I have a MOSS 2007 instance and a web app (Site Collection) in port 80 that has an extension through port 443 to enable https. This instance has an asp.net web app that is inside the Site Collection. This asp.net web app enters https protocol when one of its qualifying aspx webforms is called, but when the user leaves the form the https...
I'm working on an app that will be using https, but we wanted to be able to use the google search api. They do not have an https version available, so it causes the browser to display an insecure warning dialog. It was suggested that we could dynamically load the script after initial load to avoid the warning. I didn't think that would w...
So I am baffled by this one. I have a function that is responsible for a non-secure item warning message to appear when viewing my web page from with IE6 on SSL. If I comment out the entire function the message goes way. If I just comment out the one method call it remains. What is really driving me nuts is if I remove all of the logic f...
Our company runs a website which currently supports only http traffic. We plan to support https traffic too as some of the customers who link to our pages want us to support https traffic. Our website gets moderate amount of traffic, but is expected to increase over time. So my question is this: Is it a good idea to make our website ...
I have an application server installed, listening for HTTP traffic on a port which is not blocked from the world by a firewall. I wish to expose the services offered by this application only through HTTPS, preferably as a "sub directory" of the HTTPS site already hosted by the server. Using IIS7 Url Rewriting (as part of the ARR package...
I've got a local application (which I didn't write, and can't change) that talks to a remote web service. It uses HTTPS, and I'd like to see what's in the traffic. Is there any way I can do this? I'd prefer a Windows system, but I'm happy to set up a proxy on Linux if this makes things easier. What I'm considering: Redirecting the we...
I need to write a script that connects to a bunch of sites on our corporate intranet over HTTPS and verifies that their SSL certificates are valid; that they are not expired, that they are issued for the correct address, etc. We use our own internal corporate Certificate Authority for these sites, so we have the public key of the CA to ...
Possible Duplicate: Will it ever be possible to run all web traffic via HTTPS? Why is the concept of having secure communication using encryption tied to confirming the website's identity in https? Wouldn't all users of the web benefit from even having their http traffic encrypted using a 256 bit key? There are tons of sites t...
I have a server written (self written - no Tomcat or Jetty) in Java and it works nicely, but now I want it to work with HTTPS as well, but I really don't get what I need to do. I've read some stuff online, but haven't really found a good explanation for what I need to do. Could anybody give me an useful hint (or a small outline) of what...
On my domain I have a form workflow where users enter data on one form, click continue and enter data on the next form. I am using server.transfer for moving between forms on my domain. Once users have completed the last form on my domain I use a response.redirect to a third party domain so that the users can complete payment. All pages...
Using only standard JEE API (JAAS, Servlet API, JSF) How can I switch back from a CONFIDENTIAL channel to a Unsecured one? In my example I already managed to switch from an Unsecured channel to a Secured one for the resources in "*/secured/**", but I'm in need to switch back to an unsecured channel after a successful Authentication as t...
Hi there, i would like to ask you for workaround on following problem. My site can use http and https protocol, it doesnt affect the content. My site uses jquery ajax calls, which fills some areas on page, too. Now, i would like to do all ajax calls by https protocol. (please dont ask me why :)) When i am on page with https protocol, ...
I have Android pet-project DroidIn which utilizes HttpClient 4 (built into Android) to do some form based authentication. I started noticing that people who are using WiFi are reporting connection problems. It also doesn't help that site I'm accessing has self-assigned certificate. Well - the question is (I'm quite vague on WiFi details)...
We've got a shopping site which we're hosting on a shared host (Mediatemple Gridserver). Some parts of the site need to use HTTPS (checkout etc) but the rest should be using HTTP. Does anyone know how we can always force the correct use of HTTP/HTTPS for particular URLs? We've had it working in various states but we can't get a request ...
Would like to understand whether the HTTPS body part of the Response is encrypted. Also, in a HTTPS request whether the header are transmitted as plain text / encrypted? Is there any tool with which I can observe the raw HTTPS traffic without decrypting it. ...
I am creating an NSURLMutableRequest and setting HTTP methods and content-types and such. All was working fine until my last compile. I now get this in the Console, but the app doesn't crash: CODE: Internal error. Exception from other package: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException:...
How do I determine and force users to view my website using HTTPS only? I know it can be done through IIS, but want to know how its done programmatically. ...
Hi, I have a unsecure page which opens up a secure (https) page. The secure page needs to update the parent page via a javascript submit() while still remaining the current window. However when I try to do this via javascript I get an "Access Denied" javascript error because the parent page is unsecure. Any idea of how I can access th...
Hi, I'm running a site which has 2 separate sub-domains - one for HTTP and another for HTTPS. http://www.example.com https://secure.example.com http://secure.example.com does not exist and will not resolve. The problem is that the site is running behind a load balancer which handles all SSL. Communication between the load balancer ...
I need to send an HTTP request to a server using HTTPS on Linux using plain sockets. Is there a way to do this? Code is appreciated. Thanks ...