Search Results

Search found 2668 results on 107 pages for 'trusted certificate'.

Page 79/107 | < Previous Page | 75 76 77 78 79 80 81 82 83 84 85 86  | Next Page >

• Setup IIS 7.5 with multiple website bindings and SSL?

  - by JK01

  On IIS 7.5 I am trying to achieve this with two websites: Default Web Site is bound to: (blank host header port 80 - http) (blank host header port 443 - https) go.example.com www71.example.com the IP address of go.example.com 2nd web site "Beta" is bound to: beta.example.com (blank host header port 443 - https) * using blank only because it doesn't seem to be possible to bind https to a named host header And both need to work with SSL. But I have these problems: When I type in beta.example.com, I see the go.example.com site instead I can not seem to add the SSL binding to both websites at once (I have a single *.example.com wildcard certificate). The beta site will not even start if I add the https binding to it. This is how I have set it up: What is the correct way to set it up?

  Read the article

• How to convert non key, value java arguments to applet params? (args like -Xmx64m)

  - by bwizzy

  I'm trying to use xvpviewer (based on TightVNC) to VNC into my VMs running on Citirx XenServer. There are a couple of caveats required with trusting the certificate from XenServer which I've got working. Essentially I'm trying to convert the java command below (which works on the command line to launch VncViewer) for use in an applet that can be accessed via HTML page. java -Djavax.net.ssl.trustStore=/tmp/kimo.jks -Xmx64m -jar VncViewer.jar HOST "/console?ref=OpaqueRef:141f4204-2240-4627-69c6-a0c7d9898e6a&session_id=OpaqueRef:91a483c4-bc40-3bb0-121c-93f2f89acc3c" PORT 443 PROXYHOST1 192.168.0.5 PROXYPORT1 443 SocketFactory "HTTPSConnectSocketFactory" I know I can put the HOST, PORT etc arguments into param tags for the applet but I'm not sure how to apply the two initial argments.

  Read the article

• SSL 3.0 warning in Chrome on Ubuntu 10.04LTS

  - by Leopd

  I'm running Apache2 with SSL on Ubuntu 10.04LTS. Chrome gives me this annoying warning when I inspect the certificate: The connection had to be retried using SSL 3.0. This typically means that the server is using very old software and may have other security issues. The relevant part of the apache config looks like: SSLEngine on SSLCertificateFile /etc/ssl/... SSLCertificateKeyFile /etc/ssl/... SSLCACertificateFile /etc/ssl/... SSLProtocol -all +SSLv3 +TLSv1 The last line I added to try to address this problem, but it's not working. Any advice on properly enabling TLS?

  Read the article

• Configuring IIS site to use HTTPS

  - by James

  I am working on a REST API which I have currently deployed on a Win XP Professional SP2 development machine running IIS 5.1. The site is currently being hosted on port 81 and being accessed via HTTP. I would now like to configure the site to stop using HTTP and use HTTPS only. I have developed a self-signed certificate using the SelfSSL.exe tool from the 6.0 Resource Kit Tools and set the Common Name to be the IP of my server (as it's a local development machine it has no domain name). I have also already configured the site to use SSL using the How To Set Up an HTTPS Service in IIS tutorial as my guide. However, whenever I try to access a resource in the API via HTTPS I get a 404. Any ideas?

  Read the article

• HTTPS vs. VPN for communication between business partners?

  - by Andrew H

  A business partner has asked to set up a site-to-site VPN just so that a few servers can communicate with each other over HTTPS. I'm convinced this isn't necessary, or even desirable. To be fair it must be part of a wider policy, potentially even a legal requirement. However I'd like to convince them to simply offer an IP to us (and us only) and a port of their choosing for HTTPS. Has anyone had a similar experience, or had to come up with a cast-iron argument against a VPN? Allow me to expand a little - we have a web service that initiates a connection to the partner's corresponding service using an encrypted HTTP connection. The connection uses a client certificate to authenticate. The connection is firewalled so only our IPs can contact the service. So why is a VPN necessary?

  Read the article

• Problem accessing the remote working space on my new SBS 2008 box

  - by Dabblernl

  This supposedly easy to install OS is starting to drive me nuts... SYMPTOMS: When trying to connect to the remote workplace I get (and ignore) the security warning because I am currently testing with the self issued certificate. After loggin in the remote workplace's main screen displays but the images on it do not load. When I try to click the email link I am thrown back to the login screen. If I try the login to exchange directly by typing in the remote.mydomain.com/owa address I get a 403 error that I am denied access. The problem occurs on both a vista and a win 7 machine. It seems that some security setting is playing tricks with me. How can I troubleshoot this?

  Read the article

• postfix smtps issue

  - by DavidC

  Im currently experiencing the following issue with postfix over ssl (smtps) Apr 7 13:43:55 server88-208-248-147 postfix/smtpd[5777]: connect from xxxxxxxxxxxxxxx[xxx.xxx.xxx.xxx] Apr 7 13:45:09 server88-208-248-147 postfix/smtpd[5777]: lost connection after UNKNOWN from xxxxxxxxxxxxxxx[xxx.xxx.xxx.xxx] Apr 7 13:45:09 server88-208-248-147 postfix/smtpd[5777]: disconnect from xxxxxxxxxxxxxxx[xxx.xxx.xxx.xxx] my main.cf is as follows: smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtp_use_tls = yes smtpd_tls_auth_only = no smtpd_tls_CAfile = /etc/postfix/caroot.crt smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_loglevel = 1 when accessing smtp and running start tls i get the following: # telnet xxxxxxxxxxxxxxx 25 Trying xxxxxxxxxxxxxxx... Connected to xxxxxxxxxxxxxxx . Escape character is '^]'. 220 xxxxxxxxxxxxxxx ESMTP Postfix ehlo localhost 250-xxxxxxxxxxxxxxx 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN STARTTLS 220 2.0.0 Ready to start TLS please help as i'm lost of places to look now. os is Ubuntu 10.4 and the SSL is a wildcard SSL, imap/pop and apache work flawlessly with the same certificate.

  Read the article

• SSRS report on SharePoint Web Part

  - by MicroSumol

  I have this configuration: DBK- SQL/SSRS/SSAS (includes SharePoint databases) SPK- SharePoint I created a SharePoint Site with an SSL certificate. Then on DBK I setup the SSRS with an SSL. Finaly went back to SharePoint and setup a webpart on a subsite to connect to the SSRS report. The problem comes that the user is asked 2 times to authenticate. Once when he logs into sharepoint, then when he wants to see the SSRS report. Since I am not an expert on SSRS, I am asking is there an easy way to pass the SharePoint credentials to the SSRS report. Would it be easier to install SSRS on SPK? Would that even work or solve my problem?

  Read the article

• What should a hosting company do to prepare for IPv6?

  - by Josh

  At the time of writing The IPv4 Depletion Site estimates there are 300 days remaining before all IPv4 addresses have been allocated. I've been following the depletion of IPv4 addresses for some time and realize the "crisis" has been going on for many years and IPv4 addresses have lasted longer than expected, however... As the systems administrator for a small SaaS / website hosting company, what steps should I be taking to prepare for IPv6? We run a handful of CentOS and Ubuntu Linux systems on managed hardware in a remote datacenter. All our servers have IPv6 addresses but they appear to be link local addresses. Our primary business function is website hosting on a proprietary website CMS system. One of my concerns is SSL certificates; at the moment every customer with an SSL certificate gets a dedicated IPv4 IP address. What else should I be concerned about / what action should I take to be prepared for IPv4 depletion?

  Read the article

• Unable to mount Amazon Public Dataset using ec2-create-volume

  - by the0ther

  I am trying to use a Public Dataset with the snapshot id of snap-­e1608d88. I am looking at these instructions, but they do not seem to help. The first suggestion there says I should click on Volumes and create a new volume, set it's size and availability zone, as well as specifying the snapshot id. The problem is, snapshot id is a dropdown, not a text field, and there are over 100 options in the dropdown. Next I installed the ec2 command line tools and tried to run the ec2-create-volume command. For my first attempt I tried ec2-create-volume --snapshot snap-­e1608d88 --availability-zone us-east-1 but that gave output indicating I need to provide a certificate with the --cert switch. Which certficate exactly? I tried my SSH cert at ~/.ssh/id_rsa. No dice. I got the following Java error: "org.codehaus.xfire.fault.XFireFault: General security error;"

  Read the article

• Cannot connect to HTTPS port on Ubuntu

  - by Simpleton

  I've installed a new SSL certificate and set up Nginx to use it. But requests time out when trying to hit HTTPS on the site. When I telnet to my domain on port 80 it connects, but times out on port 443. I'm not sure if there's some defaults on Ubuntu preventing a connection. UFW status shows: 443 ALLOW Anywhere netstat -a shows: tcp 0 0 *:https *:* LISTEN nmap localhost shows: 443/tcp open https The relevant block in the Nginx config is: server { listen 443; listen [::]:80 ipv6only=on; listen 80; root /path/to/app; server_name mydomain.com ssl on; ssl_certificate /etc/nginx/ssl/ssl-bundle.crt; ssl_certificate_key /etc/nginx/ssl/server.key; location / { proxy_pass http://mydomain.com; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }

  Read the article

• VoIP and IPv6 with IPsec

  - by PhilCisco

  Hi, I had some basic questions about VoIP in a IPv6 architecture, right now I'm running VoIP in a v4 architecture, and I was thinking about to change everything to v6. my questions are not that practical but I would like to understand it well. Question 1: if i had internet full v6 or v4 and that I enable IPsec on my v6 router do I still need a VPN through the internet ? because my routers will anyway exchange their pub/priv key or their certificate to ensure the communication. Question 2: If the answer to question 1 is yes then I only have two advantages to put my VoIP architecture to IPv6 the second advantage for me is the NAT which I will not have anymore. I know that right now I should anyway still use things like NAT-PT, Tunnelling and so one but in full v6 are their any other advantages ? Thank you

  Read the article

• Lighttpd domain redirection

  - by HTF

  I would like to redirect domains on HTTP/HTTPS: http://old.com -> https://new.com https://old.com -> https://new.com I have to specify the SSL key/certificate for the old domain but I'm not sure where I have to place these directives: $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = "/etc/pki/tls/private/new.com.pem" ssl.ca-file = "/etc/pki/tls/certs/new.com.crt" } $SERVER["socket"] == ":80" { $HTTP["host"] =~ "old.com|new.com" { url.redirect = ( "^/(.*)" => "https://new.com:443/$1" ) } } I was trying to add the code below but Lighttpd reports configuration errors: $SERVER["socket"] == ":443" { $HTTP["host"] =~ "old.com" { url.redirect = ( "^/(.*)" => "https://new.com:443/$1" ) } ssl.engine = "enable" ssl.pemfile = "/etc/pki/tls/private/old.com.pem" ssl.ca-file = "/etc/pki/tls/certs/old.com.crt" }

  Read the article

• Remote Desktop Problem on Windows Server 2008 R2

  - by lukiffer

  Revised this question to be more concise, consolidating several revisions. Symptoms: From a domain-member Windows 7 Client: Domain credentials to a domain controller = success Domain credentials to a member server (by hostname or FQDN) = success Domain credentials to a member server (by IP) = fail Local credentials to a member server (by either) = success From a non-domain-member Windows 7 Client: Domain credentials to a domain controller = success Domain credentials to a member server = fail Local credentials to a member server = success (Identical behavior from a Mac RDC 2.1 client) Server Configuration Details: Windows 2008 R2 Datacenter w/ SP1 The domain in question is a subdomain of a Windows 2008 domain (forest root). Root has DCs in both Site A and Site B, subdomain only has DCs in Site B. RDP is operating normally on all root member-servers and DCs. No remote desktop settings are defined by GPOs. Network level authentication is enabled; all clients are compatible and the certificate exchange/SSL handshake completes successfully. Not catching any errors in netlogon log.

  Read the article

• Personal Archive not Visible in Outlook

  - by Krypton2k

  I just added a second user to my Exchange 2010 box, it is in coexistence with exc2003. My account is already set up and working with a personal archive folder. The user I just set up however is unable to see the archive in Outlook. It is visible in OWA but not outlook. I have created a test profile on my PC with the users account and still no archive, if I jump back to my profile on the same box the archive is there so I know it is not an office versions issue. UPDATE: I have deleted all profiles from Outlook (one of which worked with the archive) now any new profiles including my own no longer show up. I think I have broken something In exchange. I get an auto discover certificate error which I am in the process of fixing. Perhaps the 2 problems are related. Also OWA on this server runs on a custom SSL port.

  Read the article

• Apache Ubuntu SSL Configuration

  - by JSP

  Where besides the vhost configuration can SSL be configured? I see an SSL configuration in sites-available but it's not an enabled vhost (and the certificate it points to is expired). Using apache2 -V shows me the configuration directory is /etc/apache2 but I can not for the life of me find the SSL configuration and it's driving me crazy. Any suggestions on where to look or what I'm missing? Ubuntu 12 Linux ip-10-39-119-18 3.2.0-23-virtual #36-Ubuntu SMP Tue Apr 10 22:29:03 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

  Read the article

• SSH Tunnel doesn't work in China

  - by Martin

  Last year I was working in China for a few months. I never bothered setting up a real VPN, but just created a SSH tunnel, and changed my browsers proxy settings to connect through it. Everything worked great (except flash of course) but that was fine. However, now I'm back in China but I'm having problems with this approach. I do the same thing as last time, and according to https://ipcheckit.com/ my IP address is indeed the IP of my (private) server in the US, and I'm logging in to my server using a fingerprint I created long before going to China so no MITM should be possible. Furthermore the certificate from ipcheckit.com is from GeoTrust - so everything should be OK However, I still can't access sites which are blocked in China. Any idea how this could be possible?

  Read the article

• Nginx load distribution and multi-domain SSL

  - by Steve Clark

  I'm researching into the best methods of two new parts of our infrastructure, hopefully finding a single solution for both. 1) We're currently running a single application server, and we're going to be adding an additional application server and load balance between the two. 2) We handle a few thousand domains across the application server(s), and we're looking to support SSL. The best method i've come across so far is using nginx for it's Load Distribution to serve the requests to the application servers, and for it's SSL support. If a request is using SSL, nginx accepts the request on, terminates SSL and pipes to apache (app servers). Now, that's all good, but i'm yet to figure out how we can let nginx handle multiple domains using SSL. We're potentially looking at using UCC SSL Certs, so we can support 150 domains on a single certificate, with each cert on a single IP. I'm all new to this (My experience is just with physical load balancers and a single domains on SSL), so any advice would be very much appreciated.

  Read the article

• Restrict Apache to only allow access using SSL for some directories

  - by DrStalker

  I have an Apache 2.2 server with an SSL certificate hosting several services that should be only access using SSL. ie: https://myserver.com/topsecret/ should be allowed while http://myserver.com/topsecret/ should be either denied or, ideally, redirected to https. http://myserver.com/public should not have this restriction, and should work using either http or https. The decision to allow/deny http is made at the top level directory, and affects all content underneath it. Is there a directive that can be placed in the Apache config to retrict access in this manner?

  Read the article

• Reverse Proxy Server SSL?

  - by valveLondon

  Context We currently have an Apache web server in the DMZ set up as a reverse proxy and load balancer for two machines running Windows Server 2008 (IIS) inside. The Apache server has a genuine SSL certificate and serves up both http and https, however, the balancer members in the load balancing section are set to: BalancerMember {https://server1} and {https://server2}. The IIS web servers have self-signed certificates in order to respond to the https requests. My question: Do we need to forward any requests from Apache (in the DMZ) to the inside using SSL? e.g can the reverse proxy forward the requests using HTTP? and if so, why would I choose to forward them with SSL? (how secure is the http line between the dmz and the inside); In other words, can I totally disable SSL on my inside web servers?

  Read the article

• Apache redirect some requests to another server

  - by mucie

  We just bought a new server. We want our old server to respond the https connections(because of ssl certificate) and new server to respond the rest. New server is ready but i don't know how to redirect requests to new one. mydomain.com => old machine ip 10.10.10.41 => new machine Requests will come through mydomain.com. If it is https: respond else redirect to 10.10.10.41 How should i configure apache for this situation?

  Read the article

• redirecting HTTPS requests to http in lighttpd

  - by chochim

  I have a lighttpd server running which has an SSL certificate installed. I would, due to certain reasons, like to forward all https: //www. requests to http: //www. My lighttpd code looks like as follows: $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = "/path/to/pem/file" ssl.ca-file = "/path/to/ca/file" HTTP["host"] =~ "^www\.(.*)$" { url.redirect = ("^/(.*)" => "http://www.%1$1") } } Can you please point out the problem here. Another thing, what is the difference between %1 and $1 ?

  Read the article

• How to edit the Boot Graphics Resource Table / Edit windows 8 BOOT LOGO?

  - by user144773

  I want to edit the screen which is displayed when windows 8 (starts) loads (/loading). As for now it has the Toshiba logo, I want my custom logo or the windows default logo. I have found that UEFI has something called "Boot Graphics Resource Table" and that it overides the default logo if there is a image present (source) How can I edit the logo stored in UEFI firmware or Boot Graphics Resource Table? if it's in the "bootres.dll", which does UEFI use? My disk (spread across a few system/usefi/windows/etc partitions) has around twenty bootres.dlls. The bootres.dll is signed by Microsoft, but I don't have to worry because I can sign the file I edit myself with my own certificate.

  Read the article

• setreg.exe for Windows 7

  - by victoriah

  I want to use setreg.exe (http://msdn.microsoft.com/en-us/library/aa387700(VS.85).aspx) to disable the certificate revocation check. However, it's based on an older version of .NET than what I have. Microsoft says it's shipped with the older .net SDK, and when I download that, try to install, it says something like 'can't install SDK without .net 1.1'. In the article linked it says for newer versions I should use SignTool, but SignTool does not appear to have the function I need . Is it possible to either - a) find a tool that can perform the function I need that doesn't need me to install the older .NET b) get setreg.exe without downloading the SDK or do I need to install the older .NET on my machine? And if the latter is the case, what do I need to do to install an older .NET? Will it overwrite my current .NET? Thanks,

  Read the article

• Speedup of fixing an openssl bug with 8192 bit key [on hold]

  - by rubo77

  This is related to this Bug-Report https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747453 OpenSSL contains a set of arbitrary limitations on the size of accepted key parameters that make unrelated software fail to establish secure connections. The problem was found while debugging a XMPP s2s connection issue where two servers with long certificate keys (8192 Bit RSA) failed to establish a secure connection because OpenSSL rejected the handshake. This seems to be a small problem to be fixed but although there is an easy patch available to fix the issue in that bug report, no reactions are noticed so far.. The last patch that broke the 2048 barrier took 2 years to be implemented and only resulted in an increase to 4096bit, which seems to be a bad joke. Where would we have to report this to speed up the implementation for such an issue?

  Read the article

< Previous Page | 75 76 77 78 79 80 81 82 83 84 85 86  | Next Page >