I'm building a small program that acts as an XMPP client and I am using the Smack library. Now, the server I am connecting to requires SSL (in Pidgin I have to check "Force old (port 5223) SSL"). I'm having trouble getting Smack to connect to this server. Is it possible? ...
I don't have the faintest clue on how a software or hardware load balancer works. I guess the hardware load balancer is basically a switch and based on some algorithm decides which node to switch to for a incoming request. On the software load balancer front, I guess the software picks up a node and uses a reverse proxy connection to it....
My co-workers and I are having a problem using Firefox 3.0.6 to access a Java 1.6.0___11 web application we're developing. Everything works fine anywhere from 1-30 minutes into the session...but eventually, the connection fails and the following error appears: Secure Connection Failed An error occurred during a connection to 10.x.x.x...
There are a few ways to include jQuery and jQuery UI and I'm wondering what people are using? Google JSAPI jQuery's site your on site/server another CDN I have recently been using Google JSAPI, but have found that it takes along time to setup an SSL connection or just to resolve google.com. I have been using the following for Google:...
The service I need to connect to has provided me three files and I'm trying to figure out what I need to create the Cert=xxx.PEM file that STUNNEL needs I have a "keystore.jks" file. Dumping that with keytool says it's a "Private key entry" I have a "truststore.jks" file. Dumping that says it's a "trusted certificate entry". The alias ...
I'm trying to test my site in IE 6 using Microsoft's Win XP / IE 6 virtual machine image, but I'm unable to load any SSL site in either IE 6 or Firefox 2 inside of the virtual machine. Outside of the VM all sites load as expected, but inside it can't find the sites in either browser. Non-SSL sites load fine inside the VM. For example, t...
I know there's no single hard-and-fast answer, but is there a generic order-of-magnitude estimate approximation for the encryption overhead of SSL versus unencrypted socket communication? I'm talking only about the comm processing and wire time, not counting application-level processing. Update There is a question about HTTPS versus HT...
Is it possbile to reverse proxy to internal server via HTTPS and serve the certificate from the backend server instead of the certificate on the proxy? ...
So kind of very similar to "Detecting https requests in php": Want to have https://example.com/pog.php go to http://example.com/pog.php or even vice versa. Problems: Can't read anything from $_SERVER["HTTPS"] since it's not there Server is sending both requests over port 80, so can't check for 443 on the HTTPS version apache_request_...
Hello, recently received email from Authorize.net saying: During the week of March 16 - 20, 2009, Authorize.Net will be deprecating all legacy support for the SSL 2.0 protocol. Changes have recently been made to the Payment Card Industry Data Security Standard (PCI DSS) which have made the use of SSL 2.0 a PCI DSS viola...
Hi folks! I would like to fetch a SSL page in Java. The problem is, that I have to authenticate against a http proxy. So I want a simple way to fetch this page. I tried the Apache Commons httpclient, but it's too much overhead for my problem. I tried this piece of code, but it does not contain an authentication action: import java.io...
I read that a page which runs under an https connection cannot share an InProc Session (based on cookies) with another page (or the same for that matter) running under regular http. My site is running on Server 2003, IIS 6 and .Net 2.0. After some experiments it appears that a page which stores data in session while being connected thro...
I'm using curl and pycurl to connect to a secure 3rd party api and when I use pycurl I'm getting authentication errors back from the server, but when I use curl on the command line and do the same thing it works. I set both to verbose mode and am seeing some differences in the request, but I can't seem to figure out what the error is. T...
I am using WCF for the client to access service. I am trying to access the endpoint with TLS (https). I have certificates with both private and public keys. If I have the end point of the service to have the host name same as the certificate name ("Issued To"), then i am able to access the service from the client. If the names of the...
Exact duplicate of SSL error RemoteCertificateNameMismatch SSL error RemoteCertificateNameMismatch I am using WCF for the client to access service. I am trying to access the endpoint with TLS (https). I have certificates with both private and public keys. If I have the end point of the service to have the host name same as the certifi...
I have an SSL certificate for the 'www' subdomain of a web site we'll call example.com. Therefore I can force SSL, but if the user doesn't enter 'www.example.com' into their browser, the SSL certificate appears invalid. I wish to accomplish this with mod_rewrite rules in an .htaccess file at the root of the web site. No matter what UR...
Newbie IIS question: I want to setup HTTPS access for my XHTML page (not asp.net) hosted on my IIS 6.0 server. So far I have done the following: In IIS Manager, for the particular folder, the following are set: Require secure channel (SSL) Require 128 bit encryption Ignore client certificates However when I try to access the page...
Authenticating user with RSA certificate through iPhone' Safari browser not working with IIS website. I cant get it working. IIS just gives up with "client certificate required" error and safari doesn't provide certificate. Client: iPhone 3G latest firmware CA and user certificates deployed (it shows them as unsigned) Server: II...
Boy do I have a strange bug. I have a website that needs to upload large files. We are using the standard ASPx FileUpload control. We have modified the web.config to allow really large files. I am doing all these tests in FireFox, IE6, and IE7. For my test I am using a few 20 MB files (AVI, PDF, Excel). The file type does not affe...
I'm interested in hearing what others do when, in a given application, some pages need to be secure and others don't. Take any solution off the table that requires a separate domain/subdomain. In this case, all calls, secure or insecure, will link to the same domain. I see a few options: The ham-fisted, just secure it all approach. A...