Hi all, I have an implementation of SSL handshake from the client side, by using these functions: SSL_CTX_load_verify_locations SSL_CTX_use_certificate_chain_file SSL_CTX_use_PrivateKey_file All functions get char* type for the filename parameter. How can I change it to support also unicode file locations? Thanks! ...
Is there a method for JavaScript running in a browser to determine which CA certificate is being used to authenticate the remote host for the browser's current SSL connection, and also obtain properties of that certificate, such as the name of the CA? If not, are there any other options for programatically obtaining this information, su...
Hi, I recently created a Certificate Signing Request(CSR) and submitted. But it was rejected stating "CSR has a PKCS9 extension profile", does a CSR generated using OPEN SSL via XCA contain any profile information? Isn't CSR a very generic request? Thanks in advance. ...
I am getting the following error when trying to perform a HttpWebRequest to a remote server over SSL (the url is https://sandbox.payfast.co.za): "The remote certificate is invalid according to the validation procedure" The certificate seems to be valid and I can successfully make a web request to another url. Could someone tell me how...
Dear stack overflow. I get a weird error when trying to use AXIS1.4 Wsdl2Java tool to generate client code for the web service that is installed on the secure IIS site. When I run the tool I get the following SSL exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching XXXXXXX.net foun...
There are some cheaper SSL certificates out there. Would a certificate from Verisign perform better/faster than a certificate from a discount provider? My gut is telling me that it does not make a difference b/c ultimately the certificate is installed on the server. ...
How can I verify the certificates of a site like https://processing.ukash.com/ in ruby with net/http? https = Net::HTTP.new('processing.ukash.com', 443) https.use_ssl = true https.verify_mode = OpenSSL::SSL::VERIFY_NONE Works so far, but how do I verify that it's the right cert now? I saved the certificate from within firefox, but the...
I am writing a utility that would allow me to monitor the health of our websites. This consists of a series of validation tasks that I can run against a web application. One of the tests is to anticipate the expiration of a particular SSL certificate. I am looking for a way to pre-fetch the SSL certificate installed on a web site usin...
Hi all, I have several virtualhosts configured on a single Jetty instance. I would like to also have unique SSL Certificates for each virtualhost. Can I do this? My understanding is that the call to add a connector can only be made inside a Server configuration meaning that there is only 1 SSL certificate that can be used. Walter ...
I have just installed a new ssl certificate on GlassFish 3. I also changed all references to s1as to a new certificate alias in config/domain.xml. Everything seems to work fine, but I wonder if I have to change all "s1as" entries in config/sun-acc.xml, wss-server-config-1.0.xml,wss-server-config-2.0.xml as well ? Do settings in these f...
A client of mine has an application that is being migrated from SQL 2000 to SQL 2005. After the DB migration, the following error is occurring when the application tries to execute a SQL query. xSomeClassTools: 3/30/2010 9:27:42 AM-ErrorMessage:SSL Security error.- StackTrace: at System.Data.SqlClient.ConnectionPool.GetConnection(Boo...
We extensively use a third party app that we'll call thirdparty.com. thirdparty.com and mysite.com have a common navigation and look and feel, so to the users, they think they are always on mysite.com. What we're going to do is start url rewriting 3rd.mysite.com to display thirdparty.com, to make it look even more like a seamless experi...
Dear All! I would like to implement a server - client software with the following security requirements: WCF-Services need to be secured with SSL and Certificates for both, the server and the client Client certificates need to be generated programmatically upon user registration Client-certificates are deployed via a an automatically ...
Hi, I'm connecting to an ASP.NET web service from a personal blackberry device (No IT policy). The connection is over HTTPS, so the user needs to explicitly trust this certificate and add it to their keystore to proceed. Since the app is targeted towards a (mostly) non technical user base, I don't think this is a good idea. Is it possi...
Quick Version of Question Gmail, TD (Canadian Bank), Royal Bank (Canadian Bank) all use ssl. When you inspect their certificates they all have Common Name (CN) mail.google.com Or more generally: Common Name (CN) <url> Is this needed to prevent man in the middle attacks? Summary JBoss allows clients and servers to authent...
We have a proprietary framework and now we want to integrate the authentication by client side ssl certificates. What are the best practices to map a client certificate to a proprietary user account (for example a simple user table in the database)? Save to public key of the certificate? Save issuer and serialnumber? Or are there oth...
I am mostly following this page: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html I used this command to create the keystore keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/tomcat6/keystore and answered the prompts Then i edited my server.xml file and uncommented/edited this line <Connector port="8443" protocol="HTTP...
As part of our automated build procedure we are trashing and reconstructing our IIS site with powershell scripts. Once i have created the AppPool and the website complete with binding information I want to set the SSL certificate for the https binding. I can't find any concrete examples onl;ine anywhere that demonstrate this. Any ideas...
Hi, I have a page on my site which was meant to be SSL enabled. Now, if the page has a link to an external site, does this invalidate my SSL encryption? Thanks ...
I need to write an app that retrieves data on expiring SSL certs. What is the best way to locate this data for application purposes? ...