Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

Page 98/216 | < Previous Page | 94 95 96 97 98 99 100 101 102 103 104 105 | Next Page >

subversion: enforce TLS

- by Daniel Marschall

Hello, I am running subversion on a Debian Squeeze system with Apache2 and mod_dav for viewing the contents with a webbrowser. I want to enforce the usage of TLS, so that the login data and the SVN contents cannot be read from the connection. I have tried following: <Location /svn> DAV svn SVNParentPath /daten/subversion/ # our access control policy AuthzSVNAccessFile /daten/subversion/access_control # try anonymous access first, resort to real # authentication if necessary. Satisfy Any Require valid-user # how to authenticate a user AuthType Basic AuthName "Subversion repository" AuthUserFile /daten/subversion/.htpasswd # Test SSLRequireSSL RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^svn/(.)$ https://www.viathinksoft.de/svn/$1 [R,L] </Location> at file /etc/apache2/conf.d/subversion.conf Alas, this does not work. There is no redirect and there is still a HTTP request working at /svn/(projectname)/(somefolder) . This SSL-enforce-policy should work for - viewing the contents with webbrowser - retrieve contents with TurtoiseSVN client - committing contents with TurtoiseSVN client Can you please help me? Regards Daniel Marschall

Read the article
Proper upstart script for hamachi?

- by ALQ

I've been looking for a script to supervise hamachi and mostly got it to work except for the part that daemonizes hamachid. The following script works but is not perfect. I'm not familiar with upstart internals to debug this further. description "Hamachi VPN" author "Alexis Le-Quoc <[email protected]>" start on (net-device-up and local-filesystems and runlevel [2345]) stop on runlevel [016] respawn oom never env DAEMON=/opt/logmein-hamachi/bin/hamachid pre-start script [ -x "$DAEMON" ] end script # should really be: # expect daemon # exec $DAEMON exec $DAEMON debug > /dev/null

Read the article
Protocol Security With PPTP

- by why

I find these words in pptp client source : Summary by Peter Mueller PPTP is known to be a faulty protocol. The designers of the protocol, Microsoft, recommend not to use it due to the inherent risks. Lots of people use PPTP anyway due to ease of use, but that doesn't mean it is any less hazardous. The maintainers of PPTP Client and Poptop recommend using OpenVPN (SSL based) or IPSec instead. (Posted on [1]2005-08-10 to the [2]mailing list) But as far as i know, there are many people use PPTP as a VPN, because there is no need to install client on windows, what do you think about pptp ?

Read the article
Apache Redirect from https to https

- by Nikolaos Kakouros

I am trying to redirect without a rewrite rule from eg https://www.domain.com to https://www.domain.net . I have a wildcard certificate for *.domain.net . This yields the following warning in my error_log [warn] RSA server certificate wildcard CommonName (CN) `*.domain.net' does NOT match server name!? This makes sense and I understand why the warning. I would like to ask if there is a way to use the Redirect directive to accomplish the above without the warnings. Here is my virtual hosts in ssl.conf: <VirtualHost *:443> SSLEngine on ServerName www.domain.net DocumentRoot /var/www/html/domain SSLOptions -FakeBasicAuth -ExportCertData +StrictRequire +OptRenegotiate -StdEnvVars SSLStrictSNIVHostCheck off </VirtualHost> <VirtualHost *:443> SSLEngine on ServerName www.domain.com ServerAlias www.domain.info Redirect permanent / https://www.domain.net </VirtualHost> Also, if there is a solution, can it be used for redirection from htps://domain.com to htps://www.domain.com? Thanks a lot!

Read the article
Attach certificate to remote desktop connection - not gateway services

- by Jordan S

I have a Windows server that I want to attach a 3rd party signed certificate for remote desktop connections. This is not a remote desktop services server, i.e. it is just remote desktop administration. There is lots of info on the internet about attaching a certificate to remote desktop services, but I want to attach mine to just plain remote desktop connection for administration purposes. If anyone know how to do this, please holler! I have imported the certificate into the Remote Desktop store in the certificates mmc snap in, and have tried running the wmic command in this question (Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode?) but this fails. THANKS!

Read the article
How to setup a tunneled connection to a NAS?

- by Jan

Hi there, While looking into alternatives for Dropbox I explored the idea of a NAS. It would be easy to hook up the NAS to a broadband connection and have the users access the files. However, - The data needs to be encrypted on the NAS itself (in case it gets stolen). - The connection to the NAS needs to be secure (VPN?). - The drive needs to appear as a drive under windows (so no https). Any ideas? Thanks in advance, I can't seem to find the final solution! Jan

Read the article
Issue with https:// url going to an unknown location

- by Brandon

We have a website (ASP.NET/Plesk 9.5.5) that can be accessed just fine through the regular URL (http://example.com). However when accessing the site through https://example.com the site displays the invalid security certificate warning, which is fine since we don't have an SSL certificate. If I add an exception, I'm sent to a completely separate site that is apparently hosting a malware script (I'm still on https://example.com though). Because of this Google has flagged the site as dangerous. I can't find anything in the Plesk panel that would help fix this, and as far as I can tell those files don't exist on our server. How do I tell where the https:// link is sending me? I'm not that familiar with DNS, but is that what is causing this behavior?

Read the article
All Tasks..Advanced Operations option missing from Certificaces MMC Snap-In

- by JohnFx

I am trying to follow the instructions in this article to create a custom certificate to support SSL on a web server. I'm stick on the following step: Click on Personal – All Tasks – Advanced Operations – Create Custom request The problem is that on the web server (Windows Server 2003 R2) I don't have an "Advanced Operations" option under "All Tasks". I do on my desktop machine (Windows 7), but not on the server. All the documentation I can find indicates that it should be available on WS-2003-R2, but it just isn't. Note: I'm going through this manual process because I need to specify a alternate host names in the CSR, which you can't do through the IIS 6.0 console certificate managment functionality. Any suggestions for how to make this option show up?

Read the article
SharePoint MOSS - Serve HTTP content on an HTTPS page without Mixed Content Warning?

- by kcb263

Our "portal-like" SharePoint site is served using HTTPS/SSL. So a user goes to https://web.company.com and sees content and different Web Parts. So far, no problem. The desire now is to have new Web Parts added that either frame HTTP content (such as Weather Bug) or HTTP RSS feeds. The issue that arises is that by doing this, results in a "Mixed Content" warning in the browser. Has anybody successfully been able to implement such a scenario, or one similar to it? The options we have looked at, unsuccessfully, have been: using Apache Reverse Proxy Server mirror an external site Custom Web Parts

Read the article
firefox, opera 'The connection was reset' on few POST method calls on Windows and Ubuntu

- by Gopalakrishnan Subramani

my website works well with GET method, also few POST methods. Some pages with POST method doesn't work. Some pages with POST work. For example, login page uses POST that works fine. When I post the data on webpage, firefox says "Connecting..." and finally report connection timed out error. The same behavior happens with Opera as well. However Google Chrome works fine. At the server side, I use nginx 1.2.4 with HTTPS and uwsgi for python (flask framework) app. I use geotrust certificate. The same behavior happens with Windows 7 and Ubuntu 12.04 on firefox. I tried firefox in safemode, but no luck. Set auto-detect proxy settings. no luck. Cleared all cookies. no luck Anyone help me to fix this issue? I am posting ngix config. shame on me. I use root, I know which is not advised. need to fix soon. user root; worker_processes 4; pid /var/run/nginx.pid; events { worker_connections 768; # multi_accept on; } http { ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "msie6"; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; ## # nginx-naxsi config ## # Uncomment it if you installed nginx-naxsi ## #include /etc/nginx/naxsi_core.rules; ## # nginx-passenger config ## # Uncomment it if you installed nginx-passenger ## #passenger_root /usr; #passenger_ruby /usr/bin/ruby; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; server { listen 80; server_name www.example.com; rewrite ^(.*) https://example.com$1 permanent; } server { listen 80; server_name example.com; rewrite ^ https://$server_name$request_uri? permanent; } server { listen 443; server_name example.com; keepalive_timeout 70; ssl on; ssl_certificate /root/cc.cert; ssl_certificate_key /root/cc.key; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; #ssl_ciphers HIGH:!aNULL:!MD5; ssl_ciphers RC4:HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { try_files $uri @app; } location @app { include uwsgi_params; uwsgi_pass unix:/tmp/uwsgi.sock; } } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #}

Read the article
How does pptpd (poptop) or pppd work with eap-tls and mppe-128?

- by Henk

To create a VPN I've installed pptpd on an Ubuntu domU (Debian domUs can also be created). MSCHAPv2 isn't a very strong authentication protocol so I'd like to use EAP-TLS. I've set up a FreeRADIUS server and certificates for EAP-TLS before (for use with WPA), and I've also set up a pptp server with mschap-v2 auth, but I can't figure out how to combine the two. Maybe pppd can use EAP-TLS on its own, but I can't find support for it in the Ubuntu package. If I need to patch the package, that's fine, I know how to patch Debian packages (provided the patch applies cleanly). Also, can MPPE still be used when pppd is configured to use EAP? Because it says in the manual several times that MPPE requires MSCHAP. However, other docs like this one: http://www.nikhef.nl/~janjust/ppp/ seem to refute that. The clients are running Mac OS X Leopard and GNU/Linux, there's no need to fix anything for Windows.

Read the article
OpenVPN useradd error

- by zfz

I tried to install an OpenVPN access server in Centos 6 on a linode VPS. The installation is okay for my ubuntu 11.10 distro in another VPS. The installation error occours when adding the user "openvpn" in Centos. The error message is "useradd: canot open /etc/passwd" The detail of My "/etc/passwd" file: "-rw-r--r-- 1 root root 1194 Oct 9 00:33 /etc/passwd" I am not quite familiar with Centos, so how can I add the user "openvpn" in order to setup the VPN service? Thanks.

Read the article
Add domain user as local admin in Windows 7 using VPN to connect to domain

- by kev

I am rebuilding my work computer from scratch and need to add my domain user as a local admin on my computer. I have successfully added my PC to the domain, but I cannot add my domain user account to the local admins. I have tried to do the following: Connect to the work domain using a Windows VPN Add my computer to the work domain Start right click on Computer Manage - go to Users and Groups right click on Administrators group and add my domain user The problem is that after adding my domain user to the Administrators group, I don't see my domain user under the Local Users group. When I try to log on as my domain user I get the following error message: There are currently no logon servers available to service the logon request Any ideas?

Read the article
Keepalived with apache unable to bind interface on Backup server

- by davideagle

I have two debian 6 servers running keepalived 1.1.20 with one server acting as a Master and the other as a Backup. Both servers host apache 2.4 that have a global Listener on all interfaces on port 80 (Listen *:80) how ever I have some sites that require a listener for port 443 (SSL) and that is configured for each VirtualHost in the Apache config since I do not want every VirtualHost to listen on port 443. The problem is when I try to start Apache on the Backup machine that does not hold the virtual interface the VirtualHost is supposed to be listening on, I get AH00072: make_sock: could not bind to address 1.1.1.1:443. I know this is expected behavior of Apache. The real question is are there any known workarounds or solutions to this scenario?

Read the article
Comunication from Server to Client + Client LAN

- by Filipe YaBa Polido

I'm having some trouble with some network setup. I've tried OpenVPN, SocialVPN, Hamachi, still it is not working. This is my setup: Server A: NIC 1 with internet public address, NIC 2 to LAN Client B PC: NIC 1 (192.168.10.2) connects to router 192.168.10.1 Client B Device: 192.168.10.3 (Configured via software, can't do much here) Problem: Server A must connect to cliente device B. (I can install software needed at Client B PC). However... I can't change the router to some model with VPN like Draytek or Cisco :( OpenVPN fails at bridging, PC B can ping Server A, but Server A can't ping Device B, only PC B. What else can I do?!?!?

Read the article
Windows Web Server in DataCenter Authenticate with AD in Office

- by Viper Venom

Hi, We would like to have put a File Server in DataCentre to allow user to upload/download files when they are home. Since we have hundreds of users and would like to let the user to authenticate with the existing AD in our office. Basically, I will setup the IIS server to allow users to list various directories in the File Server based on their user group. For example, Group A will have list the D:\Files\A and the Group B will have list the D:\Files\B ...etc. After some initial study, I found that the PPTP based Site to Site VPN might fit our need to do the authentication part but I still don't have any idea on how to let them upload files to the server. Is there any suggestions such as any better option to do this (either authentication or upload part) or any area I need to be careful of? Thank you in advance.

Read the article
HTTPS version of page throws 404, regular HTTP appears fine?

- by Ryan

I'm having a strange issue with a website in IIS on Windows Server 2003. It has a valid wild card certificate on it, however when I use HTTPS on the page I get a 404 not found. Without HTTPS it shows up fine. Also, if I go to the domain root of the site using HTTP the homepage shows up, but with HTTPS it REDIRECTS ME to a totally different website installed on the same IIS server. I am quite confused. I tried giving each site a unique IP address but it didn't change anything, I also tried changing the SSL ports, no luck. This IIS is setup to run PHP also. What could I check to resolve this?

Read the article
Tunneling HTTPS traffic via a PUTTY/SSL tunnel with SOCKS

- by ripper234

I have configured a SOCKS ssh tunnel to a remote proxy, and set my Firefox to use localhost:<port> as a SOCKS proxy. My intention is to tunnel outgoing HTTP/S connections from my machine via a specific 3rd party server I own (on AWS). In my testing, HTTP UTLs are forwarded properly (e.g. when I access http://jsonip.com/ from my computer I do get the server's IP) However, whenever I try to reach an HTTPS address, I get this error: The proxy server is refusing connections How do I debug/fix it? My PUTTY tunnel config is simply (some random source port number + dynamic checked): P.S. I'm aware I might need to manually accept SSL certificates. The reason I'm doing this is to resolve problems using gmail as an outbound SMTP service.

Read the article
Remote Install Mac OS X from Windows not on LAN?

- by Frost Shadow

I want to install applications from my Mac OS X install disc, or be able to archive-install from it, but it's back at my house outside my current LAN. Is there a way I can remotely access my OS X install disc on my home Windows XP computer from my Snow Leopard? In my help manual it says I can do remote installs, or use another computer's disc drive remotely, but it has to be with another computer on the LAN. Is there a way to combine my mac's LAN and my windows' LAN? I think it has something to do with making a VPN; is there a way to do that which will work between Snow Leopard and XP, doesn't require additional hardware, and is preferably free? Thanks a lot!

Read the article
How to route traffic through a VPN tunnel?

- by Gabriel

The problem with our server is that we need to use the bug ridden and awful AT&T network client, which causes our server to bluescreen once per 24 hours. Does any one know how to (or has a good guide) quickly set up a workstation running Windows server 2008 R2 as a proxy server. So this spare workstation would run AT&T and would act as a bridge between our server and the server that can be connected to only via the AT&T VPN software. And this way our own production server would not crash so often (or not at all) and the workstation can happily crash whenever it wants to.

Read the article
Iptables REDIRECT + openvpn problem

- by Emilio

I want to redirect connection to port 22 to my openvpn binded port, on 60001. Openvpn is running on server on 60001 server:~$ sudo netstat -apn | grep openvpn udp 0 0 67.xx.xx.137:60001 0.0.0.0:* 4301/openvpn I redirect on server port 22 to 60001 server:~$ sudo iptables -F -t nat server:~$ sudo iptables -A PREROUTING -t nat -p udp --dport 22 -j REDIRECT --to-ports 60001 I start openvpn client (openvpn.conf is correct, it works with remote IP 22 replaced with remote IP 60001) client:~$ ./openvpn openvpn.conf Tue Apr 27 00:42:50 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [EPOLL] built on Mar 23 2010 Tue Apr 27 00:42:50 2010 UDPv4 link local (bound): [undef]:1194 Tue Apr 27 00:42:50 2010 UDPv4 link remote: 67.xx.xx.137:22 Tue Apr 27 00:42:52 2010 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Tue Apr 27 00:42:55 2010 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) ... It doesn't connect. iptables shows requests from client to server but no answers. What's wrong with it?

Read the article
Configuring IIS site to use HTTPS

- by James

I am working on a REST API which I have currently deployed on a Win XP Professional SP2 development machine running IIS 5.1. The site is currently being hosted on port 81 and being accessed via HTTP. I would now like to configure the site to stop using HTTP and use HTTPS only. I have developed a self-signed certificate using the SelfSSL.exe tool from the 6.0 Resource Kit Tools and set the Common Name to be the IP of my server (as it's a local development machine it has no domain name). I have also already configured the site to use SSL using the How To Set Up an HTTPS Service in IIS tutorial as my guide. However, whenever I try to access a resource in the API via HTTPS I get a 404. Any ideas?

Read the article
Extract Certs from Apache

- by user271619

Recently I've had to uninstall a single Self-Signed SSL Certificate from one of my Apache boxes, specifically for an outside party. That's not really a problem for me, since it was easy. What confuses me is how they knew I had a self-signed certificate. The domain I provided them was not related to the domain with the self-signed certificate. Does this mean Apache publicizes the Virtual hosts in the httpd.conf file? I asked the outside party what software they used to extract information from my server, and they provided this GitHub link: https://gist.github.com/4ndrej/4547029 I figured I'd ask the community first, before I attempt installing the Java program.

Read the article
ssl_error_rx_record_too_long error on IIS - site was working, suddenly stopped

- by JK01

I am suddenly getting this error connecting to localhost IIS on my development machine. It has been working fine for ages, and now suddenly has this error in Firefox: Secure Connection Failed An error occurred during a connection to localhost. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) I have googled and found no clear explanation. In IE it says: Internet Explorer cannot display the webpage\ In Chrome it says: Oops! This link appears to be broken.

Read the article
New Secure Website with Apache Reverse Proxy

- by jtnire

I wish to set up a new website that will be accessed by users using HTTPS. I think it is good practise to put the "real" web server in a seperate subnet, and then install an Apache Reverse Proxy in a DMZ. My question is, where should I put the SSL cert(s)? Should I a) Use a self-signed cert on the "real" web server, and a proper cert on the reverse proxy? b) Use 2 real certs on both the "real" web server and the reverse proxy? c) Don't use any cert on the "real" web server, and use a proper cert on the reverse proxy? I'd like to use a) or c), if possible. I also don't want anyone's browser complaining of a self-signed cert. Thanks

Read the article

< Previous Page | 94 95 96 97 98 99 100 101 102 103 104 105 | Next Page >