Search Results

Search found 3868 results on 155 pages for 'wildcard ssl'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 67/155 | < Previous Page | 63 64 65 66 67 68 69 70 71 72 73 74  | Next Page >

  • Gmail POP3 with openssl command line: hangs while RETR-ing

    - by sabya
    I want to use openssl s_client for accessing Gmail POP3S server. I am doing the following: $ openssl s_client -connect pop.gmail.com:995 +OK Gpop ready for requests from <removed: ip> d11pf35377217wam.36 USER <removed: [email protected]> +OK send PASS PASS <removed: password> +OK Welcome. LIST +OK 1 messages (2197 bytes) 1 2197 . STAT +OK 1 2197 RETR 1 RENEGOTIATING The problem is I am never able to execute the RETR command. It always hangs while "RENEGOTIATING". What am I missing?

    Read the article

  • Access Java based keystore directly on Sun ONE Webserver 6.1

    - by George Bailey
    The keystore seems to reside in one of /opt/SUNWwbsvr/alias/https-sub.domain.ext-hostname-cert8.db /opt/SUNWwbsvr/alias/https-sub.domain.ext-hostname-key3.db What tool would I use to access this file? I have tried these commands which did not work. /opt/SUNWwbsvr/bin/https/jdk/bin/keytool -certreq -keyalg RSA -file /tmp/test.csr -keystore /opt/SUNWwbsvr/alias/https-sub.domain.ext-hostname-cert8.db /opt/SUNWwbsvr/bin/https/jdk/bin/keytool -certreq -keyalg RSA -file /tmp/test.csr -keystore /opt/SUNWwbsvr/alias/https-sub.domain.ext-hostname-key3.db /opt/SUNWwbsvr/bin/https/jdk/bin/keytool -list -storepass password -keystore /opt/SUNWwbsvr/alias/https-sub.domain.ext-hostname-cert8.db /opt/SUNWwbsvr/bin/https/jdk/bin/keytool -list -storepass password -keystore /opt/SUNWwbsvr/alias/https-sub.domain.ext-hostname-key3.db They all gave me the error message keytool error: java.io.IOException: Invalid keystore format

    Read the article

  • How to install cURL with openssl on ubuntu server ?

    - by Hrishikesh Choudhari
    Hey, I am having a problem with cURL here. My localhost has curl with openssl enabled, and thus my php code works fine. On running phpinfo() I get the following -- curl cURL support enabled cURL Information libcurl/7.19.5 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.15 However, on my other office server, curl does not have openssl support enabled. On running phpinfo() I get the following -- curl cURL support enabled cURL Information libcurl/7.20.1 zlib/1.2.3.3 How do I get openssl support for curl ? Both - openssl and curl - are installed on the office server as of now. I require immediate help. Thank you.

    Read the article

  • JBoss: Adding a New Binding for a New Service

    - by mlaverd
    Hello, Warning: I'm a J2EE newbie. I have a server application that receives TLS connections containing Protocol Buffers messages. I'd like to port it to J2EE to take advantage of all its powerful features. Is there a way to add a binding that would have TLS enabled and would speak to my piece of code for interpreting and handling the request's data? If so, how? Thanks in advance!

    Read the article

  • IIS FTP 7.5 Data Channel Problem (SSL)

    - by user59050
    Hey there I wonder if anyone can get me in the right direction. I am setting up both a FTPS Client and Server, FTPS Server using Microsoft’s iis FTP 7.5. On the client side it will be running on Linux and I am using M2crypto for the openssl wrapping (python). I am worried the problem is on the server side (iis7.5) due to the following discovery : If I host using Filezilla with BOTH the control and data channel being forced to be encrypted it works 100% (100% file transmission), if i use iis as the server everything works up to the point when the data channel takes over... i.e. all data of the retrieved file is already received correctly in my basket! The ftp server just won't send the final '226 Transfer complete.' on the cmd socket. Why? If i force the client or server to close the connection the file is 100% intact....If i use iis 7.5 with forced encryption on control channel all works 100% as long as i don’t force data channel... Here are some screenshots to demo this... Client View after Kill Client : pics @ http://forums.iis.net/p/1172936/1960994.aspx#1960994 Summary : We can establish the connection, do directory listings, start the upload, see the file (0bytes) created on the server but then the client hangs. If we terminate the client, the uploaded file on the server suddenly jumps up to full size.

    Read the article

  • Different settings for secure & non-secure versions of Django site using WSGI

    - by Jordan Reiter
    I have a Django website where some of the URLs need to be served over HTTPS and some over a normal connection. It's running on Apache and using WSGI. Here's the config: <VirtualHost example.org:80> ServerName example.org DocumentRoot /var/www/html/mysite WSGIDaemonProcess mysite WSGIProcessGroup mysite WSGIScriptAlias / /path/to/mysite/conferencemanager.wsgi </VirtualHost> <VirtualHost *:443> ServerName example.org DocumentRoot /var/www/html/mysite WSGIProcessGroup mysite SSLEngine on SSLCertificateFile /etc/httpd/certs/aace.org.crt SSLCertificateKeyFile /etc/httpd/certs/aace.org.key SSLCertificateChainFile /etc/httpd/certs/gd_bundle.crt WSGIScriptAlias / /path/to/mysite/conferencemanager_secure.wsgi </VirtualHost> When I restart the server, the first site that gets called -- https or http -- appears to select which WSGI script alias gets used. I just need a few settings to be different for the secure server, which is why I'm using a different WSGI script. Alternatively, it there's a way to change settings in the settings.py file based on whether the connection is secure or not, that would also work. Thanks

    Read the article

  • How can I work around problems with certificate configuration in Remote Desktop Services?

    - by Michael Steele
    I am setting up a Remote Desktop Services farm, and am having trouble configuring certificates for it to use. A demonstration of the problem I'm seeing can be found in Step #4. At this point I am convinced that there are problems with the user interface, and am looking for ways around them. Is there any way to configure certificates in Remote Desktop Services so that the settings hold and are reflected in the GUI? If not, is there any way for me to verify that the settings are correct? Step #1 - Create certificate to be used. I've configured a certificate to use with RD Web Access. The certificate is stored with in the Certificates MMC on my RD Connection Broker, and I am configuring the farm from that computer. I found by letting RD Web Access generate its own certificate that the following properties are required: Enhanced Key Usage Server Authentication Client Authentication This may not be required, but the self-signed certificate includes it. Key Usage Digital Signature Key Agreement Subject Alternative Name DNS Name=domain.com Detour about self-signed certificate generation As a quick detour, I was able to work around a problem with creating self-signed certificates using powershell. The documentation for the New-RDCertificate cmdlet gives the following example: PS C:\> $password = ConvertTo-SecureString -string "password" -asplaintext -force New-RDCertificate -Role RDWebAccess -DnsName "test-rdwa.contoso.com" -Password $password -ConnectionBroker rdcb.contoso.com -ExportPath "c:\test-rdwa.pfx" Typing this into the shell will result in an error message claiming that a function, Get-Server cannot be found. Prior to using New-RDCertificate, you must import the RemoteDesktop Module with Import-Module RemoteDesktop. Step #2 - Observe out-of-box behavior The first time you visit the Deployment Properties dialog box by navigating to Server Manager - Remote Desktop Services - Collections and selecting "Edit Deployment Properties" from the "TASKS" dropdown list in the "COLLECTIONS" grouping, you will see the following screen: This window is misleading because the level field is listed as "Not Configured". If I understand correctly all three of the role services are using a self-signed certificate. For the RD Web Access role this can be verified by visiting the website: The certificate being used also appears in the Certificates MMC: Step #3 - Assign new certificate The Deployment Properties dialog box will allow me to select my existing certificate. The certificate must be placed within the local computers Certificates MMC in the "Personal" certificate store. The private key will need to be exportable, and you will need to provide the password. I temporarily exported my certificate to a file named temp.pfx with a password, and then imported it into Remote Desktop Services from there. Once this is done the GUI will indicate that it is ready to accept the new configuration. Once I click the "Apply" button, the GUI indicates success. This can be verified by visiting the RD Web Access web site a second time. There is no certificate error. Step #4 - The GUI fails to maintain its state If the GUI is closed and reopened, all of these settings appear to be lost. Actually, the certificate I configured is still being used. I am able to continue accessing the RD Web Access site without any certificate errors. Oddly, if I use the "Create new certificate..." button to generate a self-signed certificate this window will update to an "Untrusted" level. This setting will then be maintained through the opening and closing of the Deployment Properties dialog box. Is there anything I can do to have my settings appear to stick? I feel like something is wrong when the GUI claims I haven't fully configured certificates.

    Read the article

  • Different file locations for http v https on IIS?

    - by Jeremy Morgan
    We have a server running IIS and have some folders running under https, but most are open. The problem I'm having is when someone is directed from a page in the secure section of the site, the relative link brings up https. For example: link to /pictures goes to http://www.mysite.com/pictures But if someone is on a secured part of the site https://www.mysite.com/shoppingcart And then clicks back to /pictures, they get https://www.mysite.com/pictures so the pictures directory is shown under https. My problem is, they get a 404 not found message when this happens. I could not find anything in the settings that would indicate that secured connections are pulling files from anywhere different than non-secured. If I type http or https on the main page of the site both come up fine. But if I try to add the https:// in a folder level, I get a 404. Any ideas why this might be happening?

    Read the article

  • Using Confluence with virtual hosts and mod_proxy

    - by Marcus
    Hi @all, on a test server I have installed the latest version of Confluence. I configured a apache with ajp. But I have a problem, when I login in Confluence, I get the following error message: Not Found The requested URL / / homepage.action was not found on this server. The problem seems to be known, I found following Link: http://confluence.atlassian.com/display/DOC/Using+Apache+with+virtual+hosts+and+mod_proxy But unfortunately the forwards have not helped, I still get the error messages. Does anyone have any idea how I could solve the problem? The following Apache configuration I have set up: LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so LoadModule proxy_ajp_module /usr/lib/apache2/modules/mod_proxy_ajp.so <IfModule proxy_http_module> ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> <Location /> Order allow,deny Allow from all </Location> ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ </IfModule>

    Read the article

  • What happens to encrypted mails when CA certificate expires in my Windows Domain

    - by Wolfgang
    does anybody know what will happen to encrypted /signed mails when a root authority certificate expires in my domain network? Can the certificate still be validated from the clients and will the clients recognize that the certificate was valid when the mail was encrypted / signed? Respectively what will happen when a migration to a new infrastructure will take place or if I install a new root-CA? Is there a need to also migrate the expired root certificate?

    Read the article

  • Stunnel too many clients

    - by davidsmalley
    I'm trying to hook up stunnel and haproxy to forward https connections through to some backend servers. I've got haproxy setup right, and I seem to have stunnel set up right. Trouble is that when I hit the setup with a load test after a while I start to see these log entries: 2010.05.05 11:24:43 LOG7[3498:3086792368]: https accepted FD=512 from 10.195.158.225:52579 2010.05.05 11:24:43 LOG4[3498:3086792368]: Connection rejected: too many clients (=500) I guess I've hit a limit somewhere but I wasn't sure how to fix it, there doesn't seem to be a config file option for stunnel to change this. Does anyone know how to configure stunnel for a potentially large number of connections?

    Read the article

  • Conditionally permitting HTTP-only requests to Tomcat?

    - by Mike
    I have 2 versions of a system: Tomcat webserver Nginx reverse-proxy sitting in front of a tomcat webserver. In version 2, nginx only ever talks to Tomcat over HTTP. A user could configure the system so that only HTTPS requests are allowed. If the user does this in Version 1 and then the XML configuration files for Tomcat takes care of this. In version 2, nginx takes care of this. The problem is this: I cannot force a user to update their Tomcat XML config files when they upgrade from version 1 to version 2 (it will be recommended that they do so) because this is done as part of a larger process. This means that if they upgrade and don't update the Tomcat config, an HTTPS request will arrive at nginx, which will proxy it over HTTP to Tomcat which will reject the request because it is not HTTPS. So I can't force an update to the Tomcat XML, and I have to use HTTP between nginx and Tomcat. Any ideas? Is there some way I can affect how Tomcat reads its config in Version 2 so that it ignores the HTTPS-only section?

    Read the article

  • certificate working on IP but not on URL

    - by Stephan
    I asked this question on stackoverflow, and I've been suggested to repost it here. I have a problem accessing my site (on https) with IEMobile 9 (WP 7.5). It says it's got problem with the certificate, as if it wasn't valid. Everything works on any other browser or platform I tested (android (several phones and a galaxy tab with stock browser, firefox, opera, dolphin), iOS (iphone and ipad with safari and chrome), an old nokia with symbian, windows 7, linux and mac). To try to solve this I saved the certificate (.cer) on the server and accessed it from the phone browser. It always complained except when I accessed it through the server IP (192.168.xx.xx). At that point it (said it) installed correctly the certificate. If then I try to access the index.html still using the IP all works fine and it doesn't complain about the certificate. If, though, I try to access the index using the actual URL (blah.myblah.com), it complains again about the certificate, as if it wasn't installed! It isn't a problem of DNS, cause that's up and serving the right ip, and the phone is correctly setup to use it. The certificate is signed by geotrust/rapidssl for *.myblah.com.

    Read the article

  • TLS-SRP ciphersuites support in browsers

    - by dag
    i'm doing some research on how browsers support TLS-SRP (RFC5054). I know that TLS-SRP is implemented in GnuTLS, OpenSSL as of release 1.0.1, Apache mod_gnutls, cURL, TLS Lite and SecureBlackbox. I don't find any fresh source of information, only this from 2011: http://sim.ivi.co/2011/07/compare-tls-cipher-suites-for-web.html I'm testing them manually at the moment, but as far as i know nobody seems to support it. My interest is then in understanding if browsers are planning to support these ciphersuites in the future, apart from the current state. Actual findings (i'm sorry i can't include more than 2 links): Firefox: BugZilla bug id: 405155 IE: Microsoft connect Bug ID:788412 , date:22/05/2013 (closed) Chromium/Chrome: the interesting work by quinn slack http://qslack.com/2011/04/tls-srp-in-chrome-announcement/ Chromium code review: 6804032 Any other help?

    Read the article

  • Apache: Setting up a reverse proxy configuration with SSL with url rewriting

    - by user1172468
    There is a host: secure.foo.com that exposes a webservice using https I want to create a reverse proxy using Apache that maps a local http port on a server internal.bar.com to the https service exposed by secure.foo.com Since it a web service I need to map all urls so that a path: https://secure.foo.com/some/path/123 is accessible by going to: http://internal.bar.com/some/path/123 Thanks. I've gotten this far: <VirtualHost *:80> ServerName gnip.measr.com SSLProxyEngine On ProxyPass / https://internal.bar.com/ </VirtualHost> I think this is working except for the url rewriting. Some resources I've found on this are: Setting up a complex Apache reverse proxy Apache as reverse proxy for https server

    Read the article

  • Fingerprint of PEM ssh key

    - by Unknown
    I have a PEM file which I add to a running ssh-agent: $ file query.pem query.pem: PEM RSA private key $ ssh-add ./query.pem Identity added: ./query.pem (./query.pem) $ ssh-add -l | grep query 2048 ef:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX ./query.pem (RSA) My question is how I can get the key fingerprint I see in ssh-agent directly from the file. I know ssh-keygen -l -f some_key works for "normal" ssh keys, but not for PEM files. If I try ssh-keygen on the .pem file, I get: $ ssh-keygen -l -f ./query.pem key_read: uudecode PRIVATE KEY----- failed key_read: uudecode PRIVATE KEY----- failed ./query.pem is not a public key file. This key starts with: -----BEGIN RSA PRIVATE KEY----- MIIEp.... etc. as opposed to a "regular" private key, which looks like: -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,E15F2.... etc.

    Read the article

  • Powershell: Cannot connect via SSL

    - by JSWork
    Am following "secrets to powershell remoting" to setup an SLL account and seem to be missing a step. I ran Winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="redacted";CertificateThumbprint="redacted"} and got PS WSMan:\localhost&gt; dir wsman:\localhost\listener\Listener_1184937132 WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener\Listener_1184937132 Name Value Type ---- ----- ---- Address * System.String Transport HTTP System.String Port 5985 System.String Hostname System.String Enabled true System.String URLPrefix wsman System.String CertificateThumbprint System.String ListeningOn_756355952 10.0.0.54 System.String ListeningOn_1201550598 127.0.0.1 System.String PS WSMan:\localhost&gt; dir wsman:\localhost\listener\Listener_1187163138 WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener\Listener_1187163138 Name Value Type ---- ----- ---- Address * System.String Transport HTTP System.String Port 80 System.String Hostname System.String Enabled true System.String URLPrefix wsman System.String CertificateThumbprint System.String ListeningOn_756355952 10.0.0.54 System.String ListeningOn_1201550598 127.0.0.1 System.String PS WSMan:\localhost&gt; dir wsman:\localhost\listener\Listener_220862350 WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener\Listener_220862350 Name Value Type ---- ----- ---- Address * System.String Transport HTTPS System.String Port 5986 System.String Hostname redacted System.String Enabled true System.String URLPrefix wsman System.String CertificateThumbprint redacted System.String ListeningOn_756355952 10.0.0.54 System.String ListeningOn_1201550598 127.0.0.1 System.String Trouble is when i do this PS C:\Users\redacted> enter-pssession -Computername redacted -Credential redacted\redacted -UseSSL I get this Enter-PSSession : Connecting to remote server failed with the following error message : The client cannot connect to th e destination specified in the request. Verify that the service on the destination is running and is accepting requests . Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or Win RM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic. At line:1 char:16 + enter-pssession <<<< -Computername redacted -Credential redacted\redacted -UseSSL + CategoryInfo : InvalidArgument: (redacted:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CreateRemoteRunspaceFailed This happens even when the firewall is off completely and when the machine tires to connect to itself locally. On top of that, despite the listners eing lsited on wsman, when I run PS WSMan:\localhost&gt; Get-PSSessionConfiguration I get Name PSVersion StartupScript Permission ---- --------- ------------- ---------- Microsoft.PowerShell 2.0 PS WSMan:\localhost&gt; Any ideas what I'm missing/doing wrong? edit: Windows 2003. Powershell v2.0

    Read the article

  • A non interactive alternative to makecert.

    - by mark
    Dear ladies and sirs. I have a need to create a self signed certificate non interactively. Unfortunately, the only tool that I know of (makecert) is interactive - it uses GUI to ask for a password. My OS is Windows (from XP to 2008). The only thing close that I managed to find is http://www.codeproject.com/Tips/125982/How-to-run-Makecert-without-password-window.aspx, however, it is still not good. Any ideas?

    Read the article

  • Problems serving SVN over HTTPS on Ubuntu 10.04

    - by odd parity
    We've been experiencing some problems with our Subversion server after upgrading to Ubuntu 10.04. When trying to access a repository, regardless of client (I've tried git-svn and svn on Windows as well as svn on Ubuntu 10.04, from different computers and network locations), I get a 400 bad request. Here's the output from svn: svn: Server sent unexpected return value (400 Bad Request) in response to OPTIONS request for 'https://svn.example.org/svn/programs' Here are the relevant entries from the Apache logs (I'm running Apache 2.2): error.log [Mon Jun 14 11:29:31 2010] [error] [client x.x.x.x] request failed: error reading the headers ssl_access.log x.x.x.x - - [14/Jun/2010:11:29:28 +0200] "OPTIONS /svn/programs HTTP/1.1" 401 2643 "-" "SVN/1.6.6 (r40053) neon/0.29.0" x.x.x.x - - [14/Jun/2010:11:29:31 +0200] "ction-set/></D:options>OPTIONS /svn/programs HTTP/1.1" 400 644 "-" "SVN/1.6.6 (r40053) neon/0.29.0" If anyone has run into similar problems or could give me a pointer to track down the cause of this I'd be very grateful - I'd really like to avoid having to downgrade the box again.

    Read the article

  • force https with apache before .htpasswd

    - by johnlai2004
    I have this in my .htaccess file RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://www.myweb.com/phpmyadmin$1 [R,L] AuthUserFile /var/www/myweb/.htpasswd AuthGroupFile /dev/null AuthName "Sovereign Databases" AuthType Basic <Limit GET> require valid-user </Limit> But everytime I go to http://www.myweb.com/phpmyadmin, the .htpasswd prompts me for a credentials BEFORE i'm redirected to https://www.myweb.com/phpmyadmin. After I type in my username and password, I get redirected to https://www.myweb.com/phpmyadmin. The problem is that I don't want anyone to submit their username and password unencrypted via http. How do I force people to login via the https version even if they typed in the http version?

    Read the article

  • Apache 2.2.14: SSLCARevocation location

    - by Doc
    I am installing a .crl in my apache config. It looks like this: VirtualHost default DocumentRoot "web" ServerName example.com SSLEngine on SSLCertificateFile "cert.crt" SSLCertificateKeyFile "key.key" SSLCertificateChainFile "cert.ca-bundle" SSLProtocol -all +SSLv3 SSLCipherSuite SSLv3:+HIGH:+MEDIUM Directory Order deny,allow Allow from all SSLCACertificateFile "ClientRootCert.crt" SSLVerifyClient require SSLVerifyDepth 3 SSLCARevocationFile "CRLList.crl" Directory VirtualHost When Apache is started, I get the error: SSLCARevocationFile not allowed here When I place SSLCARevocationFile above the Directory tag, Apache starts, but all client certs are rejected with the message: ssl_error_expired_cert_alert (both revoked and active certs) How to solve this?

    Read the article

  • with nginx having the base url rewrite to https

    - by jchysk
    I'd like only my base domain www.domain.com to be rewritten to https://www.domain.com By default in my https block I have it reroute to http:// if it's not ~uri = "/" (base domain) or static content. server { listen 443; set $ssltoggle 2; if ($uri ~ ^/(img|js|css|static)/) { set $ssltoggle 1; } if ($uri = '/') { set $ssltoggle 1; } if ($ssltoggle != 1) { rewrite ^(.*)$ http://$server_name$1 permanent; } } So in my http block I need to do the rewrite if it has to https: server { listen 80; if ($uri = '/') { set $ssltoggle 1; } if ($ssltoggle = 1) { rewrite ^(.*)$ https://$server_name$1 permanent; } } If I don't have the $uri = '/' if-statement in the http block, then https works fine if I go directly to it, but I won't get redirected if I go to regular http which is expected. If I do put that in-statement in the http block then everything stops working within minutes. It might work for a few requests, but will always stop within a minute or so. In browsers I just get a blank page for all requests. If I restart nginx it continues to not work until I remove both if-statement blocks in both the https and http blocks and restart nginx. When I look in the error logs I don't see anything logged. When I look in the access log I see this message: "-" 400 0 "-" "-" which I assume means a 400 error. I don't understand why this doesn't work for me. My end goal is to have the base domain be https-only while all other pages default to http. How can I achieve this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 63 64 65 66 67 68 69 70 71 72 73 74  | Next Page >