Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 9/170 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • Apache HTTPS ProxyPass certificate location

    - by oz1cz
    I'm trying to set up an Apache server that uses ProxyPass to pass HTTPS requests on to another server. Let's call the proxy server ALPHA and the target server BETA. ALPHA does not run HTTPS, but BETA does. I first tried using this virtual host specification on ALPHA: <VirtualHost *:443> ServerName mysite.com ProxyPass / https://192.168.1.105/ # BETA's IP address ProxyPassReverse / https://192.168.1.105/ # BETA's IP address ProxyPreserveHost On ProxyTimeout 600 SSLProxyEngine On RequestHeader set Front-End-Https "On" CacheDisable * </VirtualHost> But when I tried this, Apache complained saying, "[error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]". I had to copy the SSL certificate from BETA to ALPHA and add these lines to the host specification on ALPHA: SSLEngine on SSLCertificateKeyFile /usr/local/ssl/private/BETA_private.key SSLCertificateFile /usr/local/ssl/crt/BETA_public.crt SSLCertificateChainFile /usr/local/ssl/crt/BETA_intermediate.crt Now the system works. But I have a feeling that I have done something wrong or unnecessary. I have the web site's private key and certificate lying on both ALPHA and BETA. Is that necessary? Should I have done it differently?

    Read the article

  • SSL certificates - best bang for your buck [closed]

    - by Dunnie
    I am in the process of setting up an online store. This is the first project I have attempted which will require a good level of security, so I recognise that an decent SSL certificate is a must. My current (albeit admittedly basic) understanding of the options are: DV SSL - more or less pointless, as provides no verification. OV SSL - better, as provides a basic level of organisational verification. EV SSL - 'better, full' verification, but much more expensive. As this is a new business venture, and budgets are tight, which option provides the best bang for my buck? I have read questions such as EV SSL Certificates - does anyone care? which suggest that EV certificates are a bit of a con. Does this mean that OV certificates offer better value for money, especially for new businesses with shallow pockets?

    Read the article

  • SSL is not enabled in Heroku

    - by Drom
    Since Heroku has integrated the piggybank_ssl addon by default, trying: heroku addons:add piggyback_ssl or heroku addons:add ssl:piggyback results in: ! This add-on is now a standard Heroku platform feature. ! Your apps can already use piggyback SSL. But, accessing: mywebsite.herokuapp.com results in: SSL is not enabled mywebsite.herokuapp.com does not have SSL enabled. My production.rb has: config.force_ssl = true What am I missing? Update I have read the page SSL on Heroku, but it's obsolete, they suggest to run: heroku addons:add piggyback_ssl Which is no longer necessary. SOLVED ! I don't change anything, and now it's working. It seems that it was a heroku problem.

    Read the article

  • certificate for website login

    - by Mario
    Not sure if this belongs here or at serverfault... I've seen websites where, to login to the website, requires a digital certificate to be installed for the user logging in. As far as I can tell, this certificate is in addition to the website using an SSL certificate (https) I'm just looking to be pointed in the right direction on how to code for this (apache / php hopefully), who issues these certificates (must it be a trusted var or can I ?) or even what to search for via google. -Mario

    Read the article

  • SSL on multiple directories

    - by Shredder
    I have a website that is http, but has a port set up for https for a specific directory that is for the shopping cart. Now I'd like to use our SSL on a different directory in the same site as well. How can I go about configuring that? I have tried looking into all of the config files as well as the docs and cannot figure it out. I tried setting this in httpd.config as well <VirtualHost 127.0.0.1:[ssl port]> #also tried *:[ssl port] and [actual IP]:[ssl port] ServerAdmin [email protected] DocumentRoot "C:/path/sslNeededDir" ServerName www.example.com </VirtualHost> hoping that it would cause pages in this directory to use ssl port and become https, but that didn't do anything. Any help is greatly appreciated. Update: This finally got migrated over. I'm still looking for a solid answer on this. If anyone could help me, it would be greatly appreciated.

    Read the article

  • Problem to Import certificate to Apache tomcat: Failed to establish chain from reply

    - by Ilya
    Hi, After I got certificate, I tried to import it as specified here: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html#Edit%20the%20Tomcat%20Configuration%20File But I got this error: C:\Program Files (x86)\Java\jre6\binkeytool -import -alias tomcat -keystore C:\ SSL.keystore -file C:\SSL\SSL_Internal_Certificate_for_isdc-planning.cer Enter keystore password: keytool error: java.lang.Exception: Failed to establish chain from reply I need to import first chain certificate, by apache document Import the Chain Certificate into you keystore keytool -import -alias root -keystore \ -trustcacerts -file When I printed the certificate it's issuer is: Issuer: CN=Intranet Basic Issuing CA 2B I downloaded the chain certificates: Intranet Basic Issuing CA 1A(1).crt Intranet Basic Issuing CA 1A(2).crt Intranet Basic Issuing CA 1A.crt Intranet Basic Issuing CA 1B(1).crt Intranet Basic Issuing CA 1B(2).crt Intranet Basic Issuing CA 1B.crt Intranet Basic Issuing CA 2A(1).crt Intranet Basic Issuing CA 2A.crt Intranet Basic Issuing CA 2B(1).crt Intranet Basic Issuing CA 2B.crt Intranet Basic Policy CA(1).crt Intranet Basic Policy CA.crt Root CA.crt Issuer of Intranet Basic Issuing CA 2B.crt is Intranet Basic Policy CA and its Issuer is:Root CA certificate But I can't import 3 certificates into root alias. And imported "Intranet Basic Issuing CA 2B.crt" into root and then rerun import of tomcat alias But got the same error: keytool error: java.lang.Exception: Failed to establish chain from reply What is correct way to import correct chain certificate. Thanks in advance Ilya

    Read the article

  • Apache ProxyPass with SSL

    - by BBonifield
    I have a QA setup that consists of multiple internal development servers and one world-accessible provisioning machine that is setup to proxy pass the web traffic. Everything works fine for non-SSL requests, but I'm having a hard time getting the SSL logic working as well. Here's a few example vhost blocks. <VirtualHost 192.168.168.101:443> ProxyPreserveHost On SSLProxyEngine On ProxyPass / https://192.168.168.111/ ServerName dev1.site.com </VirtualHost> <VirtualHost 192.168.168.101:80> ProxyPreserveHost On ProxyPass / http://192.168.168.111/ ServerName dev1.site.com </VirtualHost> <VirtualHost 192.168.168.101:443> ProxyPreserveHost On SSLProxyEngine On ProxyPass / https://192.168.168.111/ ServerName dev2.site.com </VirtualHost> <VirtualHost 192.168.168.101:80> ProxyPreserveHost On ProxyPass / http://192.168.168.111/ ServerName dev2.site.com </VirtualHost> I end up seeing the following error in the provisioner's error log. [Fri Jan 28 12:50:59 2011] [warn] [client 1.2.3.4] proxy: no HTTP 0.9 request (with no host line) on incoming request and preserve host set forcing hostname to be dev1.site.com for uri / As well as the following entry in the destination QA machine's access log. 192.168.168.101 - - [22/Feb/2011:08:34:56 -0600] "\x16\x03\x01 / HTTP/1.1" 301 326 "-" "-"

    Read the article

  • SSL stops working on IIS7 after a reboot

    - by Mark Seemann
    I have a Windows 2008 Server with IIS7. Every time the server reboots, SSL stops working. Normal HTTP requests work fine, but any request to an HTTPS address gives the typical error message in the browser: Cannot find server or DNS I can temporarily fix it by opening IIS Manager and bring up the Bindings… window for the website in question. Then I select “https”, click on “Edit” then click “Ok” without making any changes to the settings. After doing this, browsing to https:// works again until the next reboot. This issue look as lot like the one described here, but according to the Certificates MMC snapin, the certificate in question does have a private key. I'm also pretty sure that I never installed the certificate in the personal store, but imported it straight into the machine store, but it's been a while... There's not a lot in the event log apart from the event ID 36870 also described in the post I linked to. Can anyone help me troubleshoot this issue so that SSL will work even after a server reboot?

    Read the article

  • Apache ProxyPass with SSL

    - by BBonifield
    I have a QA setup that consists of multiple internal development servers and one world-accessible provisioning machine that is setup to proxy pass the web traffic. Everything works fine for non-SSL requests, but I'm having a hard time getting the SSL logic working as well. Here's a few example vhost blocks. <VirtualHost 192.168.168.101:443> ProxyPreserveHost On SSLProxyEngine On ProxyPass / https://192.168.168.111/ ServerName dev1.site.com </VirtualHost> <VirtualHost 192.168.168.101:80> ProxyPreserveHost On ProxyPass / http://192.168.168.111/ ServerName dev1.site.com </VirtualHost> <VirtualHost 192.168.168.101:443> ProxyPreserveHost On SSLProxyEngine On ProxyPass / https://192.168.168.111/ ServerName dev2.site.com </VirtualHost> <VirtualHost 192.168.168.101:80> ProxyPreserveHost On ProxyPass / http://192.168.168.111/ ServerName dev2.site.com </VirtualHost> I end up seeing the following error in the provisioner's error log. [Fri Jan 28 12:50:59 2011] [warn] [client 1.2.3.4] proxy: no HTTP 0.9 request (with no host line) on incoming request and preserve host set forcing hostname to be dev1.site.com for uri / As well as the following entry in the destination QA machine's access log. 192.168.168.101 - - [22/Feb/2011:08:34:56 -0600] "\x16\x03\x01 / HTTP/1.1" 301 326 "-" "-"

    Read the article

  • both ssl and non-ssl on single port

    - by Zulakis
    I would like to make my apache2 webserver serve both http and https on the same port. With the different method i tried it was either not working on http or on https.. How can I do this? Update: If I enable SSL and then visit the with http I get page like this: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /> <blockquote>Hint: <a href="https://server/"><b>https://server/</b></a></blockquote></p> <hr> <address>Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny16 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g Server at server Port 443</address> </body></html> Because of this, it seems very much possible to have both http and https on the same port. A first step would be to change this default-page so it would present a 301-Moved header. Update2: According to this, it is possible. Now, the question is just how to configure apache to do it.

    Read the article

  • Mutual SSL Client Authentication

    - by nordisk
    Hi, I'm trying to achieve mutual SSL client authentication but without much success so far. Let me explain my scenario first: I have a client certificate issued by an intermediate CA whose certificate in turn was issued by a root CA (the intermediate and root CAs are within the company's network). This is the certificate I am including as part of my call to the server (using the HttpWebRequest object). The server has imported my client certificate and it is one of the certificates presented to me. An important thing to note is that the server does not trust the intermediate CA or the root for that matter. What we're trying to achieve is authentication against the certificate directly, i.e. mutual authentication using my client certificate. The error I'm getting is: "The request was aborted: Could not create SSL/TLS secure channel." From my trace logs I also get the following: System.Net Information: 0 : [3380] SecureChannel#34868631 - We have user-provided certificates. The server has specified 2 issuer(s). Looking for certificates that match any of the issuers. System.Net Information: 0 : [3380] SecureChannel#34868631 - Left with 0 client certificates to choose from. One of the certificates presented to us from the server is the same as our client certificate but the matching between them seems to fail. It looks like it's trying to verify the issuer. Now to make things even more interesting: If the server trusts and sends back the intermediate CA then everything works fine! (This is not an option for the production environment though I'm told) Using jmeter to test the request works fine too. I can only assume that Java's SSL handshake implementation is somewhat different. So it really comes down to this: Do you need to implement mutual SSL authentication differently from normal client SSL authentication? Any ideas or comments would be greatly appreciated.

    Read the article

  • Web service SSL handshake fails in production environment unless SSL debugging enabled

    - by JST
    Scenario: calling a client web service over SSL (https) with mutual SSL authentication. Different service endpoint URLs and certs (both keystore and truststore) for test vs. production environments. Both test and production environments run tomcat / JBoss clustered. Production environment has load balancing / BigIP, runs Blade and non-Blade machines. Truststore is set (using -Djavax.net.ssl.trustStore=value) at startup. Keystore is set using System.setProperty("javax.net.ssl.keyStore", "value") in Java code. Web service call made using Axis2. All works fine in test environment, but when we moved to production environment (6 servers), it appears certs are not being forwarded for the handshake. Here's what we've done: in test environment, handshake using test versions of certs has been working all along, with no ssl debugging enabled confirmed in test environment that handshake with client production endpoint succeeds (production certs, both ours and theirs, are fine) -- this was done using -Djavax.net.debug=handshake,ssl confirmed that the error condition occurs on all 6 production servers took one server out of the cluster, turned on ssl debugging for just that one (with a restart), hit it directly, handshake works! switched to a different server without the debugging turned on, handshake error condition occurs turned debugging on on that second server (with a restart), hit it directly, handshake works! From the evidence, it seems like somehow the debugging being enabled causes the certificates to be properly retrieved/conveyed, although that makes no sense! I wonder whether somehow the enabled debugging makes the system pay attention to the System.setProperty call, and ignore it otherwise. However, in local and test environments, handshake worked without debugging enabled. Do I maybe need to be setting keystore on server startup like I'm setting truststore? Have been avoiding that because the keystore will differ for each of our test environments (16 of them).

    Read the article

  • Configured MySQL for SSL , but SLL is still not in use..!

    - by Sunrays
    I configured SSL for MySQL using the following script. #!/bin/bash # mkdir -p /root/abc/ssl_certs cd /root/abc/ssl_certs # echo "--> 1. Create CA cert, private key" openssl genrsa 2048 > ca-key.pem echo "--> 2. Create CA cert, certificate" openssl req -new -x509 -nodes -days 1000 -key ca-key.pem > ca-cert.pem echo "--> 3. Create Server certificate, key" openssl req -newkey rsa:2048 -days 1000 -nodes -keyout server-key.pem > server-req.pem echo "--> 4. Create Server certificate, cert" openssl x509 -req -in server-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem echo "" echo echo "" echo "--> 5. Create client certificate, key. Use DIFFERENT common name then server!!!!" echo "" openssl req -newkey rsa:2048 -days 1000 -nodes -keyout client-key.pem > client-req.pem echo "6. Create client certificate, cert" openssl x509 -req -in client-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem exit 0 The following files were created: ca-key.pem ca-cert.pem server-req.pem server-key.pem server-cert.pem client-req.pem client-key.pem client-cert.pem Then I combined server-cert.pem and client-cert.pem into ca.pem (I read in a post to do so..) I created a ssl user in MySQL: GRANT ALL ON *.* to sslsuer@hostname IDENTIFIED BY 'pwd' REQUIRE SSL; Next I added the following in my.cnf [mysqld] ssl-ca = /root/abc/ssl_certs/ca.pem ssl-cert = /root/abc/ssl_certs/server-cert.pem ssl-key = /root/abc/ssl_certs/server-key.pem After restarting the server,I connected to mysql but SSL was still not in use :( mysql -u ssluser -p SSL: Not in use Even the have_ssl parameter was still showing disabled.. :( mysql> show variables like '%ssl%'; +---------------+---------------------------------------------+ | Variable_name | Value | +---------------+---------------------------------------------+ | have_openssl | DISABLED | | have_ssl | DISABLED | | ssl_ca | /root/abc/ssl_certs/ca.pem | | ssl_capath | | | ssl_cert | /root/abc/ssl_certs/server-cert.pem | | ssl_cipher | | | ssl_key | /root/abc/ssl_certs/server-key.pem | +---------------+---------------------------------------------+ Have I missed any step, or whats wrong.. Answers with missed steps in detail will be highly appreciated..

    Read the article

  • IIS not responding with SSL Server Hello

    - by Damien_The_Unbeliever
    I'm having difficulty getting a particular IIS machine to "do" SSL. This is a test environment (one of many) which we've set up "the same" as we have many times previously, but it just doesn't seem to be working. The server is Windows Server 2003 (Version 5.2 (Build 3790.srv03_sp2_gdr.100216-1301 : Service Pack 2)) IIS is hosting 4 sites (including the default site), but only one site is configured for SSL. We're using the same SSL certificate we use on all of our other servers (it's a wildcard cert). (Don't think this is relevant, but including anyway) We've configured the site to require SSL, it has a subdirectory that doesn't require SSL but has an asp page that redirects into SSL. The 403;4 error page for the site is hooked up to this asp page (this is how we do our non-HTTPS into HTTPS transition). Using Microsoft Network Monitor (3.3), I've just run a session against a server where SSL is working. It can pull apart the SSL exchange as the following messages: SSL: Client Hello SSL: Server Hello. Certificate. Server Hello Done SSL: Client Key Exchange. Change Cipher Spec. Encrypted Handshake Message. SSL: Change Cipher Spec. Encrypted Handshake Message However, on our problem server, I only see: SSL: Client Hello. The next packet from the server (from port 443, so it's listening and responding there) contains only 60 bytes, and just seems to have the Tcp headers and not much else (but I'm by no means an expert at deciphering these things). So, where do I look next? Or what additional information do I need to add to this question, and where do I find it?

    Read the article

  • Disable SSL / TLS compression in Apache 2.2.x

    - by DevGav
    Is there a way to disable SSL/TLS Compression in Apache 2.2.x when using mod_ssl? If not, what are people doing to mitigate the effects of CRIME/BEAST in older browsers? Related Links: https://issues.apache.org/bugzilla/show_bug.cgi?id=53219 https://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512 http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor

    Read the article

  • One user sometimes gets an unknown certificate error opening Outlook

    - by Chris
    Let me clarify a little. This isn't an unknown certificate error it's an unknown certificate error in so much as I can't figure out where the certificate comes from. This happens on a Win 7 Enterprise machine connecting to Exchange 2010 with Outlook 2010. The error he gets is that the root is not trusted because it's a self-signed cert. Take a look at this screenshot because even if I had generated this myself I wouldn't have put "SomeOrganizationalUnit" or "SomeCity" or "SomeState", etc. (Red block covers our domain name.) I'm a little concerned this is a symptom of a security breach. Exchange 2010 has three certificates installed but none of them are this certificate. They all have different expiration dates (one is expired) and different meta-data. edit: There are two scenarios that I see the certificate warning and one of them I can reliably repeat. When the user leaves his computer on over night Outlook pops the Security Warning window. I don't know what time this happens. Using Outlook Anywhere if I connect to Exchange externally via a cellular USB modem the Security Warning window will appear every time I close and reopen Outlook. Whether I say Yes or No does not make a difference on whether or not I can connect to Exchange and send/receive email. In other words, I can always connect to Exchange. I've checked my two Exchange servers and my Cisco router for a certificate that matches this one and I can't find it. edit 2: Here is a screenshot of the Security Alert window. (I've been calling it Security Warning... My mistake.) edit 3: I stopped seeing this error several weeks ago but I can't tie it to any single event (because I just sort of realized that warning had stopped showing up) but I think I found the source of the certificate. Last week I found out that the certificate on our website DomainA.com was invalid. I knew that our web admin had installed a valid certificate so when I look into the problem I found out I was being presented with the invalid certificate that this posting is in regards to. The Exchange server's domain is mail.DomainA.com so I can only guess that Outlook was passing this invalid certificate through as it did some kind of check on DomainA.com. This issue is still a mystery because the certificate warning stopped appearing several weeks ago whereas the invalid certificate issue on the website was only fixed last week. It ended up being a problem with the website control panel. The valid certificate was installed but not being served for some reason and instead the self-signed cert was being served.

    Read the article

  • HttpClient 4 SSL and client side certificates

    - by Luke
    Hi All, I am having trouble working out how I can get get HttpClient 4 to use SSL in the way I need. I have X https servers that I send requests to. One requires a client side certificate while the others have trusted certificates and therefore require no client side certificate. I have no issue connecting to the server requiring the client side certificate (its in my keystore), however every time I try to connect to the servers with trusted certificates, my client side certificate is offered by HttpClient and therefore fails authentication. My question is this: is there a way for HttpClient to offer the client side certificate only to the server requiring it and not to the others? Thanks in advance, Luke

    Read the article

  • SSL certificates: No Client certificate key exhange

    - by user334246
    I am trying to access a WCF web service, that is using two way SSL encryption. When I try to call the service I get a System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'XXX.xx'. --- System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. I have tried activating wire shark, to see what is sent to and from the server: I see a client hello and a server hello. But there is no client response to the server hello. I was expecting a "Certificate. Client key exchange. Change cipher. Encrypted handshake Message" package, but none is sent. I'm thinking it is a problem with the certificate sent by the server, that somehow my client server does not trusy it. Here is what I have already tried: I have created the certificate, through the proper authority, though I could have made a mistake in the certificate request without knowing it. I have added the two root certificates to: trusted root certificates, trusted publishers and trusted people. I have also added the client certificate to trusted people. My colleague has succeded in establishing connection on a win 2008 server (i'm using a 2003, because it is necessary for some odd reason - don't ask). I can't see any differences in our approach, so i'm a bit lost. Any help would be greatly appreciated.

    Read the article

  • Wildcard SSL certificates, EV

    - by nachito
    I run a Magento e-commerce store with multiple subdomains for an affiliate program, plus a main store. Example, foo.example.com and bar.example.com are affiliates, www.example.com is my main store. They all share the same code and database and the same virtual host. Currently I have a wildcard certificate which works fine for everything. However, I was looking at EV certificates to increase customer confidence (which is not possible with wildcard certificates -- or so I'm told). What would be the simplest setup to have both an EV SSL Cert for the main store and a wildcard for the affiliate subdomains? Two virtual hosts? By the way, I'm running Litespeed as a webserver.

    Read the article

  • Setting up SSL on Glassfish V2 or V3

    - by javanix
    My employer recently purchased a Trustwave SSL certificate. Trustwave advertises support on their website, but they don't give an installation guide like they do for their other servers at all, and I am having a difficult time getting it configured correctly with GlassFish. I found this http://blogs.sun.com/enterprisetechtips/entry/using_ssl_with_glassfish_v2 blog post that is sort of helpful, but I'm still unable to get it working (I think the issue is that I don't fully understand the GlassFish keystore, so I am modifying it incorrectly and the server throws security exceptions on startup). Does anyone have any experience doing so, and can you point me to a decent resource? Thanks for any help.

    Read the article

  • SSL certificate exception problem in Firefox

    - by Baztoune
    Hi there, and thanks in advance for your help or any tip that could get me out of here. I work on a JEE app with a JBoss server and an Apache. I'm not really familiar with SSL connections and certificates, I understand the basic, but I have to deal with it. So on my local configuration (localhost) I have my connection certificate configured on JBoss and Apache, and a USER_DEV.P12 file, which I import in my certificates in Firefox. I have the same configuration on a distant test server (test-server), and a USER_TEST.P12 which I also import in Firefox. When I access https://localhost/ or https://test-server/ Firefox asks me to add an exception, which is normal. After that, I select the appropriated user certificate, and can use my application normally. But for the second (let's say https://test-server/), Firefox rises me a sec_error_reused_issuer_and_serial error. Of course I googled it and founded the Mozilla help, So when I delete the "server" in my certificate manager, I can access again my second domain, but the same problem occurs for the first one. To shorten the problem, my 2 client/server certificate couples are OK but I can't have 2 certificate exceptions at the same time in Firefox for my 2 different servers/users, even though the names, server address, and MD5 are different. I notified the serial is the same (01), but it's working on my colleague's computer. So am I doing something wrong? Do I have to deal with it manually each time (or with Firefox profiles)? Thanks for your help. Bastien.

    Read the article

  • Chrome is reporting GMail has Invalid Server Certificate, how do I find out who's fiddling with my certs?

    - by chillitom
    Chrome is giving the following warning when ever I try and visit GMail or a bunch of other SSL sites. Invalid Server Certificate You attempted to reach mail.google.com, but the server presented an invalid certificate. You cannot proceed because the website operator has requested heightened security for this domain. This is the certificate the Chrome reports as invalid: -----BEGIN CERTIFICATE----- MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0 ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0 cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3 dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3 fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A= -----END CERTIFICATE----- I think someone or something (proxy, anti-virus, browser extension) is snooping on my SSL traffic. How can I determine who/what is doing this?

    Read the article

  • I'm receiving an SSL error in various browsers, but I can't find non-SSL content

    - by Scott Vercuski
    I'm receiving an error with my SSL connection. Using google chrome I see the following error: Your connection is encrypted with 128-bit encryption ... however this page includes other resources which are not secure I've scoured the source code, scripts and rendered code in the browser but cannot find where an http:// call is made. I've also used Fiddler2 to examine the traffic and everything is coming across via HTTPS. Has anyone run into this issue before and if so how did you go about finding the culprit. The website is running ASP.NET MVC3 in C#. The page in question is a simple payment page. The only external call is the google analytics tracking code. The page appears to load correctly, all images and scripts are in place.

    Read the article

  • choosing the right SSL certifcate

    - by seengee
    Hi All, We're looking to purchase some SSL certificates to secure the login pages of ecommerce sites. It is not required to secure the actual payment process as this is protected by a third party with its own verisign certificate. rapidSSL looks like a good (and cheap) option but a salesperson has told me that they are only suitable for "test sites" and recommended that we use one that is 4 times the cost. Can anyone make any recommendations about what we should be looking for and what we should consider? Thanks.

    Read the article

  • SSL certificate for FTPS, is it the same as for HTTPS?

    - by BlackTigerX
    This question is about "FTP over SSL", if I understand correctly FTPS and HTTPS are just the standard FTP and HTTP protocols running on top of SSL, is this correct? The actual question is: is the certificate that you use for FTPS the exact same that you can use for HTTPS? or are there any differences? To give you some context, I need to get a certificate for an FTPS server, I know I can generate one but it needs to be from an certificate authority, I just need to make sure that I can use the same type of certificate that we use here for HTTPS, otherwise need to know what type of certificate I need to get

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >