Hi there, I am going to switching SSL onto a Rails site of mine pretty soon and was wondering if anyone has thoughts or suggestions as to who is the best provider? Does anyone have any happy stories or horror regarding certain vendors?? Thanks Kent ...
I need to have my java applet use a soap based web service over ssl. I know that you can have a servlet act as a go-between/proxy, but I want to have the applet use the web service directly over SSL. The problem is supplying the certs to the web server hosting the web services. I supplied these Java Applet Runtime Settings via the Java C...
Hi all, I need to post XML to a server via https, but I need to verify that the self-signed server certificate is correct before I push the XML (which contains sensitive information). I'd prefer a perl solution, but there doesn't seem to be a CPAN solution that actually verifies the certificate - I thought Crypt::SSLeay would do it, bu...
I work for a large-ish advertising company. We've created a very lightweight clone of the PayPal IPN so we can offer CC Processing services for our top advertisers. Like the PP IPN, it's a simple RESTful interface. I deliberately instructed our admin guys to configure the vhost for this web app to only respond to requests on port 443...
Here's my situation: I'm trying to create a SSL certificate that will be installed on all developer's machine's, along with two internal servers (everything is non-production). What do I need to do to create a certificate that can be installed in all of these places? Right now I've got something along these lines, using the makecert a...
I'm working on a service where in production, we're going to use hardware load balancers with SSL offloading capabilities. However our dev environments don't have this capability, but I want to keep the configuration as close as possible to how it runs in production. Additionally, even for testing, the sites need to be SSL protected(t...
I'm developping a software which will be deployed using clickonce (on the website foo.com), and which will then connect to my server using WCF with an encrypted transport So I need an SSL certificate which will : Identify my foo.com website has really being my website Identify the exe I deploy using clickonce as being genuine Identify...
I am working with the openSSL library's X509 certificate class, and I need to query the "key usage" extension. After abandoning openSSL's vapourware "documentation", some shot-in-the-dark web searching eventually revealed that I needed to call X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx) and searching through the objects...
I am attempting to setup our servers to allow traffic over SSL. I am aware that SSL does not work with Name Virtual Host, but we have all of our apache servers on virtual machines with dedicated private IPs. We have a primary virtual machine that has mod_proxy setup to route traffic to the appropriate vms. However, in order to route h...
Hi, I am trying to download the content of a secure (uses https) webpage using php and curl libraries. However, reading failed and I get error 60: "SSL certificate problem, verify that the CA cert is OK." also "Details: SSL3_GET_SERVER_CERTIFICATE:certificate verify failed" So...pretty self explanatory error msg's. My question is: H...
I'm trying to connect to an API that uses a self-signed SSL certificate. I'm doing so using .NET's HttpWebRequest and HttpWebResponse objects. And I'm getting an exception that: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. I understand what this means. And I understand...
I'm currently working on a project where I've created a CA cert and a couple of child certs to that CA cert. The certificates are going to be used to protect inter-server communication in a SAMLV2 setup so I'm going to have a cert for the identity provider and a cert for the service provider. The user/browser isn't going to validate the ...
I’ve got a strange scenario: I’ve got a webpart that calls into a dll in the GAC, which is trying to read a section from web.config file. This works fine normally, but under SSL it fails, saying it does not have access to the path (of the config file). However, it’s under the mosssvc account, which has full control over the webconfig fi...
Hello :) I need to write my own SSL socket (CSocket ansestor) with server side certificate validation using Microsoft CryptoAPI. Can you tell me which book will help me (or any other user friendly source of information)? ...
I have a pkcs12 file. I need to use this to connect to a webpage using https protocol. I came across some code where in order to connect to a secure web page i need to set the following system properties: System.setProperty("javax.net.ssl.trustStore", "myTrustStore"); System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); S...
The netsh command wants an appid (see here) : netsh http add sslcert ipport=0.0.0.0:8000 certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6 appid={00112233-4455-6677-8899-AABBCCDDEEFF} I've not been able so far to understand how I'm supposed to know the GUID netsh wants me to provide. Any hints? ...
I have an application running on IBM Websphere 6.1. This application must use SSL to communicate with other similar applications used by other (external) entities. I believe I am the only member of this group that is using Websphere. A certificate issuer that others in my group trust, has issued me a '.pem' file. How do I incorporate tha...
Hey, Recently I've set up the ClearCase Remote Client (an eclipse plugin) to work through SSL, so instead of an http URL, it follows an https URL. However, this breaks the access to the Update Site, returning an error that the site has a "Premature End of File" error. My question(s) are this... Is there a problem with Eclipse accessi...
I'm using InstantRails (on Vista), and I'm at the stage where I'm looking to integrate a Rails app with PayPal (recurring billing via web payments standard - no ActiveMerchant needed). What is the best step-by-step process for enabling HTTPS for my local development/testing purposes? I'm using the default Mongrel/Apache setup that comes...
I'm trying to access a web service secured by a certificate. The security is setup on IIS and the web service is behind it. I don't think WS-SECURITY will do this type of authentication. Is there any way to pass the client certificate when you call the web service? I'm just getting an IIS Error Page that says "The page requires a clien...