Search Results

Search found 3314 results on 133 pages for 'certificate authority'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 88/133 | < Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >

  • Cache updates when migrating DNS from one provider to another

    - by JohnCC
    This may be a Windows DNS specific question or a general DNS best practice question - I'm not sure! We migrated our 3rd party DNS provision from provider A to provider B. I noticed that our internal recursive windows DNS servers still had NS records cached for our domains pointing to provider A's servers, even though I changed the nameservers with our registrar several days ago, and even though selecting the properties of the cached records showed a TTL of 1 day. After 24 hours when the NS records in this cache have expired, will the DNS server go back to the TLD server for an update on the authority, or will it go by preference to dns1.providera.com since that is what it has cached? In this case I arranged to leave Provider A's servers up for a week to allow changes to propagate, so dns1.providera.com is still active and would still provide NS and SOA records that said that dns1.providera.com. was in charge of this domain. Given this fact, would the Windows DNS server ever go back to the TLD and pick up the authority changes, or would it just assume all was well and renew timestamps on its cached NS records? I wonder what would be the best approach to ensuring that caches pick this up. Should I:- (1) Leave Provider A's servers in place and active and wait for caches to catch up ... basically what we're doing now which seems to have issues - perhaps specifically for Windows servers, or perhaps more widely. (2) Leave Provider A's servers in place but change the NS and/or SOA information they provide to tell caches that new servers are in charge. (3) Remove Provider A's servers after 2*TTL to force remaining caches to update. The issue with (2) is that on Provider A's system I can't seem to change the NS or SOA information to anything other than their servers. The issue with (3) is that I'm not sure how a DNS server would behave in this case. When it couldn't reach the cached name servers, would it flush its cache and try a full recursive lookup, or would it just return an error, forcing the user to clear the cache manually? Thanks in advance!

    Read the article

  • Website cannot be accessed with google DNS because of unsigned DNS

    - by Sinan Samet
    I get this error: Inconsistent security for stakeholdergame.com - DS found at parent, but no DNSKEY found at child. On http://dnscheck.pingdom.com/?domain=stakeholdergame.com People can't access my site with google public DNS because of this. How do I solve this problem? dig @ns1.haveabyte.nl stakeholdergame.com DS shows me this ; <<>> DiG 9.8.3-P1 <<>> @ns1.haveabyte.nl stakeholdergame.com DS ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42223 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;stakeholdergame.com. IN DS ;; AUTHORITY SECTION: stakeholdergame.com. 14400 IN SOA ns1.haveabyte.nl. hostmaster.stakeholdergame.com. 2014030300 14400 3600 1209600 86400 ;; Query time: 21 msec ;; SERVER: 79.170.93.174#53(79.170.93.174) ;; WHEN: Tue Jun 10 11:20:41 2014 ;; MSG SIZE rcvd: 100

    Read the article

  • Access denied error 3221225578 with file sharing to Windows server

    - by Ian Boyd
    i'm trying to access the shares on a server. The credential box appears, and i enter in a correct username and password, and i get access denied. The silly thing is that i can Remote Desktop to the server (using the same credentials), and i can check the Security event log for the access denied errors: Event Type: Failure Audit Event Source: Security Event Category: Account Logon Event ID: 681 Date: 3/19/2011 Time: 11:54:39 PM User: NT AUTHORITY\SYSTEM Computer: STALWART Description: The logon to account: Administrator by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 from workstation: HARPAX failed. The error code was: 3221225578 and Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 529 Date: 3/19/2011 Time: 11:54:39 PM User: NT AUTHORITY\SYSTEM Computer: STALWART Description: Logon Failure: Reason: Unknown user name or bad password User Name: Administrator Domain: stalwart Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: HARPAX Looking up the error code (3221225578), i get an article on Technet: Audit Account Logon Events By Randy Franklin Smith ... Table 1 - Error Codes for Event ID 681 Error Code Reason for Logon Failure 3221225578 The username is correct, but the password is wrong. Which would seem to indicate that the username is correct, but the password is wrong. i've tried the password many times, uppercase, lowercase, on different user accounts, with and without prefixing the username with servername\username. What gives that i cannot access the server over file sharing, but i can access it over RDP?

    Read the article

  • Can I use CNAME with ip address? Why If works (sometimes)?

    - by Maciek Sawicki
    I believe that the easiest answer for the first question is "No, You have "A" for this", but I accidentally setup some subdomain using CNAME pointing to ip address and it worked on few computers in my office. I wonder how it was possible? Now, when I'm checking it from home I have following error: beast:~ viroos$ host somesubdomain.somedomain.com Host somesubdomain.somedomain.com not found: 3(NXDOMAIN) I'm 100% it used to work at my office (currently it looks like it doesn't, but I'm checking it on different machine). Therefore I'm not 100% if it worked due to some special network setup or because I tested it just after adding DNS entry. I know this story sounds, a little crazy/incredibly, but can someone help me solve this puzzle. //edit: I'm adding dig output ; <<>> DiG 9.6-ESV-R4-P3 <<>> somesubdomain.somedomain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60224 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;somesubdomain.somedomain.com. IN A ;; ANSWER SECTION: somesubdomain.somedomain.com. 67 IN CNAME xxx.xxx.xxx.xx1. ;; AUTHORITY SECTION: . 1800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012040901 1800 900 604800 86400 ;; Query time: 72 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 10 00:11:01 2012 ;; MSG SIZE rcvd: 136

    Read the article

  • Exchange Connector Won't Send to External Domains

    - by sisdog
    I'm a developer trying to get my .Net application to send emails out through our Exchange server. I'm not an Exchange expert so I'll qualify that up front!! We've set up a receive Connector in Exchange that has the following properties: Network: allows all IP addresses via port 25. Authentication: Transport Layer Security and Externally Secured checkboxes are checked. Permission Groups: Anonymous Users and Exchange Servers checkboxes are checked. But, when I run this Powershell statement right on our Exchange server it works when I send to a local domain address but when I try to send to a remote domain it fails. WORKS: C:\Windows\system32Send-Mailmessage -To [email protected] -From [email protected] -Subject testing -Body testing -SmtpServer OURSERVER (BTW: my value for OURSERVER=boxname.domainname.local. This is the same fully-qualified name that shows up in our Exchange Management Shell when I launch it). FAILS: C:\Windows\system32Send-Mailmessage -To [email protected] -From [email protected] -Subject testing -Body testing -SmtpServer OURSERVER Send-MailMessage : Mailbox unavailable. The server response was: 5.7.1 Unable to relay At line:1 char:17 + Send-Mailmessage <<<< -To [email protected] -From [email protected] -Subject testing -Body himom -SmtpServer FTI-EX + CategoryInfo : InvalidOperation: (System.Net.Mail.SmtpClient:SmtpClient) [Send-MailMessage], SmtpFailed RecipientException + FullyQualifiedErrorId : SmtpException,Microsoft.PowerShell.Commands.SendMailMessage EDIT: From @TheCleaner 's advice, I ran the Add-ADPermission to the relay and it didn't help; [PS] C:\Windows\system32Get-ReceiveConnector "Allowed Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -E xtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient" Identity User Deny Inherited -------- ---- ---- --------- FTI-EX\Allowed Relay NT AUTHORITY\ANON... False False Thanks for the help. Mark

    Read the article

  • Windows authentication to SQL Server via IIS and PHP

    - by Jeff
    We're running a PHP 5.4 application on Server 2008 R2. We would like to connect to a SQL Server 2008 database, on a separate server, using Windows authentication (must be Windows authentication--the DB admins won't let us connect any other way). I have downloaded the SQL Server drivers for PHP and installed them. IIS is configured for Windows authentication, and anonymous authentication has been disabled. $_SERVER['AUTH_USER'] reports our currently logged on Windows account. In php.ini, we have set fastcgi.impersonate = 1. When we setup a connection using the following code from Microsoft: $serverName = "sqlserver\sqlserver"; $connectionInfo = array( "Database"=>"some_db"); /* Connect using Windows Authentication. */ $conn = sqlsrv_connect( $serverName, $connectionInfo); if( $conn === false ) { echo "Unable to connect.</br>"; die( print_r( sqlsrv_errors(), true)); } We are presented with the following error message: Unable to connect. Array ( [0] => Array ( [0] => 28000 [SQLSTATE] => 28000 [1] => 18456 [code] => 18456 [2] => [Microsoft][SQL Server Native Client 11.0][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. [message] => [Microsoft][SQL Server Native Client 11.0][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. ) Is it possible to connect to SQL Server 2008 via PHP using Windows authentication? Are there any additional required settings we need to make on IIS, SQL Server, or any other component (like a domain controller)?

    Read the article

  • Clustered MSDTC

    - by niel
    Hi I'm setting up a SQL cluster (SQL 2008), Windows 2008 R2. I enable the network access on local dtc and then create a DTC resource in my cluster . the problem is that when i start up the resource it does nto pull through my settings to enable network access. the log shows this: MSDTC started with the following settings: Security Configuration (OFF = 0 and ON = 1): Allow Remote Administrator = 0, Network Clients = 0, Trasaction Manager Communication: Allow Inbound Transactions = 0, Allow Outbound Transactions = 0, Transaction Internet Protocol (TIP) = 0, Enable XA Transactions = 0, Enable SNA LU 6.2 Transactions = 1, MSDTC Communications Security = Mutual Authentication Required, Account = NT AUTHORITY\NetworkService, Firewall Exclusion Detected = 0 Transaction Bridge Installed = 0 Filtering Duplicate Events = 1 where when i restart the local dtc service it says this: Security Configuration (OFF = 0 and ON = 1): Allow Remote Administrator = 0, Network Clients = 1, Trasaction Manager Communication: Allow Inbound Transactions = 1, Allow Outbound Transactions = 1, Transaction Internet Protocol (TIP) = 0, Enable XA Transactions = 1, Enable SNA LU 6.2 Transactions = 1, MSDTC Communications Security = No Authentication Required, Account = NT AUTHORITY\NetworkService, Firewall Exclusion Detected = 0 Transaction Bridge Installed = 0 Filtering Duplicate Events = 1 settings on both nodes in teh cluster is the same. I have reinstalled and restarted to many times to mention. Any ideas ?

    Read the article

  • ApplicationPoolIdentity IIS 7.5 to SQL Server 2008 R2 not working.

    - by Jack
    I have a small ASP.NET test script that opens a connection to a SQL Server database on another machine in the domain. It isn't working in all cases. Setup: IIS 7.5 under W2K8R2 trying to connect to a remote SQL Server 2008 R2 instance. All machines are in the same domain. Using the ApplicationPoolIdentity for the web site it fails to connect to the SQL Server with the following: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. However if I switch the Process Model Identity to NETWORK SERVICE or my domain account the database connection is successful. I've granted the \$ access in SQL Server. I am not doing any sort of authentication on the web site, it is just a simple script to open a connection to a database to make sure it works. I have Anonymous Authentication enabled and set to use the Application pool identity. How do I make this work? Why is the ApplicationPoolIdentity trying to use ANONYMOUS LOGON? Better yet, how do I make it stop using the Anonymous logon?

    Read the article

  • Lighttpd + django on gentoo 10 seconds to answer

    - by plaetzchen
    I want to run a Django site on a lighttpd with fastcgi on a gentoo machine. Everytime I try to access the site I get a response after more or less exactly 10 seconds. Im using a socket to let lighttpd communicate with my Django site, but a tcp port doesn't help either. Could this be a lighttpd problem? I tried to both from a server in the internet as well as from localost, this is what lighttpd gives me in the error.log 2012-07-10 14:36:36: (response.c.300) -- splitting Request-URI 2012-07-10 14:36:36: (response.c.301) Request-URI : / 2012-07-10 14:36:36: (response.c.302) URI-scheme : http 2012-07-10 14:36:36: (response.c.303) URI-authority: owntube 2012-07-10 14:36:36: (response.c.304) URI-path : / 2012-07-10 14:36:36: (response.c.305) URI-query : 2012-07-10 14:36:36: (response.c.300) -- splitting Request-URI 2012-07-10 14:36:36: (response.c.301) Request-URI : /owntube.fcgi/ 2012-07-10 14:36:36: (response.c.302) URI-scheme : http 2012-07-10 14:36:36: (response.c.303) URI-authority: owntube 2012-07-10 14:36:36: (response.c.304) URI-path : /owntube.fcgi/ 2012-07-10 14:36:36: (response.c.305) URI-query : 2012-07-10 14:36:36: (response.c.349) -- sanatising URI 2012-07-10 14:36:36: (response.c.350) URI-path : /owntube.fcgi/ 2012-07-10 14:36:36: (mod_access.c.135) -- mod_access_uri_handler called 2012-07-10 14:36:36: (mod_fastcgi.c.3632) handling it in mod_fastcgi 2012-07-10 14:36:36: (response.c.470) -- before doc_root 2012-07-10 14:36:36: (response.c.471) Doc-Root : /var/www/owntube 2012-07-10 14:36:36: (response.c.472) Rel-Path : /owntube.fcgi 2012-07-10 14:36:36: (response.c.473) Path : 2012-07-10 14:36:36: (response.c.521) -- after doc_root 2012-07-10 14:36:36: (response.c.522) Doc-Root : /var/www/owntube 2012-07-10 14:36:36: (response.c.523) Rel-Path : /owntube.fcgi 2012-07-10 14:36:36: (response.c.524) Path : /var/www/owntube/owntube.fcgi 2012-07-10 14:36:36: (response.c.541) -- logical -> physical 2012-07-10 14:36:36: (response.c.542) Doc-Root : /var/www/owntube 2012-07-10 14:36:36: (response.c.543) Rel-Path : /owntube.fcgi 2012-07-10 14:36:36: (response.c.544) Path : /var/www/owntube/owntube.fcgi

    Read the article

  • OARC's DNSSEC validating resolvers validate all my records but A records

    - by demize
    I have DNS set up with powerdns. It serves my DNS pretty well, and it AXFRs to other slaves. The slaves haven't yet updated to the most recent records, but that doesn't affect the validation, it would appear. Any record I can think of (AAAA, MX, TXT, even the CNAME for www) validates -- except for A records: dig @149.20.64.20 +dnssec www.demize95.com CNAME returns ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 5, ADDITIONAL: 7 while dig @149.20.64.20 +dnssec demize95.com A returns ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 5, ADDITIONAL: 7. The same happens with any other A record I have. I set up DNSSEC with pdnssec, and it does work for all the other records, but it's never validated for my A records. What's the problem here? Also, a side-note: I have to use ISC's DLV to create the chain of trust, since my domain registrar doesn't yet support sending the DS records to the com zone.

    Read the article

  • no A record show in the answer section in dig results

    - by eric low
    To check the record for the domain, run dig with domain name as the parameter. dig example.com any I get the below result. Why there is no A record show in the result. What did i do wrong during the setup. Please advice what suppose to look into it. Hope everyone can help me to resolve the case asap. ; <<>> DiG 9.9.3-P2 <<>> example.com any ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44674 ;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 4, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;example.com. IN ANY ;; ANSWER SECTION: example.com. 3489 IN MX 100 biz.mail.com. example.com. 3482 IN NS ns1.domain.com. example.com. 3482 IN NS ns2.domain.com. ;; AUTHORITY SECTION: example.com. 3482 IN NS ns2.domain.com. example.com. 3482 IN NS ns1.domain.com. ;; Query time: 0 msec ;; SERVER: xxx.252.xxx.xxx#53(xxx.252.xxx.xxx) ;; WHEN: Wed Oct 30 04:48:34 CDT 2013 ;; MSG SIZE rcvd: 349

    Read the article

  • What is wrong with my DNS entries?

    - by matheus
    I have some problems with a domain not working as expected. My registrar's controlpanel shows these records for mydomain.eu: www A 111.222.333.444 * A 111.222.333.444 I use the nameservers of my registrar. I get a correct answer if i do dig www.mydomain.eu dig whatever.mydomain.eu I can also ping/visit website etc with those adresses. But, dig mydomain.eu wont resolve to anything. I just get this: ; <<>> DiG 9.6-ESV-R1 <<>> mydomain.eu ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46837 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;mydomain.eu. IN A ;; AUTHORITY SECTION: mydomain.eu. 1799 IN SOA ns1.binero.se. registry.binero.se. 1281647822 3600 240 1209600 3600 ;; Query time: 77 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Thu Jan 6 01:36:31 2011 ;; MSG SIZE rcvd: 83 The same A-record setup work for another domain/server ip, but that domain has other nameservers. What am I missing here?

    Read the article

  • Permissions Issue with Files Generated by PerfMon

    - by SvrGuy
    We are trying to implement some data logging to CSV files using a Data Collector Set in PerfMon (on a windows Server 2008R2 system). The issue we are running into is that we (seemingly) can't control the permissions being set on the log files created by perfmon. What we want is for the log files created by perfmon to have Everyone:F permissions (Full Control for Everyone). So, we have a directory structure setup where all logs go into a folder: c:\vms\PerfMonLogs\%MACHINENAME% (e.g. c:\vms\PerfMonLogs\EvaluationG2) In the above example, c:\vms\PerfMonLogs\EvaluationG2 has permissions Everyone:F (below is the icacls for this directory) EVALUATIONG2/ Everyone:(OI)(CI)(F) NT AUTHORITY\SYSTEM:(OI)(CI)(F) BUILTIN\Administrators:(OI)(CI)(F) BUILTIN\Performance Log Users:(OI)(R) When the data collector set runs, it creates new sub folders and files within c:\vms\PerfMonLogs\EvaluationG2, e.g. (C:\vms\PerfMonLogs\EVALUATIONG2\M11d26y2012N3) Each of these directories and files has the following permissions: M11d26y2012N3 NT AUTHORITY\SYSTEM:(OI)(CI)(F) BUILTIN\Administrators:(OI)(CI)(F) BUILTIN\Performance Log Users:(OI)(R) So these new folders and not simply inheriting permissions from the parent folder (don't know why). Now, we tried adding Everyone:F using the security tab on the collector set (No dice). Any ideas? How do we control the permissions on the log files generated by perfmon data collector set?

    Read the article

  • Configuring WCF to Handle a Signature on a SOAP Message from an Oracle Server

    - by AlEl
    I'm trying to use WCF to consume a web service provided by a third-party's Oracle Application Server. I pass a username and password and as part of the response the web service returns a standard security tag in the header which includes a digest and signature. With my current setup, I successfully send a request to the server and the web service sends the expected response data back. However, when parsing the response WCF throws a MessageSecurityException, with an InnerException.Message of "Supporting token signatures not expected." My guess is that WCF wants me to configure it to handle the signature and verify it. I have a certificate from the third party that hosts the web service that I should be able to use to verify the signature. It's in the form of -----BEGIN CERTIFICATE----- [certificate garble] -----END CERTIFICATE----- Here's a sample header from a response that makes WCF throw the exception: <?xml version="1.0" encoding="UTF-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <dsig:Reference URI="#_51IUwNWRVvPOcz12pZHLNQ22"> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue> [DigestValue here] </dsig:DigestValue> </dsig:Reference> <dsig:Reference URI="#_dI5j0EqxrVsj0e62J6vd6w22"> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue> [DigestValue here] </dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue> [Signature Value Here] </dsig:SignatureValue> <dsig:KeyInfo> <wsse:SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:Reference URI="#BST-9nKWbrE4LRv6maqstrGuUQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/> </wsse:SecurityTokenReference> </dsig:KeyInfo> </dsig:Signature> <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-9nKWbrE4LRv6maqstrGuUQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> [Security Token Here] </wsse:BinarySecurityToken> <wsu:Timestamp wsu:Id="_dI5j0EqxrVsj0e62J6vd6w22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsu:Created>2010-05-26T18:46:30Z</wsu:Created> </wsu:Timestamp> </wsse:Security> </soap:Header> <soap:Body wsu:Id="_51IUwNWRVvPOcz12pZHLNQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> [Body content here] </soap:Body> </soap:Envelope> My binding configuration looks like: <basicHttpBinding> <binding name="myBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> </basicHttpBinding> I'm new at WCF, so I'm sorry if this is a bit of a dumb question. I've been trying to Google solutions, but there seem to be so many different ways to configure WCF that I'm getting overwhelmed. Thanks in advance!

    Read the article

  • Android: Trusting all Certificates using HttpClient over HTTPS

    - by psuguitarplayer
    Hi all, Recently posted a question regarding the HttpClient over Https (found here). I've made some headway, but I've run into new issues. As with my last problem, I can't seem to find an example anywhere that works for me. Basically, I want my client to accept any certificate (because I'm only ever pointing to one server) but I keep getting a javax.net.ssl.SSLException: Not trusted server certificate exception. So this is what I have: public void connect() throws A_WHOLE_BUNCH_OF_EXCEPTIONS { HttpPost post = new HttpPost(new URI(PROD_URL)); post.setEntity(new StringEntity(BODY)); KeyStore trusted = KeyStore.getInstance("BKS"); trusted.load(null, "".toCharArray()); SSLSocketFactory sslf = new SSLSocketFactory(trusted); sslf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme ("https", sslf, 443)); SingleClientConnManager cm = new SingleClientConnManager(post.getParams(), schemeRegistry); HttpClient client = new DefaultHttpClient(cm, post.getParams()); HttpResponse result = client.execute(post); } And here's the error I'm getting: W/System.err( 901): javax.net.ssl.SSLException: Not trusted server certificate W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:360) W/System.err( 901): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92) W/System.err( 901): at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:321) W/System.err( 901): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:129) W/System.err( 901): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164) W/System.err( 901): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119) W/System.err( 901): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348) W/System.err( 901): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555) W/System.err( 901): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487) W/System.err( 901): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465) W/System.err( 901): at me.harrisonlee.test.ssl.MainActivity.connect(MainActivity.java:129) W/System.err( 901): at me.harrisonlee.test.ssl.MainActivity.access$0(MainActivity.java:77) W/System.err( 901): at me.harrisonlee.test.ssl.MainActivity$2.run(MainActivity.java:49) W/System.err( 901): Caused by: java.security.cert.CertificateException: java.security.InvalidAlgorithmParameterException: the trust anchors set is empty W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:157) W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:355) W/System.err( 901): ... 12 more W/System.err( 901): Caused by: java.security.InvalidAlgorithmParameterException: the trust anchors set is empty W/System.err( 901): at java.security.cert.PKIXParameters.checkTrustAnchors(PKIXParameters.java:645) W/System.err( 901): at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:89) W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.<init>(TrustManagerImpl.java:89) W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.TrustManagerFactoryImpl.engineGetTrustManagers(TrustManagerFactoryImpl.java:134) W/System.err( 901): at javax.net.ssl.TrustManagerFactory.getTrustManagers(TrustManagerFactory.java:226) W/System.err( 901): at org.apache.http.conn.ssl.SSLSocketFactory.createTrustManagers(SSLSocketFactory.java:263) W/System.err( 901): at org.apache.http.conn.ssl.SSLSocketFactory.<init>(SSLSocketFactory.java:190) W/System.err( 901): at org.apache.http.conn.ssl.SSLSocketFactory.<init>(SSLSocketFactory.java:216) W/System.err( 901): at me.harrisonlee.test.ssl.MainActivity.connect(MainActivity.java:107) W/System.err( 901): ... 2 more

    Read the article

  • git push problem -argh!

    - by phil swenson
    Dunno what's going on, no response from github on this prob so I'm asking here. Tried a git push for the first time in a month or so and got this. Turned on export GIT_CURL_VERBOSE=1 and did a push and get this: localhost:send2mobile_rails phil$ git push Password: * Couldn't find host github.com in the .netrc file; using defaults * About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * Connected to github.com (207.97.227.239) port 443 (#0) * SSL connection using DHE-RSA-AES256-SHA * Server certificate: * subject: O=*.github.com; OU=Domain Control Validated; CN=*.github.com * start date: 2009-12-11 05:02:36 GMT * expire date: 2014-12-11 05:02:36 GMT * subjectAltName: github.com matched * issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287 * SSL certificate verify ok. > GET /303devworks/send2mobile_rails.git/info/refs?service=git-receive-pack HTTP/1.1 User-Agent: git/1.7.1 Host: github.com Accept: */* Pragma: no-cache < HTTP/1.1 401 Authorization Required < Server: nginx/0.7.61 < Date: Tue, 01 Jun 2010 10:53:13 GMT < Content-Type: text/html; charset=iso-8859-1 < Connection: keep-alive < Content-Length: 0 < WWW-Authenticate: Basic realm="Repository" < * Connection #0 to host github.com left intact * Issue another request to this URL: 'https://[email protected]/MYUSERHERE/send2mobile_rails.git/info/refs?service=git-receive-pack' * Couldn't find host github.com in the .netrc file; using defaults * Re-using existing connection! (#0) with host github.com * Connected to github.com (207.97.227.239) port 443 (#0) * Server auth using Basic with user '303devworks' > GET /303devworks/send2mobile_rails.git/info/refs?service=git-receive-pack HTTP/1.1 Authorization: Basic MzAzZGVfd29sa3M6Y29nbmwzNzIw User-Agent: git/1.7.1 Host: github.com Accept: */* Pragma: no-cache < HTTP/1.1 200 OK < Server: nginx/0.7.61 < Date: Tue, 01 Jun 2010 10:53:13 GMT < Content-Type: application/x-git-receive-pack-advertisement < Connection: keep-alive < Status: 200 OK < Pragma: no-cache < Content-Length: 153 < Expires: Fri, 01 Jan 1980 00:00:00 GMT < Cache-Control: no-cache, max-age=0, must-revalidate < * Expire cleared * Connection #0 to host github.com left intact Counting objects: 166, done. Delta compression using up to 4 threads. Compressing objects: 100% (133/133), done. * Couldn't find host github.com in the .netrc file; using defaults * About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * connected * Connected to github.com (207.97.227.239) port 443 (#0) * SSL re-using session ID * SSL connection using DHE-RSA-AES256-SHA * old SSL session ID is stale, removing * Server certificate: * subject: O=*.github.com; OU=Domain Control Validated; CN=*.github.com * start date: 2009-12-11 05:02:36 GMT * expire date: 2014-12-11 05:02:36 GMT * subjectAltName: github.com matched * issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287 * SSL certificate verify ok. * Server auth using Basic with user 'MYUSERHERE' > POST /303devworks/send2mobile_rails.git/git-receive-pack HTTP/1.1 Authorization: Basic JzAzZGV1d29ya3M6Y25nb29zNzIq User-Agent: git/1.7.1 Host: github.com Accept-Encoding: deflate, gzip Content-Type: application/x-git-receive-pack-request Accept: application/x-git-receive-pack-result Expect: 100-continue Transfer-Encoding: chunked * The requested URL returned error: 411 * Closing connection #0 error: RPC failed; result=22, HTTP code = 411 Writing objects: 100% (140/140), 2.28 MiB | 1.93 MiB/s, done. Total 140 (delta 24), reused 0 (delta 0) ^C localhost:send2mobile_rails phil$

    Read the article

  • SSRS 2008 + SSL displays 404 not found

    - by Matt
    Hi, I have SQL reporting services configured to use a secure certificate and when I visit both Reports and ReportManager I get a 404 not found error. The reporting services logs do not contain any error information. I am a bit at a loss to know where to start to diagnose this problem, especially as SSRS is not using IIS. I created the SSL binding using the Reporting Services Configuration Manager; IP Address: (All IPv4) SSL Port: 443 Certificate: {the certicate was present in the drop down list} URL: https://mydomain:444/Reports What can I check to get this working? Thanks

    Read the article

  • How to modify JSSE / How to do custom build

    - by Steffen Heil
    Hi I have a special requirement for one of my applications where I need the servers nounce (Handshaker.srv_random) when verifying the client certificate. Yet JSSEs X509TrustManager only passes me the certificate, no other information of the handshake. I have located the place, where checkClientTrusted is called (inside ServerHandshaker) and it would be easy to extend it to also allow some X509CustomTrustManager to be called with all required information. Yet this would require me to recompile JSSE... I also found jsse sources in openjdk. Now for my questions: What is the easiest way to compile jsse from openjdk? Can the resulting jsse.jar be used as a replacement for the (original) sun jre as a replacement for the included jsse.jar? Is there another (more standard compliant) way to archive what I am trying to do? I did not find a hook to use my own handshaker... Regards, Steffen

    Read the article

  • Facebook Connect: problem including facebook class??

    - by Garrett
    Debug Error: /facebook-php-sdk/src/facebook.php line 511 - Uncaught CurlException: 60: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed i really can't understand why this is happening... but here is the line (in the facebook class i downloaded): protected function makeRequest($url, $params, $ch=null) { if (!$ch) { $ch = curl_init(); } $opts = self::$CURL_OPTS; $opts[CURLOPT_POSTFIELDS] = $params; $opts[CURLOPT_URL] = $url; curl_setopt_array($ch, $opts); $result = curl_exec($ch); if ($result === false) { $e = new FacebookApiException(array( /////////////////// HERE 'error_code' => curl_errno($ch), 'error' => array( 'message' => curl_error($ch), 'type' => 'CurlException', ), )); curl_close($ch); throw $e; } curl_close($ch); return $result; } any ideas? thanks!

    Read the article

  • Distributing APNS providers

    - by Sam
    I'm writing a business-focused iPhone app which includes a self-hosted server component. I'd like to include push notification functionality in the server; reading through the programming guide it looks as if this would involve either: Distributing the provider certificate with the server component - this doesn't sound like a terribly good idea (even if Apple permits it?) Hosting a shared notification provider and forwarding notifications to APNS from the servers. For an ongoing, high-availability service, this is likely to require including a subscription pricing component, which I would prefer to avoid. Require customers to apply for their own provider certificate. However, it's not clear whether multiple organisations are allowed to apply for provider certificates with a single bundle ID, and it would significantly increase the barrier to adoption. APNS looks to me as if it's specifically geared for centrally hosted services. Is anyone distributing self-hosted notification providers? Are there any other options?

    Read the article

  • Silverlight 4 - elevated permission *inside* the browser

    - by Doug
    I know Silverlight 4 can handle elevated permissions outside the browser. Is there a way to accomplish this inside the browser? I need to make a folder/file upload manager that gives a better user experience than the standard , and I'd like to implement it in Silverlight. I know Java has an option to gain elevated permissions, but you have to attach a signed certificate to your app. Does Silverlight 4 have a similar option - to gain elevated permissions by attaching a signed certificate (after warning the user, of course)? -Doug

    Read the article

  • "java.security.AccessControlException: access denied" executing a signet Java Applet

    - by logoff
    I have a little Java Applet and I have an annoying issue. I have signed my JAR with my own keystore using jarsigner tool (following these instructions). The Java Applet downloads a signed JAR and tries to launch it with an extended class of URLClassLoader. This JAR tries to execute this line of code: ClassLoader.getSystemClassLoader().getResource("aResource"); It fails with a large stack trace finished by: Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getClassLoader") at java.security.AccessControlContext.checkPermission(AccessControlContext.java:366) at java.security.AccessController.checkPermission(AccessController.java:555) at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at java.lang.Thread.getContextClassLoader(Thread.java:1451) ... 21 more When the Java Applet is launched, the user is prompted to accept the certificate if he/she trusts the publisher: Even if I accept it, the exception occurred. Even if I install the certificate, and the prompt message is automatically accepted, the exception occurred. Any help would be appreciated!

    Read the article

  • Cannot run code on device

    - by lostInTransit
    Hi I have some source code which I had developed and later gave to another team. They signed it with their certificate and provisioning profile. Now I have the code back and have set the appropriate values in the project properties for code signing identity (with my cert and profile). But when I run the application on a device, I get an error showing the other team's certificate and prompting that the provisioning profile does not exist. I don't know where it is being referenced. Can someone please help. Thanks.

    Read the article

  • Client authentication with RubyLDAP ldap

    - by Marcelo de Moraes Serpa
    Hello all, I'm trying to implement a feature that uses LDAP over SSL (SSL, not TLS), it needs to connect to a SSL-enabled LDAP server (i.e OpenLDAP), bind and then do any additional queries. It also needs to support client-authentication, and this is where things get tricky: The client is a web application written in Ruby, and we are using RubyLDAP (so far we have used it for non-SSL ldap stuff with great success). My question is: Is there a way to load a client certificate and send its data over the wire to the LDAP server when doing a LDAP::SSLConn? I haven't found anything obvious on the API docs (http://ruby-ldap.sourceforge.net/rdoc/) nor while googling around. I know I that I can prevent the server from asking for a certificate by putting the following on slapd.conf (OpenLDAP): TLSVerifyClient never However, this is not an option here. Thanks, Marcelo.

    Read the article

  • code sign error : doesnt match key pair in default keychain

    - by abhiTouchmagic
    *Code Sign error: The identity 'iPhone Developer: XXXXXXXXXX' doesn't match any valid certificate/private key pair in the default keychain.* i am a member in developer profile... i am having theprovisioning profile... what must be the problem sir? Code Sign error: The identity 'iPhone Developer: BD9A19AA-EFEF-41CC-9560-2D97E157380C' doesn't match any valid certificate/private key pair in the default keychain what abt this? what am i supposed to do? i earched a lot but may be i am getting wrong somewhere? help me with this

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >