ssl-certificate

Difference between https protocol and SSL Certificate

What is difference between https protocol and SSL Certificate that we use in web browser? Aren't both of these used to encrypt communication between client (browser) and server? ...

SSL Cert with exportable private key

Hi, I got a trial server certificate from completeSSL with the plan to use it to sign my Azure production site. It turns out that I need a certificate with an exportable private key ... and my new trial certificate is not such. Does anyone know which of the ssl vendors sell certificates with exportable private key? ...

Self-signed certs -- helping users know they need to add root CA to trusted cert store

I have a desktop product which uses an embedded webserver which will use self-signed certs. Is there something that I can put in a web page that would detect that they haven't added the root CA to their trusted list, and display a link or DIV or something directing them how to do it? I'm thinking maybe a DIV that has instructions on ...

X509Certificate.CreateFromCertFile - the specified network password is not correct

I have a .NET application that I want to use as a client to call an SSL SOAP web service. I have been supplied with a valid client certificate called foo.pfx. There is a password on the certificate itself. I've located the certificate at the following location: C:\certs\foo.pfx To call the web service, I need to attach the client certi...

Problem with getting error description after SSL_CTX_new returned NULL

I am very new to SSL , Actually I would say I know nothing about it. I am using the method "SSL_CTX_new" to create an SSL_CTX object. The method returns null.The documentation says I can check the error stack in order to get the cause for this. So I have the function "int SSL_get_error(SSL *s,int ret_code)" which (as I understand) I ...

Amazon S3 secure access from flash

I am trying to access files in Amazon S3 bucket with SSL with ActionScript3. When I use this format... https://s3.amazonaws.com/bucket.name/filename I get security sandbox error. "Error #2048: Security sandbox violation: " When I switch to this format... https://bucket.name.s3.amazonaws.com/filename It works like a charm (until I...

Extracting private key from .cer to .pem with openssl

How can I export the private key embedded in an .cer file and convert it to .pem using openssl. Update: If I download a .cer file from Apple and import it into KeyChain, I can export the private key as a .p12 file. How can I do this using openssl? ...

How to generate a client certificate using a third party CA-NOT Self Signed CA

I am trying to trying to export a client certificate for use with a web browser. The goal is to restrict access using the <Location> directive to the admin area. I have seen numerous tutorials on using self signed CAs. How would you do this using a third party? 1) Do I need to include the CA in the client pfx if it is a trusted root ...

TLS server accepts connection from client even client cetificate is not present in servers truststore ? why ?

TLS server accepts connection from client even client cetificate is not present in servers truststore ? why ? Server Code: tlsContext = SSLContext.getInstance(SSL_PROTOCOL); tlsContext.init(getMyKeyManagers(),null,null); SSLServerSocketFactory fact = tlsContext.getServerSocketFactory(); tlsServerSock = (SSLServerSocket)fact.createSe...

How safe is my SSL connection even with a SSL certificate?

I have a client program that talks to a web server through a SSL connection (https). How safe is this connection? I bought a SSL certificate installed on my web server, so my understanding is that even if someone attemps a man-in-the-middle attack between my client and my server they would not have the certificate? Is this true? So for...

Turn off SSL certificate verification in Ruby

When using 'net/https' and ssl, how do I disable verification of the resulting SSL certificate? ...

Understanding Secure Email

Hi, I've got a question about securing emails with SSL. If I get an SSL certificate to secure my email, that would mean that the connection between my mail client and my mail server will be encrypted. So anyone listening in couldn't view my emails or username and password. But what happens between the mail server and the destination ma...

Install client certificate for IIS App Pool account

Scenario: A client calls WebService A on the LAN. WebService A is running under an App Pool with Identity "Network Service". WebService A does some work, prepares to call WebService B. WebService B requires a client cert (*.cer) and SSL. WebService A is on a dedicated Windows 2003 server. Everything works in the Dev environment as it s...

Problem viewing sites with SSL certs

I am managing a number of websites that use SSL certificates and have had a few complaints from individuals that are not able to view some of these sites in secure mode. The problem persists regardless of browser or version that is used, does not affect viewing in non-secure mode, and only occurs with a few of the secure sites, not all....

SSL cert for billing module

I'm writing a billing module for a startup i'm working on. It's my first time buying an SSL cert. I only need a cert for a single domain. Is the standard SSL cert from godaddy ($29.99/yr) all that I need? I plan to get an authorize.net compatible merchant account and didn't know if they would require the deluxe or premium certs. I'm si...

IE8 Will Not Install SSL Certificate

I have my own SSL for development purposes. Normally when IE would give you the WARNING you could simply install the certificate, resart IE and go back to the server without warning. In IE8 I cannot avoid the warning. I have installed the certificate into every single store without success using both the MMC and cert manager in IE8. WHAT...

CSR Generation: Tomcat or Apache?

While not entirely programming related. I recently purchased a SSL certificate, and during the configuration I need to generate as CSR. I am running Tomcat behind Apache via mod_jk. I see two options for generating the CSR one for Apache and one for Java based servers. My question is which do i use? At the moment the site needing th...

Validate SSL certificates with Python

I need to write a script that connects to a bunch of sites on our corporate intranet over HTTPS and verifies that their SSL certificates are valid; that they are not expired, that they are issued for the correct address, etc. We use our own internal corporate Certificate Authority for these sites, so we have the public key of the CA to ...

Are SSL certificates bound to the servers ip address?

We have two different ldap providers in two different physical office locations. When I connect my laptop to one location and I 'retrieve from port' (in Websphere 6.1) to import the ssl cert of the ldap provider, I can authenticate to the respective ldap with no problems. If I take my laptop to the other office (that uses the other ldap ...

Adding SSL support to existing TCP & UDP code?

Here's my question. Right now I have a Linux server application (written using C++ - gcc) that communicates with a Windows C++ client application (Visual Studio 9, Qt 4.5.) What is the very easiest way to add SSL support to both sides in order to secure the communication, without completely gutting the existing protocol? It's a VOIP...