Search Results

Search found 3314 results on 133 pages for 'certificate authority'.

Page 99/133 | < Previous Page | 95 96 97 98 99 100 101 102 103 104 105 106 | Next Page >

error in IIS7 but not on IIS6

- by Brad

I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event message: An unhandled exception has occurred. Event time: 6/2/2010 10:40:17 AM Event time (UTC): 6/2/2010 3:40:17 PM Event ID: 1b719ad45d444f949ecc9cbc23f49720 Event sequence: 10 Event occurrence: 1 Event detail code: 0 Application information: Application domain: /LM/W3SVC/3/ROOT-1-129199668164927170 Trust level: Full Application Virtual Path: / Application Path: c:\web\PatronAccess\ Machine name: WIN2008DEV Process information: Process ID: 4712 Process name: w3wp.exe Account name: NT AUTHORITY\NETWORK SERVICE Exception information: Exception type: HttpException Exception message: Invalid viewstate. Request information: Request URL: http://win2008dev/WebResource.axd?d=xCXKkHAeSYHWbCg.gif Request path: /WebResource.axd User host address: 172.17.2.66 User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\NETWORK SERVICE Thread information: Thread ID: 6 Thread account name: NT AUTHORITY\NETWORK SERVICE Is impersonating: False Stack trace: at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) Custom event details: And this one. A process serving application pool 'PatronAccess' suffered a fatal communication error with the Windows Process Activation Service. The process id was '4596'. The data field contains the error number. I have a debug of the application pool but I don't know where to go from here. * wait with pending attach Symbol search path is: Executable search path is: ModLoad: 00bd0000 00bd8000 c:\windows\system32\inetsrv\w3wp.exe ModLoad: 77380000 774a7000 C:\Windows\system32\ntdll.dll ModLoad: 75cb0000 75d8b000 C:\Windows\system32\kernel32.dll ModLoad: 75b60000 75c26000 C:\Windows\system32\ADVAPI32.dll ModLoad: 75df0000 75eb2000 C:\Windows\system32\RPCRT4.dll ModLoad: 76500000 765aa000 C:\Windows\system32\msvcrt.dll ModLoad: 76250000 762ed000 C:\Windows\system32\USER32.dll ModLoad: 75ae0000 75b2b000 C:\Windows\system32\GDI32.dll ModLoad: 75ec0000 76004000 C:\Windows\system32\ole32.dll ModLoad: 731a0000 731d6000 c:\windows\system32\inetsrv\IISUTIL.dll ModLoad: 75330000 75421000 C:\Windows\system32\CRYPT32.dll ModLoad: 75490000 754a2000 C:\Windows\system32\MSASN1.dll ModLoad: 758e0000 758fe000 C:\Windows\system32\USERENV.dll ModLoad: 758c0000 758d4000 C:\Windows\system32\Secur32.dll ModLoad: 75b30000 75b5d000 C:\Windows\system32\WS2_32.dll ModLoad: 774e0000 774e6000 C:\Windows\system32\NSI.dll ModLoad: 75ac0000 75ade000 C:\Windows\system32\IMM32.DLL ModLoad: 772b0000 77378000 C:\Windows\system32\MSCTF.dll ModLoad: 774f0000 774f9000 C:\Windows\system32\LPK.DLL ModLoad: 75c30000 75cad000 C:\Windows\system32\USP10.dll ModLoad: 74d30000 74d51000 C:\Windows\system32\NTMARTA.DLL ModLoad: 77500000 7754a000 C:\Windows\system32\WLDAP32.dll ModLoad: 75990000 75997000 C:\Windows\system32\PSAPI.DLL ModLoad: 754b0000 754c1000 C:\Windows\system32\SAMLIB.dll ModLoad: 744c0000 744ce000 c:\windows\system32\inetsrv\w3wphost.dll ModLoad: 77550000 775dd000 C:\Windows\system32\OLEAUT32.dll ModLoad: 72ec0000 72f12000 c:\windows\system32\inetsrv\nativerd.dll ModLoad: 742a0000 742cf000 C:\Windows\system32\XmlLite.dll ModLoad: 72e60000 72e90000 c:\windows\system32\inetsrv\IISRES.DLL ModLoad: 74f40000 74f7b000 C:\Windows\system32\rsaenh.dll ModLoad: 72f40000 72f86000 C:\Windows\system32\mscoree.dll ModLoad: 75d90000 75de8000 C:\Windows\system32\SHLWAPI.dll ModLoad: 74600000 7479e000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll ModLoad: 72310000 728a0000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll ModLoad: 72dc0000 72e5b000 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll ModLoad: 75a30000 75ab4000 C:\Windows\system32\CLBCatQ.DLL ModLoad: 728a0000 728d0000 C:\Windows\system32\mlang.dll ModLoad: 6c7d0000 6c801000 C:\Windows\system32\inetsrv\iiscore.dll ModLoad: 71fd0000 71fd7000 c:\windows\system32\inetsrv\W3TP.dll ModLoad: 74480000 74489000 c:\windows\system32\inetsrv\w3dt.dll ModLoad: 71fb0000 71fbb000 C:\Windows\system32\HTTPAPI.dll ModLoad: 752f0000 7532a000 C:\Windows\system32\slc.dll ModLoad: 6cad0000 6caf8000 C:\Windows\system32\faultrep.dll ModLoad: 75050000 75058000 C:\Windows\system32\VERSION.dll ModLoad: 74b80000 74b8f000 C:\Windows\system32\NLAapi.dll ModLoad: 75290000 752a9000 C:\Windows\system32\IPHLPAPI.DLL ModLoad: 75250000 75285000 C:\Windows\system32\dhcpcsvc.DLL ModLoad: 754d0000 754fc000 C:\Windows\system32\DNSAPI.dll ModLoad: 75240000 75247000 C:\Windows\system32\WINNSI.DLL ModLoad: 75210000 75231000 C:\Windows\system32\dhcpcsvc6.DLL ModLoad: 750b0000 750eb000 C:\Windows\System32\mswsock.dll ModLoad: 73920000 73928000 C:\Windows\System32\winrnr.dll ModLoad: 73720000 7372f000 C:\Windows\system32\napinsp.dll ModLoad: 74d00000 74d05000 C:\Windows\System32\wshtcpip.dll ModLoad: 75140000 75145000 C:\Windows\System32\wship6.dll ModLoad: 73910000 73916000 C:\Windows\system32\rasadhlp.dll ModLoad: 6ca00000 6ca06000 C:\Windows\System32\inetsrv\cachuri.dll ModLoad: 6c9f0000 6c9f8000 C:\Windows\System32\inetsrv\cachfile.dll ModLoad: 6c9e0000 6c9e6000 C:\Windows\System32\inetsrv\cachtokn.dll ModLoad: 6c9d0000 6c9de000 C:\Windows\System32\inetsrv\cachhttp.dll ModLoad: 6c960000 6c96e000 C:\Windows\System32\inetsrv\compstat.dll ModLoad: 6c930000 6c938000 C:\Windows\System32\inetsrv\defdoc.dll ModLoad: 6c910000 6c919000 C:\Windows\System32\inetsrv\dirlist.dll ModLoad: 6c6b0000 6c6b8000 C:\Windows\System32\inetsrv\protsup.dll ModLoad: 6c6a0000 6c6ad000 C:\Windows\System32\inetsrv\static.dll ModLoad: 6c690000 6c69b000 C:\Windows\System32\inetsrv\authanon.dll ModLoad: 6c680000 6c68b000 C:\Windows\System32\inetsrv\authbas.dll ModLoad: 6c630000 6c63e000 C:\Windows\System32\inetsrv\authsspi.dll ModLoad: 755b0000 75625000 C:\Windows\system32\NETAPI32.dll ModLoad: 6c620000 6c62b000 C:\Windows\System32\inetsrv\modrqflt.dll ModLoad: 6c610000 6c61d000 C:\Windows\System32\inetsrv\custerr.dll ModLoad: 6c5c0000 6c5c8000 C:\Windows\System32\inetsrv\loghttp.dll ModLoad: 6c330000 6c337000 C:\Windows\System32\inetsrv\iisreqs.dll ModLoad: 728f0000 728f7000 C:\Windows\system32\WSOCK32.dll ModLoad: 6c1f0000 6c20e000 C:\Windows\System32\inetsrv\isapi.dll ModLoad: 6c000000 6c011000 C:\Windows\System32\inetsrv\filter.dll ModLoad: 6c320000 6c328000 C:\Windows\System32\inetsrv\validcfg.dll ModLoad: 6a2a0000 6a30d000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll ModLoad: 60060000 60067000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll ModLoad: 6c310000 6c319000 C:\Windows\system32\inetsrv\wbhst_pm.dll ModLoad: 765b0000 770c0000 C:\Windows\system32\shell32.dll ModLoad: 70d10000 71807000 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll ModLoad: 70580000 70d05000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll ModLoad: 03990000 044d3000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\96071d36e4d44ebb31a3b46f08fdc732\System.Web.ni.dll ModLoad: 75770000 757cf000 C:\Windows\system32\sxs.dll ModLoad: 72ac0000 72bb1000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll ModLoad: 71890000 71dc6000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll ModLoad: 66580000 667bc000 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\1543943b86269c9bebd5cf7a3fe7f55b\Microsoft.JScript.ni.dll ModLoad: 74460000 74468000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\App_global.asax.cyzjkxpg.dll ModLoad: 65d20000 65e7c000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\10097bf6\5f9a08ec_fffcca01\PatronAccess.DLL ModLoad: 72030000 7208b000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll ModLoad: 68ab0000 68bca000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\3b4cb090536bf6b0dfae8cefaeeadb9f\System.Web.Extensions.ni.dll ModLoad: 64020000 64033000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll ModLoad: 73c40000 73c6d000 C:\Windows\system32\WINTRUST.dll ModLoad: 774b0000 774d9000 C:\Windows\system32\imagehlp.dll ModLoad: 73690000 73715000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll ModLoad: 75170000 751a5000 C:\Windows\system32\ncrypt.dll ModLoad: 751b0000 751f5000 C:\Windows\system32\BCRYPT.dll ModLoad: 74d90000 74da5000 C:\Windows\system32\GPAPI.dll ModLoad: 73520000 7353b000 C:\Windows\system32\cryptnet.dll ModLoad: 73440000 73446000 C:\Windows\system32\SensApi.dll ModLoad: 73a50000 73a65000 C:\Windows\system32\Cabinet.dll ModLoad: 6ae30000 6ae3a000 C:\Windows\system32\inetsrv\gzip.dll ModLoad: 69e50000 69e6a000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\App_Web_kal6czmb.dll ModLoad: 69e10000 69e3c000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\App_Web_b1efcjqz.dll ModLoad: 69bd0000 69c26000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\e8a04837\0093847c_5153ca01\Infragistics2.WebUI.UltraWebTab.v9.2.DLL ModLoad: 5e480000 5e95e000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\719ff0ee\00c37169_5153ca01\Infragistics2.Web.v9.2.DLL ModLoad: 67c90000 67d1a000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\ba3b912a\00d19870_5153ca01\Infragistics2.WebUI.Shared.v9.2.DLL ModLoad: 656a0000 6587a000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\6470a692\14d22a05_ef2ac901\AjaxControlToolkit.DLL ModLoad: 66960000 66ae8000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll ModLoad: 6e690000 6ece3000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\813556b5a2722045b0ea14467fd00227\System.Data.ni.dll ModLoad: 64e70000 65144000 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ModLoad: 69c70000 69ca2000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\App_Web_zwtn5a73.dll ModLoad: 69e70000 69e8e000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\App_Web_qijxg7dv.dll ModLoad: 645a0000 647bf000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\b472cb382c17ffc3cb1a91ce12d90bf1\System.Web.Mobile.ni.dll ModLoad: 69c30000 69c66000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\e6b57c0506ec849c6706cb5617ad7372\System.Web.RegularExpressions.ni.dll ModLoad: 6c300000 6c30a000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\App_Web__hyepzhd.dll ModLoad: 69e00000 69e08000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\5ef208f7\b68a494a_e840c901\SessionTimeoutControl.DLL ModLoad: 69d50000 69d5c000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\619d48f7\0f695f01_fdfcca01\AgNetDataPro.DLL ModLoad: 69cd0000 69ce8000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\dc1703ed\00e1c635_caeaca01\xfnlnet.DLL ModLoad: 73d50000 73efb000 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (16cc.14e0): Break instruction exception - code 80000003 (first chance) eax=7ffa6000 ebx=00000000 ecx=00000000 edx=7740d094 esi=00000000 edi=00000000 eip=773c7dfe esp=051ff774 ebp=051ff7a0 iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 ntdll!DbgBreakPoint: 773c7dfe cc int 3 0:021 g (16cc.1454): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000000 ebx=00000479 ecx=00000000 edx=019d21f8 esi=019d1f18 edi=019ba74c eip=013849ed esp=0499ea44 ebp=0499f15c iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 013849ed 8b01 mov eax,dword ptr [ecx] ds:0023:00000000=???????? 0:018 g ModLoad: 65890000 65a55000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2fa835ce2dcace4fc7c0009f102efc79\System.Web.Services.ni.dll ModLoad: 6f2b0000 6f34d000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ae383808b3f5ee9287358378f9a2cad3\System.EnterpriseServices.ni.dll ModLoad: 10000000 10020000 System.EnterpriseServices.Wrapper.dll ModLoad: 00e50000 00e70000 System.EnterpriseServices.Wrapper.dll ModLoad: 66da0000 66de8000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ae383808b3f5ee9287358378f9a2cad3\System.EnterpriseServices.Wrapper.dll ModLoad: 10000000 10020000 C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll ModLoad: 6ab40000 6ab4c000 image6ab40000 ModLoad: 04950000 0495c000 image04950000 ModLoad: 049a0000 049c0000 image049a0000 ModLoad: 049d0000 049f0000 image049d0000 ModLoad: 049a0000 049c0000 image049a0000 ModLoad: 04a40000 04a60000 image04a40000 ModLoad: 049a0000 049c0000 image049a0000 ModLoad: 04a40000 04a60000 image04a40000 ModLoad: 049a0000 049c0000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\da3b70a0\00e9280f_c1f4c201\ICSharpCode.SharpZipLib.DLL ModLoad: 5eb40000 5f01e000 Infragistics2.Web.v9.2.dll ModLoad: 05a00000 05ede000 Infragistics2.Web.v9.2.dll ModLoad: 694d0000 694fa000 image694d0000 ModLoad: 049d0000 049fa000 image049d0000 ModLoad: 68cc0000 68cea000 image68cc0000 ModLoad: 04e40000 04e6a000 image04e40000 ModLoad: 69470000 6949a000 image69470000 ModLoad: 04e40000 04e6a000 image04e40000 ModLoad: 69470000 6949a000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\f77351ae\00582c74_5153ca01\Infragistics2.WebUI.Misc.v9.2.DLL ModLoad: 67d20000 67daa000 image67d20000 ModLoad: 04e70000 04efa000 image04e70000 ModLoad: 643e0000 64598000 Infragistics2.WebUI.UltraWebChart.v9.2.dll ModLoad: 05a00000 05bb8000 Infragistics2.WebUI.UltraWebChart.v9.2.dll ModLoad: 63ac0000 63c78000 Infragistics2.WebUI.UltraWebChart.v9.2.dll ModLoad: 05bc0000 05d78000 Infragistics2.WebUI.UltraWebChart.v9.2.dll ModLoad: 63900000 63ab8000 Infragistics2.WebUI.UltraWebChart.v9.2.dll ModLoad: 05bc0000 05d78000 Infragistics2.WebUI.UltraWebChart.v9.2.dll ModLoad: 63900000 63ab8000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\9acf477c\0030eeb6_5153ca01\Infragistics2.WebUI.UltraWebChart.v9.2.DLL ModLoad: 60570000 607b6000 image60570000 ModLoad: 05d80000 05fc6000 image05d80000 ModLoad: 64350000 64596000 image64350000 ModLoad: 05fd0000 06216000 image05fd0000 ModLoad: 5edd0000 5f016000 image5edd0000 ModLoad: 05fd0000 06216000 image05fd0000 ModLoad: 5edd0000 5f016000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\30e4a2ff\00dfbf77_5153ca01\Infragistics2.WebUI.UltraWebGrid.v9.2.DLL ModLoad: 67d50000 67da6000 image67d50000 ModLoad: 04e70000 04ec6000 image04e70000 ModLoad: 68cb0000 68ce4000 image68cb0000 ModLoad: 04e70000 04ea4000 image04e70000 ModLoad: 68790000 687c4000 image68790000 ModLoad: 04eb0000 04ee4000 image04eb0000 ModLoad: 688f0000 68924000 image688f0000 ModLoad: 04eb0000 04ee4000 image04eb0000 ModLoad: 688f0000 68924000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\2420cb22\00a1ab83_5153ca01\Infragistics2.WebUI.WebCombo.v9.2.DLL ModLoad: 66d50000 66da0000 image66d50000 ModLoad: 04f80000 04fd0000 image04f80000 ModLoad: 67d60000 67db0000 image67d60000 ModLoad: 05a00000 05a50000 image05a00000 ModLoad: 66d00000 66d50000 image66d00000 ModLoad: 05a00000 05a50000 image05a00000 ModLoad: 66d00000 66d50000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\6ceab935\00b28e76_5153ca01\Infragistics2.WebUI.WebDataInput.v9.2.DLL ModLoad: 11000000 1112e000 image11000000 ModLoad: 05a50000 05b7e000 image05a50000 ModLoad: 11000000 1112e000 image11000000 ModLoad: 05d80000 05eae000 image05d80000 ModLoad: 11000000 1112e000 image11000000 ModLoad: 05d80000 05eae000 image05d80000 ModLoad: 11000000 1112e000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\e99fdd05\00c79c09_d868c301\itextsharp.DLL ModLoad: 04df0000 04dfe000 LinkPointAPI-cs.dll ModLoad: 04e70000 04e7e000 LinkPointAPI-cs.dll ModLoad: 04df0000 04dfe000 LinkPointAPI-cs.dll ModLoad: 04e80000 04e8e000 LinkPointAPI-cs.dll ModLoad: 04df0000 04dfe000 LinkPointAPI-cs.dll ModLoad: 04e80000 04e8e000 LinkPointAPI-cs.dll ModLoad: 04df0000 04dfe000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\0e724536\00922343_54dfc701\LinkPointAPI-cs.DLL ModLoad: 04e70000 04e78000 image04e70000 ModLoad: 04e90000 04e98000 image04e90000 ModLoad: 04e70000 04e78000 image04e70000 ModLoad: 04ea0000 04ea8000 image04ea0000 ModLoad: 04e70000 04e78000 image04e70000 ModLoad: 04ea0000 04ea8000 image04ea0000 ModLoad: 04e70000 04e78000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\859797c4\00eb5fc5_bed8c401\LinkPointTransaction.DLL ModLoad: 65e80000 65fdc000 PatronAccess.dll ModLoad: 05a50000 05bac000 PatronAccess.dll ModLoad: 6ab40000 6ab48000 SessionTimeoutControl.dll ModLoad: 04e90000 04e98000 SessionTimeoutControl.dll ModLoad: 6ab80000 6ab8e000 WebServices.dll ModLoad: 04e90000 04e9e000 WebServices.dll ModLoad: 6ab40000 6ab4e000 WebServices.dll ModLoad: 04ef0000 04efe000 WebServices.dll ModLoad: 69d40000 69d4e000 WebServices.dll ModLoad: 04ef0000 04efe000 WebServices.dll ModLoad: 69d40000 69d4e000 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\048afd31\e1f306b4\assembly\dl3\21555aa5\5f498093_fefcca01\WebServices.DLL ModLoad: 694e0000 694f8000 image694e0000 ModLoad: 04f80000 04f98000 image04f80000 ModLoad: 661c0000 6624e000 System.ServiceModel.Web.dll ModLoad: 05a50000 05ade000 System.ServiceModel.Web.dll ModLoad: 5d850000 5ddfc000 System.ServiceModel.dll ModLoad: 06220000 067cc000 System.ServiceModel.dll ModLoad: 65ef0000 65fe0000 System.Runtime.Serialization.dll ModLoad: 05eb0000 05fa0000 System.Runtime.Serialization.dll ModLoad: 694e0000 694fe000 SMDiagnostics.dll ModLoad: 04f80000 04f9e000 SMDiagnostics.dll ModLoad: 65be0000 65d1c000 System.Web.Extensions.dll ModLoad: 067d0000 0690c000 System.Web.Extensions.dll ModLoad: 67d40000 67dac000 System.IdentityModel.dll ModLoad: 05ae0000 05b4c000 System.IdentityModel.dll ModLoad: 687a0000 687c2000 System.IdentityModel.Selectors.dll ModLoad: 04fa0000 04fc2000 System.IdentityModel.Selectors.dll ModLoad: 66c90000 66cf4000 Microsoft.Transactions.Bridge.dll ModLoad: 05b50000 05bb4000 Microsoft.Transactions.Bridge.dll ModLoad: 69130000 69146000 System.Web.Abstractions.dll ModLoad: 051b0000 051c6000 System.Web.Abstractions.dll ModLoad: 65150000 651f6000 System.Core.dll ModLoad: 06910000 069b6000 System.Core.dll ModLoad: 64440000 644ea000 System.Data.Linq.dll ModLoad: 069c0000 06a6a000 System.Data.Linq.dll ModLoad: 66d50000 66d9c000 System.Data.Services.Client.dll ModLoad: 06a70000 06abc000 System.Data.Services.Client.dll ModLoad: 68cd0000 68cf0000 System.Data.Services.Design.dll ModLoad: 05210000 05230000 System.Data.Services.Design.dll ModLoad: 5eb00000 5edc2000 System.Data.Entity.dll ModLoad: 06ac0000 06d82000 System.Data.Entity.dll ModLoad: 66af0000 66b16000 System.Xml.Linq.dll ModLoad: 05fa0000 05fc6000 System.Xml.Linq.dll ModLoad: 661c0000 6624e000 C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll ModLoad: 64520000 6459e000 System.WorkflowServices.dll ModLoad: 06d90000 06e0e000 System.WorkflowServices.dll ModLoad: 63af0000 63c80000 System.Workflow.ComponentModel.dll ModLoad: 06e10000 06fa0000 System.Workflow.ComponentModel.dll ModLoad: 64320000 6443a000 System.Workflow.Activities.dll ModLoad: 06fa0000 070ba000 System.Workflow.Activities.dll ModLoad: 62cf0000 62d78000 System.Workflow.Runtime.dll ModLoad: 070c0000 07148000 System.Workflow.Runtime.dll ModLoad: 68cb0000 68cc6000 Microsoft.Build.Utilities.dll ModLoad: 07150000 07166000 Microsoft.Build.Utilities.dll ModLoad: 6ab80000 6ab8c000 Microsoft.Build.Framework.dll ModLoad: 05230000 0523c000 Microsoft.Build.Framework.dll ModLoad: 07170000 07214000 Microsoft.Build.Tasks.dll ModLoad: 07220000 072c4000 Microsoft.Build.Tasks.dll ModLoad: 64520000 6459e000 C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll ModLoad: 5d610000 5d84e000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a33b3b88fd575b703ba4212c677880ae\System.Runtime.Serialization.ni.dll ModLoad: 605a0000 606a6000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\3bfbe737873becead614d1504e7d5684\System.IdentityModel.ni.dll ModLoad: 5ab70000 5bbf7000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7115815b53ec561932345e16fbeea968\System.ServiceModel.ni.dll ModLoad: 61440000 6201e000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll ModLoad: 5d190000 5d3c4000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a0522cb280c09b3441e1889502ca145a\System.Core.ni.dll ModLoad: 60a00000 61433000 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\d3fa02f8a34329c8b84c004afaea7054\System.Design.ni.dll (16cc.1454): CLR exception - code e0434f4d (first chance) (16cc.1454): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000000 ebx=01776038 ecx=00000000 edx=00000000 esi=017ff314 edi=018907f8 eip=071a62fc esp=0499ee88 ebp=0499eef4 iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 071a62fc 8b01 mov eax,dword ptr [ecx] ds:0023:00000000=???????? 0:018 g (16cc.1454): CLR exception - code e0434f4d (first chance) (16cc.1454): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000000 ebx=01776038 ecx=00000000 edx=00000000 esi=017ff200 edi=0186ed04 eip=071a62fc esp=0499ee88 ebp=0499eef4 iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 071a62fc 8b01 mov eax,dword ptr [ecx] ds:0023:00000000=???????? 0:018 g (16cc.1358): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000000 ebx=01776038 ecx=00000000 edx=00000000 esi=017ff200 edi=01858380 eip=071a62fc esp=0742ee98 ebp=0742ef04 iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 071a62fc 8b01 mov eax,dword ptr [ecx] ds:0023:00000000=???????? 0:020 g (16cc.1358): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000000 ebx=017758a4 ecx=00000000 edx=00000000 esi=017fd078 edi=018b6afc eip=071a62fc esp=0742ee98 ebp=0742ef04 iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 071a62fc 8b01 mov eax,dword ptr [ecx] ds:0023:00000000=???????? 0:020 g (16cc.1358): Stack overflow - code c00000fd (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000000 ebx=020504b4 ecx=000001d1 edx=0000001b esi=020503d4 edi=073f2998 eip=6eaf0ed3 esp=073f2980 ebp=073f30ec iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 * WARNING: Unable to verify checksum for C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\813556b5a2722045b0ea14467fd00227\System.Data.ni.dll System_Data_ni!_bidW103 (System_Data_ni+0x460ed3): 6eaf0ed3 f3ab rep stos dword ptr es:[edi] Any help would be appricated.

Read the article
Cisco SR520w FE - WAN Port Stops Working

- by Mike Hanley

I have setup a Cisco SR520W and everything appears to be working. After about 1-2 days, it looks like the WAN port stops forwarding traffic to the Internet gateway IP of the device. If I unplug and then plug in the network cable connecting the WAN port of the SR520W to my Comcast Cable Modem, traffic startings flowing again. Also, if I restart the SR520W, the traffic will flow again. Any ideas? Here is the running config: Current configuration : 10559 bytes ! version 12.4 no service pad no service timestamps debug uptime service timestamps log datetime msec no service password-encryption ! hostname hostname.mydomain.com ! boot-start-marker boot-end-marker ! logging message-counter syslog no logging rate-limit enable secret 5 <removed> ! aaa new-model ! ! aaa authentication login default local aaa authorization exec default local ! ! aaa session-id common clock timezone PST -8 clock summer-time PDT recurring ! crypto pki trustpoint TP-self-signed-334750407 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-334750407 revocation-check none rsakeypair TP-self-signed-334750407 ! ! crypto pki certificate chain TP-self-signed-334750407 certificate self-signed 01 <removed> quit dot11 syslog ! dot11 ssid <removed> vlan 75 authentication open authentication key-management wpa guest-mode wpa-psk ascii 0 <removed> ! ip source-route ! ! ip dhcp excluded-address 172.16.0.1 172.16.0.10 ! ip dhcp pool inside import all network 172.16.0.0 255.240.0.0 default-router 172.16.0.1 dns-server 10.0.0.15 10.0.0.12 domain-name mydomain.com ! ! ip cef ip domain name mydomain.com ip name-server 68.87.76.178 ip name-server 66.240.48.9 ip port-map user-ezvpn-remote port udp 10000 ip ips notify SDEE ip ips name sdm_ips_rule ! ip ips signature-category category all retired true category ios_ips basic retired false ! ip inspect log drop-pkt no ipv6 cef ! multilink bundle-name authenticated parameter-map type inspect z1-z2-pmap audit-trail on password encryption aes ! ! username admin privilege 15 secret 5 <removed> ! crypto key pubkey-chain rsa named-key realm-cisco.pub key-string <removed> quit ! ! ! ! ! ! crypto ipsec client ezvpn EZVPN_REMOTE_CONNECTION_1 connect auto group EZVPN_GROUP_1 key <removed> mode client peer 64.1.208.90 virtual-interface 1 username admin password <removed> xauth userid mode local ! ! archive log config logging enable logging size 600 hidekeys ! ! ! class-map type inspect match-any SDM_AH match access-group name SDM_AH class-map type inspect match-any SDM-Voice-permit match protocol sip class-map type inspect match-any SDM_ESP match access-group name SDM_ESP class-map type inspect match-any SDM_EASY_VPN_REMOTE_TRAFFIC match protocol isakmp match protocol ipsec-msft match class-map SDM_AH match class-map SDM_ESP match protocol user-ezvpn-remote class-map type inspect match-all SDM_EASY_VPN_REMOTE_PT match class-map SDM_EASY_VPN_REMOTE_TRAFFIC match access-group 101 class-map type inspect match-any Easy_VPN_Remote_VT match access-group 102 class-map type inspect match-any sdm-cls-icmp-access match protocol icmp match protocol tcp match protocol udp class-map type inspect match-any sdm-cls-insp-traffic match protocol cuseeme match protocol dns match protocol ftp match protocol h323 match protocol https match protocol icmp match protocol imap match protocol pop3 match protocol netshow match protocol shell match protocol realmedia match protocol rtsp match protocol smtp extended match protocol sql-net match protocol streamworks match protocol tftp match protocol vdolive match protocol tcp match protocol udp class-map type inspect match-any L4-inspect-class match protocol icmp class-map type inspect match-all sdm-invalid-src match access-group 100 class-map type inspect match-all dhcp_out_self match access-group name dhcp-resp-permit class-map type inspect match-all dhcp_self_out match access-group name dhcp-req-permit class-map type inspect match-all sdm-protocol-http match protocol http ! ! policy-map type inspect sdm-permit-icmpreply class type inspect dhcp_self_out pass class type inspect sdm-cls-icmp-access inspect class class-default pass policy-map type inspect sdm-permit_VT class type inspect Easy_VPN_Remote_VT pass class class-default drop policy-map type inspect sdm-inspect class type inspect SDM-Voice-permit pass class type inspect sdm-cls-insp-traffic inspect class type inspect sdm-invalid-src drop log class type inspect sdm-protocol-http inspect z1-z2-pmap class class-default pass policy-map type inspect sdm-inspect-voip-in class type inspect SDM-Voice-permit pass class class-default drop policy-map type inspect sdm-permit class type inspect SDM_EASY_VPN_REMOTE_PT pass class type inspect dhcp_out_self pass class class-default drop ! zone security ezvpn-zone zone security out-zone zone security in-zone zone-pair security sdm-zp-in-ezvpn1 source in-zone destination ezvpn-zone service-policy type inspect sdm-permit_VT zone-pair security sdm-zp-out-ezpn1 source out-zone destination ezvpn-zone service-policy type inspect sdm-permit_VT zone-pair security sdm-zp-ezvpn-out1 source ezvpn-zone destination out-zone service-policy type inspect sdm-permit_VT zone-pair security sdm-zp-self-out source self destination out-zone service-policy type inspect sdm-permit-icmpreply zone-pair security sdm-zp-out-in source out-zone destination in-zone service-policy type inspect sdm-inspect-voip-in zone-pair security sdm-zp-ezvpn-in1 source ezvpn-zone destination in-zone service-policy type inspect sdm-permit_VT zone-pair security sdm-zp-out-self source out-zone destination self service-policy type inspect sdm-permit zone-pair security sdm-zp-in-out source in-zone destination out-zone service-policy type inspect sdm-inspect ! bridge irb ! ! interface FastEthernet0 switchport access vlan 75 ! interface FastEthernet1 switchport access vlan 75 ! interface FastEthernet2 switchport access vlan 75 ! interface FastEthernet3 switchport access vlan 75 ! interface FastEthernet4 description $FW_OUTSIDE$ ip address 75.149.48.76 255.255.255.240 ip nat outside ip ips sdm_ips_rule out ip virtual-reassembly zone-member security out-zone duplex auto speed auto crypto ipsec client ezvpn EZVPN_REMOTE_CONNECTION_1 ! interface Virtual-Template1 type tunnel no ip address ip virtual-reassembly zone-member security ezvpn-zone tunnel mode ipsec ipv4 ! interface Dot11Radio0 no ip address ! encryption vlan 75 mode ciphers aes-ccm ! ssid <removed> ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root ! interface Dot11Radio0.75 encapsulation dot1Q 75 native ip virtual-reassembly bridge-group 75 bridge-group 75 subscriber-loop-control bridge-group 75 spanning-disabled bridge-group 75 block-unknown-source no bridge-group 75 source-learning no bridge-group 75 unicast-flooding ! interface Vlan1 no ip address ip virtual-reassembly bridge-group 1 ! interface Vlan75 no ip address ip virtual-reassembly bridge-group 75 bridge-group 75 spanning-disabled ! interface BVI1 no ip address ip nat inside ip virtual-reassembly ! interface BVI75 description $FW_INSIDE$ ip address 172.16.0.1 255.240.0.0 ip nat inside ip ips sdm_ips_rule in ip virtual-reassembly zone-member security in-zone crypto ipsec client ezvpn EZVPN_REMOTE_CONNECTION_1 inside ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 75.149.48.78 2 ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 1 interface FastEthernet4 overload ! ip access-list extended SDM_AH remark SDM_ACL Category=1 permit ahp any any ip access-list extended SDM_ESP remark SDM_ACL Category=1 permit esp any any ip access-list extended dhcp-req-permit remark SDM_ACL Category=1 permit udp any eq bootpc any eq bootps ip access-list extended dhcp-resp-permit remark SDM_ACL Category=1 permit udp any eq bootps any eq bootpc ! access-list 1 remark SDM_ACL Category=2 access-list 1 permit 172.16.0.0 0.15.255.255 access-list 100 remark SDM_ACL Category=128 access-list 100 permit ip host 255.255.255.255 any access-list 100 permit ip 127.0.0.0 0.255.255.255 any access-list 100 permit ip 75.149.48.64 0.0.0.15 any access-list 101 remark SDM_ACL Category=128 access-list 101 permit ip host 64.1.208.90 any access-list 102 remark SDM_ACL Category=1 access-list 102 permit ip any any ! ! ! ! snmp-server community <removed> RO ! control-plane ! bridge 1 protocol ieee bridge 1 route ip bridge 75 route ip banner login ^CSR520 Base Config - MFG 1.0 ^C ! line con 0 no modem enable line aux 0 line vty 0 4 transport input telnet ssh ! scheduler max-task-time 5000 end I also ran some diagnostics when the WAN port stopped working: 1. show interface fa4 FastEthernet4 is up, line protocol is up Hardware is PQUICC_FEC, address is 0026.99c5.b434 (bia 0026.99c5.b434) Description: $FW_OUTSIDE$ Internet address is 75.149.48.76/28 MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 01:08:15, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/23/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 1000 bits/sec, 0 packets/sec 336446 packets input, 455403158 bytes Received 23 broadcasts, 0 runts, 0 giants, 37 throttles 41 input errors, 0 CRC, 0 frame, 0 overrun, 41 ignored 0 watchdog 0 input packets with dribble condition detected 172529 packets output, 23580132 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out 2. show ip route Gateway of last resort is 75.149.48.78 to network 0.0.0.0 C 192.168.75.0/24 is directly connected, BVI75 64.0.0.0/32 is subnetted, 1 subnets S 64.1.208.90 [1/0] via 75.149.48.78 S 192.168.10.0/24 is directly connected, BVI75 75.0.0.0/28 is subnetted, 1 subnets C 75.149.48.64 is directly connected, FastEthernet4 S* 0.0.0.0/0 [2/0] via 75.149.48.78 3. show ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 75.149.48.65 69 001e.2a39.7b08 ARPA FastEthernet4 Internet 75.149.48.76 - 0026.99c5.b434 ARPA FastEthernet4 Internet 75.149.48.78 93 0022.2d6c.ae36 ARPA FastEthernet4 Internet 192.168.75.1 - 0027.0d58.f5f0 ARPA BVI75 Internet 192.168.75.12 50 7c6d.62c7.8c0a ARPA BVI75 Internet 192.168.75.13 0 001b.6301.1227 ARPA BVI75 4. sh ip cef Prefix Next Hop Interface 0.0.0.0/0 75.149.48.78 FastEthernet4 0.0.0.0/8 drop 0.0.0.0/32 receive 64.1.208.90/32 75.149.48.78 FastEthernet4 75.149.48.64/28 attached FastEthernet4 75.149.48.64/32 receive FastEthernet4 75.149.48.65/32 attached FastEthernet4 75.149.48.76/32 receive FastEthernet4 75.149.48.78/32 attached FastEthernet4 75.149.48.79/32 receive FastEthernet4 127.0.0.0/8 drop 192.168.10.0/24 attached BVI75 192.168.75.0/24 attached BVI75 192.168.75.0/32 receive BVI75 192.168.75.1/32 receive BVI75 192.168.75.12/32 attached BVI75 192.168.75.13/32 attached BVI75 192.168.75.255/32 receive BVI75 224.0.0.0/4 drop 224.0.0.0/24 receive 240.0.0.0/4 drop 255.255.255.255/32 receive Thanks in advance, -Mike

Read the article
Cisco 891w multiple VLAN configuration

- by Jessica

I'm having trouble getting my guest network up. I have VLAN 1 that contains all our network resources (servers, desktops, printers, etc). I have the wireless configured to use VLAN1 but authenticate with wpa2 enterprise. The guest network I just wanted to be open or configured with a simple WPA2 personal password on it's own VLAN2. I've looked at tons of documentation and it should be working but I can't even authenticate on the guest network! I've posted this on cisco's support forum a week ago but no one has really responded. I could really use some help. So if anyone could take a look at the configurations I posted and steer me in the right direction I would be extremely grateful. Thank you! version 15.0 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ESI ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! aaa new-model ! ! aaa authentication login userauthen local aaa authorization network groupauthor local ! ! ! ! ! aaa session-id common ! ! ! clock timezone EST -5 clock summer-time EDT recurring service-module wlan-ap 0 bootimage autonomous ! crypto pki trustpoint TP-self-signed-3369945891 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3369945891 revocation-check none rsakeypair TP-self-signed-3369945891 ! ! crypto pki certificate chain TP-self-signed-3369945891 certificate self-signed 01 (cert is here) quit ip source-route ! ! ip dhcp excluded-address 192.168.1.1 ip dhcp excluded-address 192.168.1.5 ip dhcp excluded-address 192.168.1.2 ip dhcp excluded-address 192.168.1.200 192.168.1.210 ip dhcp excluded-address 192.168.1.6 ip dhcp excluded-address 192.168.1.8 ip dhcp excluded-address 192.168.3.1 ! ip dhcp pool ccp-pool import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 10.171.12.5 10.171.12.37 lease 0 2 ! ip dhcp pool guest import all network 192.168.3.0 255.255.255.0 default-router 192.168.3.1 dns-server 10.171.12.5 10.171.12.37 ! ! ip cef no ip domain lookup no ipv6 cef ! ! multilink bundle-name authenticated license udi pid CISCO891W-AGN-A-K9 sn FTX153085WL ! ! username ESIadmin privilege 15 secret 5 $1$g1..$JSZ0qxljZAgJJIk/anDu51 username user1 password 0 pass ! ! ! class-map type inspect match-any ccp-cls-insp-traffic match protocol cuseeme match protocol dns match protocol ftp match protocol h323 match protocol https match protocol icmp match protocol imap match protocol pop3 match protocol netshow match protocol shell match protocol realmedia match protocol rtsp match protocol smtp match protocol sql-net match protocol streamworks match protocol tftp match protocol vdolive match protocol tcp match protocol udp class-map type inspect match-all ccp-insp-traffic match class-map ccp-cls-insp-traffic class-map type inspect match-any ccp-cls-icmp-access match protocol icmp class-map type inspect match-all ccp-invalid-src match access-group 100 class-map type inspect match-all ccp-icmp-access match class-map ccp-cls-icmp-access class-map type inspect match-all ccp-protocol-http match protocol http ! ! policy-map type inspect ccp-permit-icmpreply class type inspect ccp-icmp-access inspect class class-default pass policy-map type inspect ccp-inspect class type inspect ccp-invalid-src drop log class type inspect ccp-protocol-http inspect class type inspect ccp-insp-traffic inspect class class-default drop policy-map type inspect ccp-permit class class-default drop ! zone security out-zone zone security in-zone zone-pair security ccp-zp-self-out source self destination out-zone service-policy type inspect ccp-permit-icmpreply zone-pair security ccp-zp-in-out source in-zone destination out-zone service-policy type inspect ccp-inspect zone-pair security ccp-zp-out-self source out-zone destination self service-policy type inspect ccp-permit ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 ! crypto isakmp client configuration group 3000client key 67Nif8LLmqP_ dns 10.171.12.37 10.171.12.5 pool dynpool acl 101 ! ! crypto ipsec transform-set myset esp-3des esp-sha-hmac ! crypto dynamic-map dynmap 10 set transform-set myset ! ! crypto map clientmap client authentication list userauthen crypto map clientmap isakmp authorization list groupauthor crypto map clientmap client configuration address initiate crypto map clientmap client configuration address respond crypto map clientmap 10 ipsec-isakmp dynamic dynmap ! ! ! ! ! interface FastEthernet0 ! ! interface FastEthernet1 ! ! interface FastEthernet2 ! ! interface FastEthernet3 ! ! interface FastEthernet4 ! ! interface FastEthernet5 ! ! interface FastEthernet6 ! ! interface FastEthernet7 ! ! interface FastEthernet8 ip address dhcp ip nat outside ip virtual-reassembly duplex auto speed auto ! ! interface GigabitEthernet0 description $FW_OUTSIDE$$ES_WAN$ ip address 10...* 255.255.254.0 ip nat outside ip virtual-reassembly zone-member security out-zone duplex auto speed auto crypto map clientmap ! ! interface wlan-ap0 description Service module interface to manage the embedded AP ip unnumbered Vlan1 arp timeout 0 ! ! interface Wlan-GigabitEthernet0 description Internal switch interface connecting to the embedded AP switchport trunk allowed vlan 1-3,1002-1005 switchport mode trunk ! ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$$FW_INSIDE$ ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly zone-member security in-zone ip tcp adjust-mss 1452 crypto map clientmap ! ! interface Vlan2 description guest ip address 192.168.3.1 255.255.255.0 ip access-group 120 in ip nat inside ip virtual-reassembly zone-member security in-zone ! ! interface Async1 no ip address encapsulation slip ! ! ip local pool dynpool 192.168.1.200 192.168.1.210 ip forward-protocol nd ip http server ip http access-class 23 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! ! ip dns server ip nat inside source list 23 interface GigabitEthernet0 overload ip route 0.0.0.0 0.0.0.0 10.165.0.1 ! access-list 23 permit 192.168.1.0 0.0.0.255 access-list 100 remark CCP_ACL Category=128 access-list 100 permit ip host 255.255.255.255 any access-list 100 permit ip 127.0.0.0 0.255.255.255 any access-list 100 permit ip 10.165.0.0 0.0.1.255 any access-list 110 permit ip 192.168.0.0 0.0.5.255 any access-list 120 remark ESIGuest Restriction no cdp run ! ! ! ! ! ! control-plane ! ! alias exec dot11radio service-module wlan-ap 0 session Access point version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ESIRouter ! no logging console enable secret 5 $1$yEH5$CxI5.9ypCBa6kXrUnSuvp1 ! aaa new-model ! ! aaa group server radius rad_eap server 192.168.1.5 auth-port 1812 acct-port 1813 ! aaa group server radius rad_acct server 192.168.1.5 auth-port 1812 acct-port 1813 ! aaa authentication login eap_methods group rad_eap aaa authentication enable default line enable aaa authorization exec default local aaa authorization commands 15 default local aaa accounting network acct_methods start-stop group rad_acct ! aaa session-id common clock timezone EST -5 clock summer-time EDT recurring ip domain name ESI ! ! dot11 syslog dot11 vlan-name one vlan 1 dot11 vlan-name two vlan 2 ! dot11 ssid one vlan 1 authentication open eap eap_methods authentication network-eap eap_methods authentication key-management wpa version 2 accounting rad_acct ! dot11 ssid two vlan 2 authentication open guest-mode ! dot11 network-map ! ! username ESIadmin privilege 15 secret 5 $1$p02C$WVHr5yKtRtQxuFxPU8NOx. ! ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 1 mode ciphers aes-ccm ! broadcast-key vlan 1 change 30 ! ! ssid one ! ssid two ! antenna gain 0 station-role root ! interface Dot11Radio0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio0.2 encapsulation dot1Q 2 no ip route-cache bridge-group 2 bridge-group 2 subscriber-loop-control bridge-group 2 block-unknown-source no bridge-group 2 source-learning no bridge-group 2 unicast-flooding bridge-group 2 spanning-disabled ! interface Dot11Radio1 no ip address no ip route-cache shutdown ! encryption vlan 1 mode ciphers aes-ccm ! broadcast-key vlan 1 change 30 ! ! ssid one ! antenna gain 0 dfs band 3 block channel dfs station-role root ! interface Dot11Radio1.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface GigabitEthernet0 description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router no ip address no ip route-cache ! interface GigabitEthernet0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface GigabitEthernet0.2 encapsulation dot1Q 2 no ip route-cache bridge-group 2 no bridge-group 2 source-learning bridge-group 2 spanning-disabled ! interface BVI1 ip address 192.168.1.2 255.255.255.0 no ip route-cache ! ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag access-list 10 permit 192.168.1.0 0.0.0.255 radius-server host 192.168.1.5 auth-port 1812 acct-port 1813 key ***** bridge 1 route ip

Read the article
Inbound SIP calls through Cisco 881 NAT hang up after a few seconds

- by MasterRoot24

I've recently moved to a Cisco 881 router for my WAN link. I was previously using a Cisco Linksys WAG320N as my modem/router/WiFi AP/NAT firewall. The WAG320N is now running in bridged mode, so it's simply acting as a modem with one of it's LAN ports connected to FE4 WAN on my Cisco 881. The Cisco 881 get's a DHCP provided IP from my ISP. My LAN is part of default Vlan 1 (192.168.1.0/24). General internet connectivity is working great, I've managed to setup static NAT rules for my HTTP/HTTPS/SMTP/etc. services which are running on my LAN. I don't know whether it's worth mentioning that I've opted to use NVI NAT (ip nat enable as opposed to the traditional ip nat outside/ip nat inside) setup. My reason for this is that NVI allows NAT loopback from my LAN to the WAN IP and back in to the necessary server on the LAN. I run an Asterisk 1.8 PBX on my LAN, which connects to a SIP provider on the internet. Both inbound and outbound calls through the old setup (WAG320N providing routing/NAT) worked fine. However, since moving to the Cisco 881, inbound calls drop after around 10 seconds, whereas outbound calls work fine. The following message is logged on my Asterisk PBX: [Dec 9 15:27:45] WARNING[27734]: chan_sip.c:3641 retrans_pkt: Retransmission timeout reached on transmission [email protected] for seqno 1 (Critical Response) -- See https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions Packet timed out after 6528ms with no response [Dec 9 15:27:45] WARNING[27734]: chan_sip.c:3670 retrans_pkt: Hanging up call [email protected] - no reply to our critical packet (see https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions). (I know that this is quite a common issue - I've spend the best part of 2 days solid on this, trawling Google.) I've done as I am told and checked https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions. Referring to the section "Other SIP requests" in the page linked above, I believe that the hangup to be caused by the ACK from my SIP provider not being passed back through NAT to Asterisk on my PBX. I tried to ascertain this by dumping the packets on my WAN interface on the 881. I managed to obtain a PCAP dump of packets in/out of my WAN interface. Here's an example of an ACK being reveived by the router from my provider: 689 21.219999 193.x.x.x 188.x.x.x SIP 502 Request: ACK sip:[email protected] | However a SIP trace on the Asterisk server show's that there are no ACK's received in response to the 200 OK from my PBX: http://pastebin.com/wwHpLPPz In the past, I have been strongly advised to disable any sort of SIP ALGs on routers and/or firewalls and the many posts regarding this issue on the internet seem to support this. However, I believe on Cisco IOS, the config command to disable SIP ALG is no ip nat service sip udp port 5060 however, this doesn't appear to help the situation. To confirm that config setting is set: Router1#show running-config | include sip no ip nat service sip udp port 5060 Another interesting twist: for a short period of time, I tried another provider. Luckily, my trial account with them is still available, so I reverted my Asterisk config back to the revision before I integrated with my current provider. I then dialled in to the DDI associated with the trial trunk and the call didn't get hung up and I didn't get the error above! To me, this points at the provider, however I know, like all providers do, will say "There's no issues with our SIP proxies - it's your firewall." I'm tempted to agree with this, as this issue was not apparent with the old WAG320N router when it was doing the NAT'ing. I'm sure you'll want to see my running-config too: ! ! Last configuration change at 15:55:07 UTC Sun Dec 9 2012 by xxx version 15.2 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone no service password-encryption service sequence-numbers ! hostname Router1 ! boot-start-marker boot-end-marker ! ! security authentication failure rate 10 log security passwords min-length 6 logging buffered 4096 logging console critical enable secret 4 xxx ! aaa new-model ! ! aaa authentication login local_auth local ! ! ! ! ! aaa session-id common ! memory-size iomem 10 ! crypto pki trustpoint TP-self-signed-xxx enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-xxx revocation-check none rsakeypair TP-self-signed-xxx ! ! crypto pki certificate chain TP-self-signed-xxx certificate self-signed 01 quit no ip source-route no ip gratuitous-arps ip auth-proxy max-login-attempts 5 ip admission max-login-attempts 5 ! ! ! ! ! no ip bootp server ip domain name dmz.merlin.local ip domain list dmz.merlin.local ip domain list merlin.local ip name-server x.x.x.x ip inspect audit-trail ip inspect udp idle-time 1800 ip inspect dns-timeout 7 ip inspect tcp idle-time 14400 ip inspect name autosec_inspect ftp timeout 3600 ip inspect name autosec_inspect http timeout 3600 ip inspect name autosec_inspect rcmd timeout 3600 ip inspect name autosec_inspect realaudio timeout 3600 ip inspect name autosec_inspect smtp timeout 3600 ip inspect name autosec_inspect tftp timeout 30 ip inspect name autosec_inspect udp timeout 15 ip inspect name autosec_inspect tcp timeout 3600 ip cef login block-for 3 attempts 3 within 3 no ipv6 cef ! ! multilink bundle-name authenticated license udi pid CISCO881-SEC-K9 sn ! ! username xxx privilege 15 secret 4 xxx username xxx secret 4 xxx ! ! ! ! ! ip ssh time-out 60 ! ! ! ! ! ! ! ! ! interface FastEthernet0 no ip address ! interface FastEthernet1 no ip address ! interface FastEthernet2 no ip address ! interface FastEthernet3 switchport access vlan 2 no ip address ! interface FastEthernet4 ip address dhcp no ip redirects no ip unreachables no ip proxy-arp ip nat enable duplex auto speed auto ! interface Vlan1 ip address 192.168.1.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip nat enable ! interface Vlan2 ip address 192.168.0.2 255.255.255.0 ! ip forward-protocol nd ip http server ip http access-class 1 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! ! no ip nat service sip udp port 5060 ip nat source list 1 interface FastEthernet4 overload ip nat source static tcp x.x.x.x 80 interface FastEthernet4 80 ip nat source static tcp x.x.x.x 443 interface FastEthernet4 443 ip nat source static tcp x.x.x.x 25 interface FastEthernet4 25 ip nat source static tcp x.x.x.x 587 interface FastEthernet4 587 ip nat source static tcp x.x.x.x 143 interface FastEthernet4 143 ip nat source static tcp x.x.x.x 993 interface FastEthernet4 993 ip nat source static tcp x.x.x.x 1723 interface FastEthernet4 1723 ! ! logging trap debugging logging facility local2 access-list 1 permit 192.168.1.0 0.0.0.255 access-list 1 permit 192.168.0.0 0.0.0.255 no cdp run ! ! ! ! control-plane ! ! banner motd Authorized Access only ! line con 0 login authentication local_auth length 0 transport output all line aux 0 exec-timeout 15 0 login authentication local_auth transport output all line vty 0 1 access-class 1 in logging synchronous login authentication local_auth length 0 transport preferred none transport input telnet transport output all line vty 2 4 access-class 1 in login authentication local_auth length 0 transport input ssh transport output all ! ! end ...and, if it's of any use, here's my Asterisk SIP config: [general] context=default ; Default context for calls allowoverlap=no ; Disable overlap dialing support. (Default is yes) udpbindaddr=0.0.0.0 ; IP address to bind UDP listen socket to (0.0.0.0 binds to all) ; Optionally add a port number, 192.168.1.1:5062 (default is port 5060) tcpenable=no ; Enable server for incoming TCP connections (default is no) tcpbindaddr=0.0.0.0 ; IP address for TCP server to bind to (0.0.0.0 binds to all interfaces) ; Optionally add a port number, 192.168.1.1:5062 (default is port 5060) srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; Note: Asterisk only uses the first host ; in SRV records ; Disabling DNS SRV lookups disables the ; ability to place SIP calls based on domain ; names to some other SIP users on the Internet ; Specifying a port in a SIP peer definition or ; when dialing outbound calls will supress SRV ; lookups for that peer or call. directmedia=no ; Don't allow direct RTP media between extensions (doesn't work through NAT) externhost=<MY DYNDNS HOSTNAME> ; Our external hostname to resolve to IP and be used in NAT'ed packets localnet=192.168.1.0/24 ; Define our local network so we know which packets need NAT'ing qualify=yes ; Qualify peers by default dtmfmode=rfc2833 ; Set the default DTMF mode disallow=all ; Disallow all codecs by default allow=ulaw ; Allow G.711 u-law allow=alaw ; Allow G.711 a-law ; ---------------------- ; SIP Trunk Registration ; ---------------------- ; Orbtalk register => <MY SIP PROVIDER USER NAME>:[email protected]/<MY DDI> ; Main Orbtalk number ; ---------- ; Trunks ; ---------- [orbtalk] ; Main Orbtalk trunk type=peer insecure=invite host=sipgw3.orbtalk.co.uk nat=yes username=<MY SIP PROVIDER USER NAME> defaultuser=<MY SIP PROVIDER USER NAME> fromuser=<MY SIP PROVIDER USER NAME> secret=xxx context=inbound I really don't know where to go with this. If anyone can help me find out why these calls are being dropped off, I'd be grateful if you could chime in! Please let me know if any further info is required.

Read the article
Set up linux box for secure local hosting a-z

- by microchasm

I am in the process of reinstalling the OS on a machine that will be used to host a couple of apps for our business. The apps will be local only; access from external clients will be via vpn only. The prior setup used a hosting control panel (Plesk) for most of the admin, and I was looking at using another similar piece of software for the reinstall - but I figured I should finally learn how it all works. I can do most of the things the software would do for me, but am unclear on the symbiosis of it all. This is all an attempt to further distance myself from the land of Configuration Programmer/Programmer, if at all possible. I can't find a full walkthrough anywhere for what I'm looking for, so I thought I'd put up this question, and if people can help me on the way I will edit this with the answers, and document my progress/pitfalls. Hopefully someday this will help someone down the line. The details: CentOS 5.5 x86_64 httpd: Apache/2.2.3 mysql: 5.0.77 (to be upgraded) php: 5.1 (to be upgraded) The requirements: SECURITY!! Secure file transfer Secure client access (SSL Certs and CA) Secure data storage Virtualhosts/multiple subdomains Local email would be nice, but not critical The Steps: Download latest CentOS DVD-iso (torrent worked great for me). Install CentOS: While going through the install, I checked the Server Components option thinking I was going to be using another Plesk-like admin. In hindsight, considering I've decided to try to go my own way, this probably wasn't the best idea. Basic config: Setup users, networking/ip address etc. Yum update/upgrade. Upgrade PHP/MySQL: To upgrade PHP and MySQL to the latest versions, I had to look to another repo outside CentOS. IUS looks great and I'm happy I found it! Add IUS repository to our package manager cd /tmp wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/epel-release-1-1.ius.el5.noarch.rpm rpm -Uvh epel-release-1-1.ius.el5.noarch.rpm wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1-4.ius.el5.noarch.rpm rpm -Uvh ius-release-1-4.ius.el5.noarch.rpm yum list | grep -w \.ius\. # list all the packages in the IUS repository; use this to find PHP/MySQL version and libraries you want to install Remove old version of PHP and install newer version from IUS rpm -qa | grep php # to list all of the installed php packages we want to remove yum shell # open an interactive yum shell remove php-common php-mysql php-cli #remove installed PHP components install php53 php53-mysql php53-cli php53-common #add packages you want transaction solve #important!! checks for dependencies transaction run #important!! does the actual installation of packages. [control+d] #exit yum shell php -v PHP 5.3.2 (cli) (built: Apr 6 2010 18:13:45) Upgrade MySQL from IUS repository /etc/init.d/mysqld stop rpm -qa | grep mysql # to see installed mysql packages yum shell remove mysql mysql-server #remove installed MySQL components install mysql51 mysql51-server mysql51-devel transaction solve #important!! checks for dependencies transaction run #important!! does the actual installation of packages. [control+d] #exit yum shell service mysqld start mysql -v Server version: 5.1.42-ius Distributed by The IUS Community Project Upgrade instructions courtesy of IUS wiki: http://wiki.iuscommunity.org/Doc/ClientUsageGuide Install rssh (restricted shell) to provide scp and sftp access, without allowing ssh login cd /tmp wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el5.rf.x86_64.rpm rpm -ivh rssh-2.3.2-1.2.el5.rf.x86_64.rpm useradd -m -d /home/dev -s /usr/bin/rssh dev passwd dev Edit /etc/rssh.conf to grant access to SFTP to rssh users. vi /etc/rssh.conf Uncomment or add: allowscp allowsftp This allows me to connect to the machine via SFTP protocol in Transmit (my FTP program of choice; I'm sure it's similar with other FTP apps). rssh instructions appropriated (with appreciation!) from http://www.cyberciti.biz/tips/linux-unix-restrict-shell-access-with-rssh.html Set up virtual interfaces ifconfig eth1:1 192.168.1.3 up #start up the virtual interface cd /etc/sysconfig/network-scripts/ cp ifcfg-eth1 ifcfg-eth1:1 #copy default script and match name to our virtual interface vi ifcfg-eth1:1 #modify eth1:1 script #ifcfg-eth1:1 | modify so it looks like this: DEVICE=eth1:1 IPADDR=192.168.1.3 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes NAME=eth1:1 Add more Virtual interfaces as needed by repeating. Because of the ONBOOT=yes line in the ifcfg-eth1:1 file, this interface will be brought up when the system boots, or the network starts/restarts. service network restart Shutting down interface eth0: [ OK ] Shutting down interface eth1: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] Bringing up interface eth1: [ OK ] ping 192.168.1.3 64 bytes from 192.168.1.3: icmp_seq=1 ttl=64 time=0.105 ms Virtualhosts In the rssh section above I added a user to use for SFTP. In this users' home directory, I created a folder called 'https'. This is where the documents for this site will live, so I need to add a virtualhost that will point to it. I will use the above virtual interface for this site (herein called dev.site.local). vi /etc/http/conf/httpd.conf Add the following to the end of httpd.conf: <VirtualHost 192.168.1.3:80> ServerAdmin [email protected] DocumentRoot /home/dev/https ServerName dev.site.local ErrorLog /home/dev/logs/error_log TransferLog /home/dev/logs/access_log </VirtualHost> I put a dummy index.html file in the https directory just to check everything out. I tried browsing to it, and was met with permission denied errors. The logs only gave an obscure reference to what was going on: [Mon May 17 14:57:11 2010] [error] [client 192.168.1.100] (13)Permission denied: access to /index.html denied I tried chmod 777 et. al., but to no avail. Turns out, I needed to chmod+x the https directory and its' parent directories. chmod +x /home chmod +x /home/dev chmod +x /home/dev/https This solved that problem. DNS I'm handling DNS via our local Windows Server 2003 box. However, the CentOS documentation for BIND can be found here: http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-bind.html SSL To get SSL working, I changed the following in httpd.conf: NameVirtualHost 192.168.1.3:443 #make sure this line is in httpd.conf <VirtualHost 192.168.1.3:443> #change port to 443 ServerAdmin [email protected] DocumentRoot /home/dev/https ServerName dev.site.local ErrorLog /home/dev/logs/error_log TransferLog /home/dev/logs/access_log </VirtualHost> Unfortunately, I keep getting (Error code: ssl_error_rx_record_too_long) errors when trying to access a page with SSL. As JamesHannah gracefully pointed out below, I had not set up the locations of the certs in httpd.conf, and thusly was getting the page thrown at the broswer as the cert making the browser balk. So first, I needed to set up a CA and make certificate files. I found a great (if old) walkthrough on the process here: http://www.debian-administration.org/articles/284. Here are the relevant steps I took from that article: mkdir /home/CA cd /home/CA/ mkdir newcerts private echo '01' > serial touch index.txt #this and the above command are for the database that will keep track of certs Create an openssl.cnf file in the /home/CA/ dir and edit it per the walkthrough linked above. (For reference, my finished openssl.cnf file looked like this: http://pastebin.com/raw.php?i=hnZDij4T) openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 3650 -config ./openssl.cnf #this creates the cacert.pem which gets distributed and imported to the browser(s) Modified openssl.cnf again per walkthrough instructions. openssl req -new -nodes -out dev.req.pem -config ./openssl.cnf #generates certificate request, and key.pem which I renamed dev.key.pem. Modified openssl.cnf again per walkthrough instructions. openssl ca -out dev.cert.pem -config ./openssl.cnf -infiles dev.req.pem #create and sign certificate. cp dev.cert.pem /home/dev/certs/cert.pem cp dev.key.pem /home/certs/key.pem I updated httpd.conf to reflect the certs and turn SSLEngine on: NameVirtualHost 192.168.1.3:443 <VirtualHost 192.168.1.3:443> ServerAdmin [email protected] DocumentRoot /home/dev/https SSLEngine on SSLCertificateFile /home/dev/certs/cert.pem SSLCertificateKeyFile /home/dev/certs/key.pem ServerName dev.site.local ErrorLog /home/dev/logs/error_log TransferLog /home/dev/logs/access_log </VirtualHost> Put the CA cert.pem in a web-accessible place, and downloaded/imported it into my browser. Now I can visit https://dev.site.local with no errors or warnings. And this is where I'm at. I will keep editing this as I make progress. Any tips on how to configure SSL email would be appreciated.

Read the article
Unable to PPTP through NAT on Cisco 881

- by MasterRoot24

I'm trying to connect to a PPTP server which is sat behind a Cisco 881 NAT router. The server is running Ubuntu Server 12.04 and is running Poptop pptpd as the PPTP daemon listening for connections. As discussed in my other question, I'm trying to setup a Cisco 881 router to replace my old Linksys WAG320N. This same server and WAN connection worked fine with the WAG320N with no special configuration, other than allowing 1723 in through the firewall. On the Cisco 881, I'm using the newer ip nat enable or NAT NVI to setup static routes in through the firewall for the services running behind the router. My reason being that I can't run another copy of my live DNS domains internally with local IP addresses in. For the purposes of this question, though, I have rebuilt the router with ip nat inside/outside style NAT'ing, but this issue is still apparent. HTTP/SMTP/IMAP etc. all work ok from both the WAN and LAN interfaces of the router. I'm only having issues with SIP (see other question) and PPTP. My issue is that the GRE doesn't appear to be passing through NAT correctly and one end of the connection is not receiving GRE traffic when it should be, so the server hangs up the connection. Here's an example of /var/log/syslog with debug enabled in /etc/pptpd.conf: Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: MGR: Launching /usr/sbin/pptpctrl to handle client Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: local address = 192.168.1.50 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: remote address = 192.168.1.51 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: pppd options file = /etc/ppp/pptpd-options Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Client 82.132.248.216 control connection started Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Received PPTP Control Message (type: 1) Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Made a START CTRL CONN RPLY packet Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: I wrote 156 bytes to the client. Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Sent packet to client Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Received PPTP Control Message (type: 7) Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Set parameters to 100000000 maxbps, 64 window size Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Made a OUT CALL RPLY packet Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Starting call (launching pppd, opening GRE) Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: pty_fd = 6 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: tty_fd = 7 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: I wrote 32 bytes to the client. Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Sent packet to client Dec 11 21:06:30 <HOSTNAME> pptpd[22627]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd Dec 11 21:06:30 <HOSTNAME> pptpd[22627]: CTRL (PPPD Launcher): local address = 192.168.1.50 Dec 11 21:06:30 <HOSTNAME> pptpd[22627]: CTRL (PPPD Launcher): remote address = 192.168.1.51 Dec 11 21:06:30 <HOSTNAME> pppd[22627]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Dec 11 21:06:30 <HOSTNAME> pppd[22627]: pppd 2.4.5 started by root, uid 0 Dec 11 21:06:30 <HOSTNAME> pppd[22627]: Using interface ppp0 Dec 11 21:06:30 <HOSTNAME> pppd[22627]: Connect: ppp0 <--> /dev/pts/3 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: GRE: Bad checksum from pppd. Dec 11 21:06:31 <HOSTNAME> pptpd[22626]: CTRL: Received PPTP Control Message (type: 15) Dec 11 21:06:31 <HOSTNAME> pptpd[22626]: CTRL: Got a SET LINK INFO packet with standard ACCMs Dec 11 21:07:00 <HOSTNAME> pppd[22627]: LCP: timeout sending Config-Requests Dec 11 21:07:00 <HOSTNAME> pppd[22627]: Connection terminated. Dec 11 21:07:00 <HOSTNAME> avahi-daemon[1042]: Withdrawing workstation service for ppp0. Dec 11 21:07:00 <HOSTNAME> pppd[22627]: Modem hangup Dec 11 21:07:00 <HOSTNAME> pppd[22627]: Exit. Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: GRE: read(fd=6,buffer=6075a0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7) Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: CTRL: Reaping child PPP[22627] Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: CTRL: Client 82.132.248.216 control connection finished Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: CTRL: Exiting now Dec 11 21:07:00 <HOSTNAME> pptpd[5803]: MGR: Reaped child 22626 As far as Cisco are concerned, all I need is ip nat source static tcp <SERVER LAN IP> 1723 interface FastEthernet4 1723 but of course this doesn't seem to the be helping the GRE traffic through as it should. Trying the connection to the LAN IP of the server from the same LAN as the server (behind the router), the PPTP connection works fine, so I'm confident that the server's config is ok. Furthermore, all I needed on my WAG320N was to open 1723 in the firewall. Here's my current router config: ! ! Last configuration change at 20:20:15 UTC Tue Dec 11 2012 by xxx version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname xxx ! boot-start-marker boot-end-marker ! ! enable secret 4 xxxx ! aaa new-model ! ! aaa authentication login local_auth local ! ! ! ! ! aaa session-id common ! memory-size iomem 10 ! crypto pki trustpoint TP-self-signed-xxx enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-xxx revocation-check none rsakeypair TP-self-signed-xxx ! ! crypto pki certificate chain TP-self-signed-xxx certificate self-signed 01 xxx quit ip gratuitous-arps ip auth-proxy max-login-attempts 5 ip admission max-login-attempts 5 ! ! ! ! ! ip domain list dmz.xxx.local ip domain list xxx.local ip domain name dmz.xxx.local ip name-server 192.168.1.x ip cef login block-for 3 attempts 3 within 3 no ipv6 cef ! ! multilink bundle-name authenticated license udi pid CISCO881-SEC-K9 sn xxx ! ! username admin privilege 15 secret 4 xxx username joe secret 4 xxx ! ! ! ! ! ip ssh time-out 60 ! ! ! ! ! ! ! ! ! interface FastEthernet0 no ip address ! interface FastEthernet1 no ip address ! interface FastEthernet2 no ip address ! interface FastEthernet3 switchport access vlan 2 no ip address ! interface FastEthernet4 ip address dhcp ip nat enable duplex auto speed auto ! interface Vlan1 ip address 192.168.1.x 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip nat enable ! interface Vlan2 ip address 192.168.0.x 255.255.255.0 ! ip forward-protocol nd ip http server ip http access-class 1 ip http authentication local ip http secure-server ! ! ip nat source list 1 interface FastEthernet4 overload ip nat source list 2 interface FastEthernet4 overload ip nat source static tcp 192.168.1.x 1723 interface FastEthernet4 1723 ! ! access-list 1 permit 192.168.0.0 0.0.0.255 access-list 2 permit 192.168.1.0 0.0.0.255 ! ! ! ! control-plane ! ! banner motd Authorized Access only ! line con 0 exec-timeout 15 0 login authentication local_auth line aux 0 exec-timeout 15 0 login authentication local_auth line vty 0 4 access-class 2 in login authentication local_auth length 0 transport input all ! ! end UPDATE 16/12/2012: The only progress that I have been able to make on this issue is that I'm confident that the issue is caused by the GRE tunnels (which are required for the PPTP connection to complete) are being blocked. When attempting a connection, I can see in show ip nat nvi translations that both a TCP translation on 1723 is setup and also a GRE translation is setup also. I appear to be able to see GRE related packets on the LAN that the server is on, so I am lead to believe that the server is sending(?) GRE packets, however running Wireshark on a client PC when attempting a connection shows absolutely no GRE packets. Whilst there are no configuration directives in my config posted above (that I can pin point) which would specifically block them, it would appear that the GRE packets are not being allowed in/out of the router's firewall, even though a NAT translation entry is setup to the server's LAN address. Would anyone be able to provide me with some help to ensure that GRE packets are not blocked by the router's firewall, so that this can be ruled out as a possible issue please?

Read the article
"Invalid provider type specified" when signing clickonce manifest in VS2008

- by Mark

I have a certificate issued by a CA on our intranet (it's a V3 sha1 pfx file). When I use this in the signing part of my clickonce (vsto addin) project, I get the error: C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v9.0\OfficeTools\Microsoft.VisualStudio.Tools.Office.Office2007.targets(250,9): error MSB3482: An error occurred while signing: Invalid provider type specified. Does anyone know what's going on here? Thanks!

Read the article
IIS SSL error "ssl_error_rx_record_too_long"

- by Kostas

I have created a certificate using the following SSL command: makecert -r -pe -n "CN=www.yourserver.com" -b 01/01/2000 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 I assigned it to a web site on IIS, but when I try to hit the url of the web site I receive: "SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)" when using Firefox. May somebody help? Thanks

Read the article
X509Certificate.Export Method

- by klerik123456

I try export cert .pfx : string certPath = "D:\\cert.pfx"; cert = new X509Certificate2(certPath, "pass"); byte[] certData = cert.Export(X509ContentType.Pfx,"pass"); /// **error in this line** X509Certificate newCert = new X509Certificate(certData,"pass"); But it finish with this error : Key not valid for use in specified state. Can somebody help me ?? Any solution as export certificate from store ??

Read the article
Dynamic PDF Generation from HTML form tool

- by user289833

I would like to create a service that would take 2 fields (name & company name) from an HTML form and place it in a PDF document (a completion certificate that the user can print/save etc.) How would you recommend doing this?

Read the article
WCF security when it is used with sync services

- by malik

I am using following architecture for sync process. http://www.codeproject.com/KB/smart/sync_services.aspx And for server i use WCF service, can anybody guide me how can i secure my wcf service without using certificate that is hosted on IIS. Can i get a way to pass credential or some token to authenticate? I need to authenticate and encrypt the communication, when syncagent call synchronise method.

Read the article
How do I correctly set up Application Request Routing in IIS7 to route SSL requests?

- by Matthew Belk

I have a 3-node web farm being managed by IIS7 and Application Request Routing. I have a folder hierarchy in my web app that needs to be secured via SSL. What is the best practice for getting ARR to correctly route these SSL requests? I have installed the same certificate on all web farm servers and the server running ARR. I have tried enabling and disabling the SSL Off-loading feature Thanks, Matthew

Read the article
glassfish v3.0 hangs no app is ever deployed and no error is ever shown

- by Samuel Lopez

I have a web app that uses JSF 2.0 with richFaces and primeFaces, hibernate and java and I use NetBeans 7.1.2 as the IDE when I run the app the glassfish server is started and the log shows this: Launching GlassFish on Felix platform Información: Running GlassFish Version: GlassFish Server Open Source Edition 3.1.2 (build 23) Información: Grizzly Framework 1.9.46 started in: 20ms - bound to [0.0.0.0:4848] Información: Grizzly Framework 1.9.46 started in: 32ms - bound to [0.0.0.0:8181] Información: Grizzly Framework 1.9.46 started in: 59ms - bound to [0.0.0.0:8080] Información: Grizzly Framework 1.9.46 started in: 32ms - bound to [0.0.0.0:3700] Información: Grizzly Framework 1.9.46 started in: 21ms - bound to [0.0.0.0:7676] Información: Registered org.glassfish.ha.store.adapter.cache.ShoalBackingStoreProxy for persistence-type = replicated in BackingStoreFactoryRegistry Información: SEC1002: Security Manager is OFF. Información: SEC1010: Entering Security Startup Service Información: SEC1143: Loading policy provider com.sun.enterprise.security.provider.PolicyWrapper. Información: SEC1115: Realm [admin-realm] of classtype [com.sun.enterprise.security.auth.realm.file.FileRealm] successfully created. Información: SEC1115: Realm [file] of classtype [com.sun.enterprise.security.auth.realm.file.FileRealm] successfully created. Información: SEC1115: Realm [certificate] of classtype [com.sun.enterprise.security.auth.realm.certificate.CertificateRealm] successfully created. Información: SEC1011: Security Service(s) Started Successfully Información: WEB0169: Created HTTP listener [http-listener-1] on host/port [0.0.0.0:8080] Información: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181] Información: WEB0169: Created HTTP listener [admin-listener] on host/port [0.0.0.0:4848] Información: WEB0171: Created virtual server [server] Información: WEB0171: Created virtual server [__asadmin] Información: WEB0172: Virtual server [server] loaded default web module [] Información: Inicializando Mojarra 2.1.6 (SNAPSHOT 20111206) para el contexto '/test' Información: Hibernate Validator 4.2.0.Final Información: WEB0671: Loading application [test] at [/test] Información: CORE10010: Loading application test done in 4,885 ms Información: GlassFish Server Open Source Edition 3.1.2 (23) startup time : Felix (1,848ms), startup services(5,600ms), total(7,448ms) Información: JMX005: JMXStartupService had Started JMXConnector on JMXService URL service:jmx:rmi://SJ007:8686/jndi/rmi://SJ007:8686/jmxrmi Información: WEB0169: Created HTTP listener [http-listener-1] on host/port [0.0.0.0:8080] Información: Grizzly Framework 1.9.46 started in: 14ms - bound to [0.0.0.0:8080] Información: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181] Información: Grizzly Framework 1.9.46 started in: 12ms - bound to [0.0.0.0:8181] but right there it hangs and the deploy bar keeps running but no more actions are shown, nothing else is logged either it just stays there until I stop the deploy Is there any other error log to debug glassfish server? Any thoughts? I have re installed glassfish and NetBeans but it all seems the same. I think this started happening after I had to force-restart my computer with NetBeans stil open and the app deployed, but it's hard to know for sure if this was the real catalyst. Any thoughts or help is appreciated thanks. Is it an app error? if so why no errors in the log are shown?

Read the article
ssl multi domain website

- by NetParis

We need to secure a multi-langual web application with SSL (registration, login,..). However, this application is accessed by different domain names, exactly a domain name for each language (domainName.co.uk, domainName.fr, domainName.it and so on). We're looking for the simplest and cheapest solution. We don't want to purchase a certificate for each domain name. Some one has an idea ? the web server : IIS 6 Thanks

Read the article
unrecognized selector sent to instance in xcode using objective c and sup as backend

- by user1765037

I am a beginner in native development.I made a project using xcode in objective C.It builded successfully.But when I run the project ,an error came like 'unrecognized selector sent to instance'.Why this is happening ?can anyone help me to solve this?I am attaching the error that I am getting with this.. And I am posting the code with this.... ConnectionController.m #import "ConnectionController.h" #import "SUPApplication.h" #import "Flight_DetailsFlightDB.h" #import "CallbackHandler.h" @interface ConnectionController() @property (nonatomic,retain)CallbackHandler *callbackhandler; @end @implementation ConnectionController @synthesize callbackhandler; static ConnectionController *appConnectionController; //Begin Application Setup +(void)beginApplicationSetup { if(!appConnectionController) { appConnectionController = [[[ConnectionController alloc]init]retain]; appConnectionController.callbackhandler = [[CallbackHandler getInstance]retain]; } if([SUPApplication connectionStatus] == SUPConnectionStatus_DISCONNECTED) [appConnectionController setupApplicationConnection]; else NSLog(@"Already Connected"); } -(BOOL)setupApplicationConnection { SUPApplication *app = [SUPApplication getInstance]; [app setApplicationIdentifier:@"HWC"]; [app setApplicationCallback:self.callbackhandler]; NSLog(@"inside setupApp"); SUPConnectionProperties *properties = [app connectionProperties]; NSLog(@"server"); [properties setServerName:@"sapecxxx.xxx.com"]; NSLog(@"inside setupAppser"); [properties setPortNumber:5001]; NSLog(@"inside setupApppot"); [properties setFarmId:@"0"]; NSLog(@"inside setupAppfarm"); [properties setUrlSuffix:@"/tm/?cid=%cid%"]; NSLog(@"inside setupAppurlsuff"); [properties setNetworkProtocol:@"http"]; SUPLoginCredentials *loginCred = [SUPLoginCredentials getInstance]; NSLog(@"inside setupAppmac"); [loginCred setUsername:@"mac"]; [loginCred setPassword:nil]; [properties setLoginCredentials:loginCred]; [properties setActivationCode:@"1234"]; if(![Flight_DetailsFlightDB databaseExists]) { [Flight_DetailsFlightDB createDatabase]; } SUPConnectionProfile *connprofile = [Flight_DetailsFlightDB getSynchronizationProfile]; [connprofile setNetworkProtocol:@"http"]; NSLog(@"inside setupAppPort2"); [connprofile setPortNumber:2480]; NSLog(@"inside setupAppser2"); [connprofile setServerName:@"sapecxxx.xxx.com"]; NSLog(@"inside setupAppdom2"); [connprofile setDomainName:@"Development"]; NSLog(@"inside setupAppuser"); [connprofile setUser:@"supAdmin"]; [connprofile setPassword:@"s3pAdmin"]; [connprofile setAsyncReplay:YES]; [connprofile setClientId:@"0"]; // [Flight_DetailsFlightDB beginOnlineLogin:@"supAdmin" password:@"s3pAdmin"]; [Flight_DetailsFlightDB registerCallbackHandler:self.callbackhandler]; [Flight_DetailsFlightDB setApplication:app]; if([SUPApplication connectionStatus] == SUPRegistrationStatus_REGISTERED) { [app startConnection:0]; } else { [app registerApplication:0]; } } @end ViewController.m #import "Demo_FlightsViewController.h" #import "ConnectionController.h" #import "Flight_DetailsFlightDB.h" #import "SUPObjectList.h" #import "Flight_DetailsSessionPersonalization.h" #import "Flight_DetailsFlight_MBO.h" #import "Flight_DetailsPersonalizationParameters.h" @interface Demo_FlightsViewController () @end @implementation Demo_FlightsViewController - (void)viewDidLoad { [super viewDidLoad]; // Do any additional setup after loading the view, typically from a nib. } -(IBAction)Connect:(id)sender { @try { [ConnectionController beginApplicationSetup]; } @catch (NSException *exception) { NSLog(@"ConnectionAborted"); } // synchronise } -(IBAction)Synchronise:(id)sender { @try { [Flight_DetailsFlightDB synchronize]; NSLog(@"SYNCHRONISED"); } @catch (NSException *exception) { NSLog(@"Synchronisation Failed"); } } -(IBAction)findall:(id)sender { SUPObjectList *list = [Flight_DetailsSessionPersonalization findAll]; NSLog(@"no of lines got synchronised is %d",list.size); } -(IBAction)confirm:(id)sender { Flight_DetailsPersonalizationParameters *pp = [Flight_DetailsFlightDB getPersonalizationParameters]; MBOLogInfo(@"personalisation parmeter for airline id= %@",pp.Airline_PK); [pp setAirline_PK:@"AA"]; [pp save]; while([Flight_DetailsFlightDB hasPendingOperations]) { [NSThread sleepForTimeInterval:1]; } NSLog(@"inside confirm............"); [Flight_DetailsFlightDB beginSynchronize]; Flight_DetailsFlight_MBO *flight = nil; SUPObjectList *cl = nil; cl =[Flight_DetailsFlight_MBO findAll]; if(cl && cl.length > 0) { int i; for(i=0;i<cl.length;i++) { flight = [cl item:i]; if(flight) { NSLog(@"details are %@",flight.CITYFROM); } } } } - (void)viewDidUnload { [super viewDidUnload]; // Release any retained subviews of the main view. } - (BOOL)shouldAutorotateToInterfaceOrientation:(UIInterfaceOrientation)interfaceOrientation { return (interfaceOrientation != UIInterfaceOrientationPortraitUpsideDown); } @end SUPConnectionProfile.h #import "sybase_sup.h" #define FROM_IMPORT_THREAD TRUE #define FROM_APP_THREAD FALSE #define SUP_UL_MAX_CACHE_SIZE 10485760 @class SUPBooleanUtil; @class SUPNumberUtil; @class SUPStringList; @class SUPStringUtil; @class SUPPersistenceException; @class SUPLoginCertificate; @class SUPLoginCredentials; @class SUPConnectionProfile; /*! @class SUPConnectionProfile @abstract This class contains fields and methods needed to connect and authenticate to an SUP server. @discussion */ @interface SUPConnectionProfile : NSObject { SUPConnectionProfile* _syncProfile; SUPBoolean _threadLocal; SUPString _wrapperData; NSMutableDictionary* _delegate; SUPLoginCertificate* _certificate; SUPLoginCredentials* _credentials; int32_t _maxDbConnections; BOOL initTraceCalled; } /*! @method @abstract Return a new instance of SUPConnectionProfile. @discussion @result The SUPconnectionprofile object. */ + (SUPConnectionProfile*)getInstance; /*! @method @abstract Return a new instance of SUPConnectionProfile. @discussion This method is deprecated. use getInstance instead. @result The SUPconnectionprofile object. */ + (SUPConnectionProfile*)newInstance DEPRECATED_ATTRIBUTE NS_RETURNS_NON_RETAINED; - (SUPConnectionProfile*)init; /*! @property @abstract The sync profile. @discussion */ @property(readwrite, retain, nonatomic) SUPConnectionProfile* syncProfile; /*! @property @abstract The maximum number of active DB connections allowed @discussion Default value is 4, but can be changed by application developer. */ @property(readwrite, assign, nonatomic) int32_t maxDbConnections; /*! @method @abstract The SUPConnectionProfile manages an internal dictionary of key value pairs. This method returns the SUPString value for a given string. @discussion @param name The string. */ - (SUPString)getString:(SUPString)name; /*! @method @abstract The SUPConnectionProfile manages an internal dictionary of key value pairs. This method returns the SUPString value for a given string. If the value is not found, returns 'defaultValue'. @discussion @param name The string. @param defaultValue The default Value. */ - (SUPString)getStringWithDefault:(SUPString)name:(SUPString)defaultValue; /*! @method @abstract The SUPConnectionProfile manages an internal dictionary of key value pairs. This method returns the SUPBoolean value for a given string. @discussion @param name The string. */ - (SUPBoolean)getBoolean:(SUPString)name; /*! @method @abstract The SUPConnectionProfile manages an internal dictionary of key value pairs. This method returns the SUPBoolean value for a given string. If the value is not found, returns 'defaultValue'. @discussion @param name The string. @param defaultValue The default Value. */ - (SUPBoolean)getBooleanWithDefault:(SUPString)name:(SUPBoolean)defaultValue; /*! @method @abstract The SUPConnectionProfile manages an internal dictionary of key value pairs. This method returns the SUPInt value for a given string. @discussion @param name The string. */ - (SUPInt)getInt:(SUPString)name; /*! @method @abstract The SUPConnectionProfile manages an internal dictionary of key value pairs. This method returns the SUPInt value for a given string. If the value is not found, returns 'defaultValue'. @discussion @param name The string. @param defaultValue The default Value. */ - (SUPInt)getIntWithDefault:(SUPString)name:(SUPInt)defaultValue; /*! @method getUPA @abstract retrieve upa from profile @discussion if it is in profile's dictionary, it returns value for key "upa"; if it is not found in profile, it composes the upa value from base64 encoding of username:password; and also inserts it into profile's dictionary. @param none @result return string value of upa. */ - (SUPString)getUPA; /*! @method @abstract Sets the SUPString 'value' for the given 'name'. @discussion @param name The name. @param value The value. */ - (void)setString:(SUPString)name:(SUPString)value; /*! @method @abstract Sets the SUPBoolean 'value' for the given 'name'. @discussion @param name The name. @param value The value. */ - (void)setBoolean:(SUPString)name:(SUPBoolean)value; /*! @method @abstract Sets the SUPInt 'value' for the given 'name'. @discussion @param name The name. @param value The value. */ - (void)setInt:(SUPString)name:(SUPInt)value; /*! @method @abstract Sets the username. @discussion @param value The value. */ - (void)setUser:(SUPString)value; /*! @method @abstract Sets the password. @discussion @param value The value. */ - (void)setPassword:(SUPString)value; /*! @method @abstract Sets the ClientId. @discussion @param value The value. */ - (void)setClientId:(SUPString)value; /*! @method @abstract Returns the databasename. @discussion @param value The value. */ - (SUPString)databaseName; /*! @method @abstract Sets the databasename. @discussion @param value The value. */ - (void)setDatabaseName:(SUPString)value; @property(readwrite,copy, nonatomic) SUPString databaseName; /*! @method @abstract Gets the encryption key. @discussion @result The encryption key. */ - (SUPString)getEncryptionKey; /*! @method @abstract Sets the encryption key. @discussion @param value The value. */ - (void)setEncryptionKey:(SUPString)value; @property(readwrite,copy, nonatomic) SUPString encryptionKey; /*! @property @abstract The authentication credentials (username/password or certificate) for this profile. @discussion */ @property(retain,readwrite,nonatomic) SUPLoginCredentials *credentials; /*! @property @abstract The authentication certificate. @discussion If this is not null, certificate will be used for authentication. If this is null, credentials property (username/password) will be used. */ @property(readwrite,retain,nonatomic) SUPLoginCertificate *certificate; @property(readwrite, assign, nonatomic) BOOL initTraceCalled; /*! @method @abstract Gets the UltraLite collation creation parameter @discussion @result conllation string */ - (SUPString)getCollation; /*! @method @abstract Sets the UltraLite collation creation parameter @discussion @param value The value. */ - (void)setCollation:(SUPString)value; @property(readwrite,copy, nonatomic) SUPString collation; /*! @method @abstract Gets the maximum cache size in bytes; the default value for iOS is 10485760 (10 MB). @discussion @result max cache size */ - (int)getCacheSize; /*! @method @abstract Sets the maximum cache size in bytes. @discussion For Ultralite, passes the cache_max_size property into the connection parameters for DB connections; For SQLite, executes the "PRAGMA cache_size" statement when a connection is opened. @param cacheSize value */ - (void)setCacheSize:(int)cacheSize; @property(readwrite,assign, nonatomic) int cacheSize; /*! @method @abstract Returns the user. @discussion @result The username. */ - (SUPString)getUser; /*! @method @abstract Returns the password hash value. @discussion @result The password hash value. */ - (NSUInteger)getPasswordHash; /*! @method @abstract Returns the password. @discussion @result The password hash value. */ - (NSString*)getPassword; /*! @method @abstract Adds a new key value pair. @discussion @param key The key. @param value The value. */ - (void)add:(SUPString)key:(SUPString)value; /*! @method @abstract Removes the key. @discussion @param key The key to remove. */ - (void)remove:(SUPString)key; - (void)clear; /*! @method @abstract Returns a boolean indicating if the key is present. @discussion @param key The key. @result The result indicating if the key is present. */ - (SUPBoolean)containsKey:(SUPString)key; /*! @method @abstract Returns the item for the given key. @discussion @param key The key. @result The item. */ - (SUPString)item:(SUPString)key; /*! @method @abstract Returns the list of keys. @discussion @result The keylist. */ - (SUPStringList*)keys; /*! @method @abstract Returns the list of values. @discussion @result The value list. */ - (SUPStringList*)values; /*! @method @abstract Returns the internal map of key value pairs. @discussion @result The NSMutableDictionary with key value pairs. */ - (NSMutableDictionary*)internalMap; /*! @method @abstract Returns the domain name. @result The domain name. @discussion */ - (SUPString)getDomainName; /*! @method @abstract Sets the domain name. @param value The domain name. @discussion */ - (void)setDomainName:(SUPString)value; /*! @method @abstract Get async operation replay property. Default is true. @result YES : if ansync operation replay is enabled; NO: if async operation is disabled. @discussion */ - (BOOL) getAsyncReplay; /*! @method @abstract Set async operation replay property. Default is true. @result value: enable/disable async replay operation. @discussion */ - (void) setAsyncReplay:(BOOL) value; /*! @method @abstract enable or disable the trace in client object API. @param enable - YES: enable the trace; NO: disable the trace. @discussion */ - (void)enableTrace:(BOOL)enable; /*! @method @abstract enable or disable the trace with payload info in client object API. @param enable - YES: enable the trace; NO: disable the trace. @param withPayload = YES: show payload information; NO: not show payload information. @discussion */ - (void)enableTrace:(BOOL)enable withPayload:(BOOL)withPayload; /*! @method @abstract initialize trace levels from server configuration. @discussion */ - (void)initTrace; - (void)dealloc; /* ultralite/mobilink required parameters */ - (SUPString)getNetworkProtocol; - (void)setNetworkProtocol:(SUPString)protocol; - (SUPString)getNetworkStreamParams; - (void)setNetworkStreamParams:(SUPString)stream; - (SUPString)getServerName; - (void)setServerName:(SUPString)name; - (int)getPortNumber; - (void)setPortNumber:(int)port; - (int)getPageSize; - (void)setPageSize:(int)size; @end @interface SUPConnectionProfile(internal) - (void)applyPropertiesFromApplication; @end We are using SUP 2.1.3 library files.Please go through the code and help me...

Read the article
Python3: ssl cert information

- by MadSc13ntist

I have been trying to get information regarding expired ssl certificates using python 3 but it would be nice to be able to get as verbose a workup as possible. any takers? So far i have been trying to use urllib.request to get this info (to no avail), does this strike anyone as foolish? I have seen some examples of similar work using older versions of python, but nothing using v3. http://objectmix.com/python/737581-re-urllib-getting-ssl-certificate-info.html http://www.mail-archive.com/[email protected]/msg208150.html

Read the article
Trouble linking libboost libraries to compile sslsniff on RHEL

- by rwong48

Trying to build sslsniff on a RHEL 5.2 system here. When compiling sslsniff on RHEL I hit the same errors when using libboost packages (from repositories like rpmforge) and compiling libboost from source (which appeared to be successful.) I tried this on a fresh system as well (no previous/failed/garbage installs of libboost etc.) # make g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT SSLConnectionManager.o -MD -MP -MF .deps/SSLConnectionManager.Tpo -c -o SSLConnectionManager.o SSLConnectionManager.cpp mv -f .deps/SSLConnectionManager.Tpo .deps/SSLConnectionManager.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT FirefoxUpdater.o -MD -MP -MF .deps/FirefoxUpdater.Tpo -c -o FirefoxUpdater.o FirefoxUpdater.cpp mv -f .deps/FirefoxUpdater.Tpo .deps/FirefoxUpdater.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT Logger.o -MD -MP -MF .deps/Logger.Tpo -c -o Logger.o Logger.cpp mv -f .deps/Logger.Tpo .deps/Logger.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT SessionCache.o -MD -MP -MF .deps/SessionCache.Tpo -c -o SessionCache.o SessionCache.cpp mv -f .deps/SessionCache.Tpo .deps/SessionCache.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT SSLBridge.o -MD -MP -MF .deps/SSLBridge.Tpo -c -o SSLBridge.o SSLBridge.cpp mv -f .deps/SSLBridge.Tpo .deps/SSLBridge.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT HTTPSBridge.o -MD -MP -MF .deps/HTTPSBridge.Tpo -c -o HTTPSBridge.o HTTPSBridge.cpp mv -f .deps/HTTPSBridge.Tpo .deps/HTTPSBridge.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT sslsniff.o -MD -MP -MF .deps/sslsniff.Tpo -c -o sslsniff.o sslsniff.cpp mv -f .deps/sslsniff.Tpo .deps/sslsniff.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT FingerprintManager.o -MD -MP -MF .deps/FingerprintManager.Tpo -c -o FingerprintManager.o FingerprintManager.cpp mv -f .deps/FingerprintManager.Tpo .deps/FingerprintManager.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT AuthorityCertificateManager.o -MD -MP -MF .deps/AuthorityCertificateManager.Tpo -c -o AuthorityCertificateManager.o `test -f 'certificate/AuthorityCertificateManager.cpp' || echo './'`certificate/AuthorityCertificateManager.cpp mv -f .deps/AuthorityCertificateManager.Tpo .deps/AuthorityCertificateManager.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT TargetedCertificateManager.o -MD -MP -MF .deps/TargetedCertificateManager.Tpo -c -o TargetedCertificateManager.o `test -f 'certificate/TargetedCertificateManager.cpp' || echo './'`certificate/TargetedCertificateManager.cpp mv -f .deps/TargetedCertificateManager.Tpo .deps/TargetedCertificateManager.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT CertificateManager.o -MD -MP -MF .deps/CertificateManager.Tpo -c -o CertificateManager.o `test -f 'certificate/CertificateManager.cpp' || echo './'`certificate/CertificateManager.cpp mv -f .deps/CertificateManager.Tpo .deps/CertificateManager.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT HttpBridge.o -MD -MP -MF .deps/HttpBridge.Tpo -c -o HttpBridge.o `test -f 'http/HttpBridge.cpp' || echo './'`http/HttpBridge.cpp mv -f .deps/HttpBridge.Tpo .deps/HttpBridge.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT HttpConnectionManager.o -MD -MP -MF .deps/HttpConnectionManager.Tpo -c -o HttpConnectionManager.o `test -f 'http/HttpConnectionManager.cpp' || echo './'`http/HttpConnectionManager.cpp mv -f .deps/HttpConnectionManager.Tpo .deps/HttpConnectionManager.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT HttpHeaders.o -MD -MP -MF .deps/HttpHeaders.Tpo -c -o HttpHeaders.o `test -f 'http/HttpHeaders.cpp' || echo './'`http/HttpHeaders.cpp mv -f .deps/HttpHeaders.Tpo .deps/HttpHeaders.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT UpdateManager.o -MD -MP -MF .deps/UpdateManager.Tpo -c -o UpdateManager.o UpdateManager.cpp mv -f .deps/UpdateManager.Tpo .deps/UpdateManager.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT OCSPDenier.o -MD -MP -MF .deps/OCSPDenier.Tpo -c -o OCSPDenier.o `test -f 'http/OCSPDenier.cpp' || echo './'`http/OCSPDenier.cpp mv -f .deps/OCSPDenier.Tpo .deps/OCSPDenier.Po g++ -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE=\"sslsniff\" -DVERSION=\"0.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -I. -ggdb -g -O2 -MT FirefoxAddonUpdater.o -MD -MP -MF .deps/FirefoxAddonUpdater.Tpo -c -o FirefoxAddonUpdater.o FirefoxAddonUpdater.cpp mv -f .deps/FirefoxAddonUpdater.Tpo .deps/FirefoxAddonUpdater.Po g++ -ggdb -g -O2 -lssl -lboost_filesystem -lpthread -lboost_thread -llog4cpp -o sslsniff SSLConnectionManager.o FirefoxUpdater.o Logger.o SessionCache.o SSLBridge.o HTTPSBridge.o sslsniff.o FingerprintManager.o AuthorityCertificateManager.o TargetedCertificateManager.o CertificateManager.o HttpBridge.o HttpConnectionManager.o HttpHeaders.o UpdateManager.o OCSPDenier.o FirefoxAddonUpdater.o SSLConnectionManager.o: In function `__static_initialization_and_destruction_0': /usr/local/include/boost/system/error_code.hpp:208: undefined reference to `boost::system::get_system_category()' /usr/local/include/boost/system/error_code.hpp:209: undefined reference to `boost::system::get_generic_category()' /usr/local/include/boost/system/error_code.hpp:214: undefined reference to `boost::system::get_generic_category()' /usr/local/include/boost/system/error_code.hpp:215: undefined reference to `boost::system::get_generic_category()' /usr/local/include/boost/system/error_code.hpp:216: undefined reference to `boost::system::get_system_category()' There's more, but I guess there's a post length limit.. Most of them appear related to boost::system so I added -lboost_system to the linker command and got farther: # g++ -ggdb -g -O2 -lssl -lboost_filesystem -lpthread -lboost_thread -llog4cpp -o sslsniff SSLConnectionManager.o FirefoxUpdater.o Logger.o SessionCache.o SSLBridge.o HTTPSBridge.o sslsniff.o FingerprintManager.o AuthorityCertificateManager.o TargetedCertificateManager.o CertificateManager.o HttpBridge.o HttpConnectionManager.o HttpHeaders.o UpdateManager.o OCSPDenier.o FirefoxAddonUpdater.o -lboost_system SSLConnectionManager.o: In function `thread<boost::_bi::bind_t<void, boost::_mfi::mf3<void, SSLConnectionManager, boost::shared_ptr<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> > >, boost::asio::ip::basic_endpoint<boost::asio::ip::tcp>, bool>, boost::_bi::list4<boost::_bi::value<SSLConnectionManager*>, boost::_bi::value<boost::shared_ptr<boost::asio::basic_stream_socket<boost::asio::ip::tcp, boost::asio::stream_socket_service<boost::asio::ip::tcp> > > >, boost::_bi::value<boost::asio::ip::basic_endpoint<boost::asio::ip::tcp> >, boost::_bi::value<bool> > > >': /usr/local/include/boost/thread/detail/thread.hpp:191: undefined reference to `boost::thread::start_thread()' SSLConnectionManager.o: In function `~thread_data': /usr/local/include/boost/thread/detail/thread.hpp:40: undefined reference to `boost::detail::thread_data_base::~thread_data_base()' /usr/local/include/boost/thread/detail/thread.hpp:40: undefined reference to `boost::detail::thread_data_base::~thread_data_base()' /usr/local/include/boost/thread/detail/thread.hpp:40: undefined reference to `boost::detail::thread_data_base::~thread_data_base()' /usr/local/include/boost/thread/detail/thread.hpp:40: undefined reference to `boost::detail::thread_data_base::~thread_data_base()' Now the errors are related to boost::detail and boost::filesystem::detail. I've tried using boost 1.35 and 1.42 (latest). On my own Ubuntu system, I installed the libraries from Ubuntu repositories and I was able to compile+link sslsniff just fine. Thanks in advance.

Read the article
Get error with connect to server “Trust anchor for certification path not found.”

- by user3693568

I wrote code in android for connecting to server with ssl, I use BKS algorithm, I can create socket but when I send data to switch, I get this error javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. It is wonderful for me, I can connect to another server in local network with another BKS file and I can get response from that server, but with correct certificate in outside network, I cannot connect to another server, is it possible with network problem? Best regards

Read the article
Websphere MQ Authentication and Key Certificates

- by user171523

I would like to authenticate the user against the MQ Series before user places the Queue message in Queue manager. I am using the IBM MQ Series V7. I would like to know how does the authentication and Key certificate works in terms of validation. It will be great if i can get any helpful links on the same.

Read the article
How to fix "failed codesign verification" of an iPhone project?

- by Horace Ho

Last night, the iPhone project was built perfectly. This morning, I installed XCode 3.2.3 in a separate folder. When I open the same project in the old XCode 3.2.2 and re-built the project. I got this warning: Application failed codesign verification. The signature was invalid, or it was not signed with an Apple submission certificate. (-19011) How can I fix it? Thanks!

Read the article
Openwave v7 on Sony Ericsson S312 redirect problem

- by ucin

I had a web mobile application that require user to redirect from one page to another. But on openwave 7, the phone always asking for user permission. This not happen on openwave v6. I already install certificate on access using https, but it not solve the problem. Had anyone ever had similar problem?

Read the article
Possible to use Authenticode to sign/verify proprietary file formats?

- by Malcolm

Is it possible to use an Authenticode signing certificate to sign and validate proprietary file formats? Over time I've seen the Authenticode format extended to support VBA. JAR files, and even Open Office files so I'm thinking that it may be extensible to other file formats. Malcolm

Read the article
Xcode: iPhone app codesign error

- by Gabe Hollombe

When building a new iPhone app in Xcode, I'm getting this error: codesign error: code signing identity 'iphone developer' does not match any code-signing certificate in your keychain. once added to the keychain, touch a file or clean the project to continue. What's the fix?

Read the article
ssL HTTPS for windows mobile 6::unable to read transport connection

- by Santhosh

Hi am trying Https ssl connection in my C# application...i am getting "Unable to read transport connection" for the line WebResponse response = (HttpWebResponse)request.GetResponse(); I am forcing Certificate to be accepted ServicePointManager.CertificatePolicy = new MyPolicy(); public class MyPolicy : ICertificatePolicy { public bool CheckValidationResult(ServicePoint sp, X509Certificate cert, WebRequest req, int problem) { return true; } } Working fine in WM5 may i plz know the wat is goin wrong?plz thanks in advance

Read the article
SSL site in IIS7 doesn't load (times out)... everything seems correct (ports open, cert installed)

- by rksprst

I have a site in IIS where I have SSL set up. The certificate is installed correctly. It is listening on port 443, the port is open. Doing openssl s_client -connect host:port Get's a timeout... This is really driving me crazy as I have no idea what is wrong. The server is on EC2, if that makes a difference. Anyone know what could possibly be wrong?

Read the article

Search Results

Search found 3314 results on 133 pages for 'certificate authority'.

Page 99/133 | < Previous Page | 95 96 97 98 99 100 101 102 103 104 105 106 | Next Page >

- by Brad

- by Mike Hanley

- by Jessica

- by MasterRoot24

- by microchasm

- by MasterRoot24

- by Mark

- by Kostas

- by klerik123456

- by user289833

- by malik

- by Matthew Belk

- by Samuel Lopez

- by NetParis

- by user1765037

- by MadSc13ntist

- by rwong48

- by user3693568

- by user171523

- by Horace Ho

- by ucin

- by Malcolm

- by Gabe Hollombe

- by Santhosh

- by rksprst

< Previous Page | 95 96 97 98 99 100 101 102 103 104 105 106 | Next Page >