tomcat results in new jsessionids for every ssl request

- by user439407

I am using nginx as a reverse proxy for a tomcat setup, and everything works fine for the MOST part, the only issue I am having is that every request to an http address results in a new JSESSION ID being created(this doesn't happen in http), here is the relevant part of the NGINX configuration: location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto https; proxy_redirect off; proxy_connect_timeout 240; proxy_send_timeout 240; proxy_read_timeout 240; proxy_pass http://localhost:8080; } Any idea why I am constantly genning new jsessionids?

Read the article
Conditional https redirect to http depending on URL? (Apache)

- by Joel Marcey

Right now I redirect 100% of the time if someone does https://mysite.com <VirtualHost *:443> ServerAdmin [email protected] ServerName mysite.com ServerAlias www.mysite.com RewriteEngine on RewriteRule (.*) http://%{HTTP_HOST} [L,R=permanent] <VirtualHost> However, now I want to conditionally redirect. If a user goes to https://mysite.com/abc/, then I want to use https; otherwise redirect. How do I do this? I tried reading the docs, but just couldn't find what I needed. I am using Apache on Ubuntu Linux.

Read the article
Really remove non-permanent certificate exception in firefox

- by user1719315

I visited japan.indymedia.org and firefox gave me the "Invalid certificate" screen. I added an exception, but did not click "Store this exception permanently." But now firefox still happily visits the same site without giving any warnings, even after a restart of the browser. I tried going to the Options-Advanced-Encryption-View Certificates-Servers to remove the certificate but I did not find it there. How to remove this exception and make firefox give me the warning when visiting the site?

Read the article
Apache Key: Which is it using?

- by quindraco

I'm running an Apache server on Ubuntu. When I restart it, it asks me for a pass phrase; here's what the dialog looks like: Apache/2.2.16 mod_ssl/2.2.16 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server 127.0.0.1:443 (RSA) Enter pass phrase: I've already worked out how to remove the pass phrase from the key file in question, but I can't find any information anywhere on how to determine which key file Apache is complaining about in the above dialog. I have dozens of key files on the server in question, although I don't know which ones are in active use (all I did is 'locate .pem' and ignore the false positives). Does anyone know how to track down which pem file I need to remove the passphrase from?

Read the article
How do you permanently disable the 'This Connection is Untrusted' page on Firefox

- by TheIronChef9

I'm going insane. Can someone please help me to COMPLETELY DISABLE the 'This Connection is Untrusted' page on Firefox. Facts: I am running Firefox 23.0 on an Ubuntu machine (downloaded and installed ubuntu today) It is a work computer and I have to use my employer's proxy While visiting Webpages/webapps like Gmail or Google brings up the 'This Connection is Untrusted' page and I have to go through the whole tedious task of selecting 'I understand the Risks' and add Exceptions, etc. etc. The fact is, I don't care about the risks. I would rather this computer melt into the ground than have to see that page ever again. I want to dance naked in untrusted pages and not give a damn about the consequences. I just never want to see that page again. Ever. For some sites (eg. wikipedia), the css doesn't load and I end up seeing them in plain text. As a result these sites are completely useless. Wasted hours trying to solve this for stackoverflow.com. These issues happen on the Firefox on my Windows XP machine as well (also using the same proxy). I don't want to export/import certificates or create exceptions for every site that shows this bloody page. I just want this page gone. I don't want Firefox to tell me what's safe and what's not. Also, my system time and date are correct. I've also tried the lies on this page too with no good results. Edit: I've also tried the whole going into the Advance-Certificates-validation setup page and unchecked 'Use the Online Certificate Status Protocol (OCSP) to confirm the current validity of certificates' checkbox. Nothing happened even after restarting firefox or rebooting. I need help. Thanks.

Read the article
apache robots.txt with SSL

- by user224013

I have an .htaccess file with a rewrite rule to get a redirect of every HTTP request to HTTPS. But now I have a problem that my robots.txt is not recognized by some online checker. If I remove the redirect from the .htaccess file the robots.txt is recognized correctly. Maybe I should exclude that the robots.txt is redirects to an HTTPS connection? This is the part of .htaccess for redirecting to HTTPS RewriteCond %{SERVER_PORT} !^443$ RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]

Read the article
Windows 7 root certificate updates

- by hstr

I work for a company that uses Windows 7 for end user computing. The Windows 7 computers are updated via a WSUS installation, and access to Microsoft Update is blocked. We have a problem with a number of websites, who's certificates appears to be invalid, though they are perfectly ok. The problem is, that Windows 7 apparently does an on-demand update of root certificates through Windows Update, rather than rolling out a monthly update, as with Windows XP. Now that Windows Update is blocked, how should root certificates be updated? It appears that WSUS is not handling this feature. Thanks in advance.

Read the article

< Previous Page | 62 63 64 65 66 67 68 69 70 71 72 73 | Next Page >