Why would you not use https on your public facing website? For SEO purposes? For performance reasons? Why don't more companies use https on their public facing site. Even the founder of mint.com mentions not using https on his public facing site" http://cnettv.cnet.com/rr03-mint-ceo-aaron-patzer/9742-1%5F53-50076867.html 19min into the...
I'm writing an iPhone application that needs to send small bits of information (two strings of under 128 characters each, at a time, and this doesn't happen too frequently) to a server when users interact with it. I would like this information to remain confidential, so I'm thinking of some sort of encryption or secure connection would b...
Hi All, I am using CFNetwork to connect to a https webservice , whose server is a Verisign certified. I get the appropriate response from the server some times. But the rest of the time I am getting two kind of errors. 1."Operation could not be completed. (kCFStreamErrorDomainSSL error -9807.) 2."Operation could not be completed. (kC...
How do I use the ASP.NET MVC 2 Preview 2 Futures RequireHttps attribute? I want to prevent unsecured HTTP requests from being sent to an action method. I want to automatically redirect to HTTPS. MSDN: RequireHttpsAttribute RequireHttpsAttribute Members RequireHttpsAttribute.HandleNonHttpsRequest Method How do I use this feature?...
I have an application that connects fine over http. When trying https I got the error that says that the root cert is not trusted. I found URLs for my site certificate, its CA certificate, and the CA's root certificate and have added them through Safari to the phone. Now when I go to Preferences -> General -> Profiles I can see all my...
I'm trying to get secure web service connectivity on the iPhone over https via SOAP. Currently have http working with NSMutableURLRequest but it doesn't appear to support https. Any ideas what to use to get the secure web service access and processing I'm after? Any help appreciated // :) ...
I am using System.Xml.XmlTextReader to read xml stream from a http location. Now I need support to read from a secure https site. How can I do this by providing user credentials in some way? ...
I'm trying to download account transactions (an XML file) from a server. When I enter this URL from a browser: https://secure.somesite.com:443/my/account/download_transactions.php?type=xml it successfully downloads a correct XML file (assuming I've already logged in). I want to do this programmatically with Ruby, and tried this code:...
I'm using YUI on my site. It works fine with no errors when you access over HTTP. However, when IE users access the site over HTTPS they get the dreaded "this page contains secure and nonsecure items" error message, which makes it really close to unusable. I'm hosting the YUI files, so they're getting served up over HTTPS, but in the ...
Hi, I have a domain example.com. I want users to be redirected to https://www.example.com whenever one of the following is typed: http://example.com http://www.example.com https://example.com I also need to redirect people accessing /asdf (or /asdf/) to /index.php?folder=asdf. I found some examples of code doing the first part, but...
I have a web application which works perfectly fine on my own machines, perfectly fine on my customer's PCs but on their customers machines each page they visit they get a prompt for the Mixed Content coming up. However it doesn't matter whether they answer yes or no to the question, they still get all of the functionality of the site. ...
I have a scenario where an asp.net page is using the SSRS reportviewer control to display a report. we recently updated the IIS server to use an SSL certificate and now the same application has a HTTPS URL. Is it now, necessary to setup SSL certificate on the SSRS Report Server box as well? Or, can the (HTTPS)web application continue ...
I have a vb 6 application whic fetch the emails from Exchange mailbox and copy them in to text file. This was working fine for me. I have a requirement to change the communication protocol to "RPC over https". After implemnting this I am able to login to the mail box throug MS outlook with RPc over https protpcol. My application is not a...
For a limited time, we have to serve the same Tomcat 6 web application from two different domain names. Both domains need to be served HTTPS - is it technically possible to handle serving different certs for the same app using connectors (or other method)? The other option (which we are trying to avoid) is to handle the cert delivery up...
I have a secure form (attribute action="https://...") in an unsecured (http) page. The purpose is to transmit data securely while avoiding mixed content warnings ("some items are unsecured") due to unsecured Google Maps element on my page. When the form posts and succeeds, everything is fine. However, if the form fails, my user ends u...
(Approximately) how many more bits of data must be transferred over the network during an encrypted connection compared to an unencrypted connection? IIUC, once the TLS handshake has completed, the number of bits transferred is equal to those transferred during an unencrypted connection. Is this accurate? As a follow up, is transferrin...
We have migrated our web site to new web site (don't ask why?) In order to help us with the transition, we created 301 redirect, from the old web site to the new web site, in IIS. The redirect looks like http://www.newWebSiteApp.com$S$Q This handles all the sub directory as well as query string nicely. we tested the redirect and works g...
I've requested an certificate (for SSL on IIS 7) with several subjectAltNames. I'd read that some people might not like to do this because of the public being able to see links between different sites. (This doesn't matter as the certificate is for internal use). But this suggests that I should be able to see the subjectAltNames when ...
I have to send a request as https post to a third party Apache server. It seems my code is fine as testing to an aspx page shows parameters without any problem, but when I tried to conect to Apache server answers like I didn't send anything. As I've been digging a bit more, I found out a reference to "servers handshake". Does this mea...
Hi everyone, I need to fetch images for one of my projects via https connection. I use Snoopy PHP class as HTTP server. This class uses cURL program for performing https requests, I mean it calls cURL directly using system() PHP function. The problem is that I get images broken. When I fetch HTML pages through secure connection, everythi...