https

Making HTTPS calls to website that does not have API

I am working on a wp7 app and I want to make an https call (sign-in and then post ) to a website which does not have an REST API. So I will have to use it just like a browser adding headers to the https sign in call and parsing the resulting data get the Cookie data and unique id assigned extra and pass that on to a subsequent https ca...

Wrong URL in WSDL hyperlink when using WCF (https)

I got my WCF Service running with HTTPS, It shows the Infopage, but the URL below "To test this service, ... with the following syntax:" is: svcutil.exe https://servername.group.service.com/MyService.svc?wsdl (full address of the server) Instead of the correct URL https://my.service.com/MyService.svc?wsdl (assigned hostheader), how can...

Why do I get 500 error codes on certain URLs on certain servers with certain client certificates?

Warning: I've found a weird reason for this behaviour. The question below is obsolete. Here is the followup for all the gory details. Setup: A production server running SuSE Enterprise 11 and my Django 1.1 application. The application is being served with Apache (mod_wsgi) over HTTPS with client certificates (SSLVerifyClient require...

How can I conditionally redirect to https using mod_rewrite?

I would like to redirect to https using mod_rewrite only if certain conditions are met: If the URL does NOT contain the word 'administrator' AND the URL DOES contain the string 'xyz' (in any part of the URL, including the querystring) This does not seem to work: RewriteCond %{REQUEST_URI} xyz [NC,OR] RewriteCond %{QUERY_STRING} xyz [N...

HTTPS Header Redirect Not Working with PHP

I have a load balanced dev site that I'm working out bugs for SSL on and I have ran into one last very annoying issue. On some pages I need to force it to SSL so easy enough, I just wanted to create a header ("Location: https://www.example.com/mypage.php"); I thought that was easy enough and no worries. However, every time I do thi...

Jboss not processing jsp pages under ssl

I have a web-app I'm trying to setup under jboss 4.2.3 and I am mimicing (the best I can) a 4.2.1 installation. It's doing fine feeding up pages under http, but when its https, it just kicks out the raw jsp file. I followed instructions for creating a self-signed cert. Not sure what specific info to provide, but can anyone try to point m...

when "sslpassphrasedialog built",I can't use the keystore of myself...

first,i have import the root cert to my keystore. then,in apache,when the configuration is "sslpassphrasedialog built",i request the server,browser shows me "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". but when the configuration is "...

Problems posting via HTTPS from an IIS process (WCF & WF)

I have some code that wraps the PayflowPro .NET API. It essentially posts to a HTTPS address (a payment gateway) from C#. I can run this code locally and it works nicely. I can run it in my MSUnit tests and it works, and I can run it from a console application on my test environment and it also works. I have a workflow hosted in IIS ...

Using custom root with FiddlerCore

Is it possible to use a custom root CA for FiddlerCore to intercept HTTPS traffic. What I need is assigning a certificate to be used to to sign all host certificates. Another solution can be supplying certificate information to FiddlerCore before creating root certificate. ...

ASP.NET MVC2 Post to SSL and WCF Service

I have an ASP.NET MVC2 application hosted in a non-secure environment (http), also I have my account services (WCF) on an SSL server. I need to post a form that is on the non-secure http application to a secure SSL and access then the service. By no means I'm allowed to host the application in the SSL server (because it will loose the lo...

how to perform put request for WADL

I have a wadl with the following method. <resource path="/activity/stop/"> <method name="PUT"> <request> <param name="reason" style="query" type="xs:string" /> <param name="startdate" style="query" type="xs:string" /> <param name="enddate" style="query" type="xs:string" /> </request> <response> ...

WCF Transport security weakness

Hi On 2nd edition of "Programming WCF Services" By Lowy, ch 10, page 512. Lowy said about Transport security: Its main downside is that it can only guarantee transfer security point-point, meaning when the client connects directly to the service. Having multiple intermediaries between the client and the service renders Transport securi...

ASIHTTPRequest: https with SSL

How to implement a https connection with SSL and ASIHTTPRequest? Are there some special steps to do? Can it be that this has nothing to do with ASIHTTPRequest? It has to do only with the server-side I think. Can someone post a link or describe the process of how a https connection can be established? This is what I found out so far: I ...

Secure paperclip urls only for secure pages

I'm trying to find the best way to make paperclip urls secure, but only for secure pages. For instance, the homepage, which shows images stored in S3, is http://mydomain.com and the image url is http://s3.amazonaws.com/mydomainphotos/89/thisimage.JPG?1284314856. I have secure pages like https://mydomain.com/users/my_stuff/49 that has i...

How can I make cookies secure (https-only) by default in rails?

In a Rails controller, I can set a cookie like this: cookies[:foo] = "bar" And specify that the "secure" (https-only) flag be on like this: cookies[:foo, :secure => true] = "bar" :secure is false by default. How can I have cookies be secure by default, application-wide? This is on Rails 2.3.8 ...

Apache CommonsVFS connect to https server.

Hello, Currently I use Apache CommonsVFS to fetch images from other sites and it works well. The website of CommonsVFS says it supports HTTPS protocol, but I found I could not access those URL starts with https:// using CommonVFS, while I could browse it from my Firefox normally. For example, the following code will yield an exception...

List of trusted CA in android?

Hello everyone, i would like to know which Certification Authorities are "allowed" on android.. Since i'm going to buy a ssl certificate i would like to understand if i'll get some problems in android using it. Thanks ...

Browser mixed content warning - what's the point?

I employ the Google maps API on my otherwise SSL-secured site. I invariably therefore get one of these terrible "mixed content" warnings pop up from my web app. This is annoying. I understand that this issue can be fixed when upon moving the app into production I sign up to a premier account with Google. Hurrah. I am just perplexed:...

What is more secure? VNC or Citrix or HTTPS

What is more secure? VNC or Citrix or HTTPS So they all have the same amount of security. Don't they use the same encryption algorithms in they end? ...

Read https content

I have a webpage developed in php. I want to read the content of a https://(url) file. how can i read that. I have used file_get_contents().The problem is that it can read file with http protocol but cannot read file with https protocol. Please help me out ... Thanks in advance.. ...