I have a Pem file that I use with this php code to connect to a c++ SSL server, but now I need this php code written in Java $ctx = stream_context_create(); stream_context_set_option($ctx, 'ssl', 'local_cert', 'cert.pem'); stream_context_set_option($ctx, 'ssl', 'passphrase', $pass); $fp = stream_socket_client('ssl://serverURL', $err,...
See related question. I have a PEM file provided to me and was told that it will be needed in establishing a SSL socket that connects to a c++ server for some API calls. Does anyone know how I can read in the PEM file and connect? I was also given the parapharse password. ...
I'm trying to use apache2's mod_rewrite to force SSL connections to a website. So far, it's working fine with the following in the site's <VirtualHost> entry : RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [QSA,NC,R,L] This is working well, and redirects everything, which is what I wante...
This the situation: I have one webservice without SSL, which provides two pages for the other web application. When the user submits these pages, an XML file with private information is sent to the webservice. How can I provide the necessary privacy protection on the XML file? Is the one certificate good enough to give the appropriate s...
Hey all.. I have a weird issue. I am opening a popup window in IE6 with SSL enabled on the server. When the following executes it seems to lock the browser up. I know this is vague. This is the JScript that appears to be the problem. Gotta love your IE6! function PopoffWindow(url) { var features = "height=400,width=550,top=60,left...
In IE it is giving me the "some items on the page are not secure" message. I have tracked it down to this line: <script type="text/javascript" src="lightbox/js/prototype.js"></script> which is a lightbox script I downloaded. I tried making the src relative or absolute with https it happens either way. And only in IE. Heres the page i...
I've installed (from source) Apache 1.3 on a CentOS 5.2 and I'm trying to get SSL to work. I used --enable-module=so then added AddModule mod_so.c LoadModule ssl_module /usr/lib/httpd/modules/mod_ssl.so to httpd.conf. Now I'm getting this error from configtest: Syntax error on line 44 of /www/conf/httpd.conf: ...
I'm trying to write a PHP script using cURL that can authorize a user through a page that uses an SSL certificate, in addition to username and password, and I can't seem to get past the SSL cert stage. In this case, curl_setopt($handle, CURLOPT_VERIFYPEER, 0) unfortunately isn't an option. The certificate is a required part of authenti...
I'm trying to implement manual self-signed SSL certificate validation to a WinINet client. I tried to approach it by calling InternetQueryOption with INTERNET_OPTION_SECURITY_CERTIFICATE or INTERNET_OPTION_SECURITY_CERTIFICATE_STRUCT parameters, but both return some internal interpretation of server's certificate, none allows accessing ...
How do I tell if a page is SSL'd in "classic" ASP? Can't use javascript because what I'm outputting is the results of a "noscript" tag. :D Can't be changed or modified in IIS - has to be in the script file itself. e.g. https://foobar/something.asp --> should say YES http://foobar/something.asp --> should say NO ...
I have an app with an embedded webserver. This webserver can now do SSL via the OpenSSL package :) Now to the cert issue. This app is sold, which I say because it's not just sitting on a server I own -- it gets installed on thousands of computers. I want my customers to be safe so I want them to use SSL as painlessly as possible. Ri...
Here is my scenario: I have a proxy that actually has the SSL Cert installed and this sits in front of a load balanced web farm. Each IIS server does not have SSL so I can't use transport security via wsHttp binding. I have not investigated basicHttp because we want to provide SOAP 1.2 going forward w/ this solution. In addition to t...
I have built a web proxy from scratch (using Socket and NetworkStream classes). I am now trying to implement SSL support for it so that it can handle HTTPS requests and responses. I have a good idea of what I need to do (using SslStream) but I don't know how to determine if the request I get from the client is SSL or not. I have search...
My server is currently hosting a php site. This site uses ssl for certain pages already. Now I am transitioning over to rails, and all my new rails apps go into a subfolder. Passenger is setup and and my app works great. One problem, If i try to go to these pages using ssl, I get a 404 error. Apparently apache is looking for the literal ...
I have a website with only home page available through simple HTTP protocol. All other pages are accessible only through HTTP over SSL(https://). I'm using CDN for home page and very happy with it. But for me it looks like using CDN for https pages is impossible because of security warnings, especially in IE. My files hosted at CDN are...
Do you guys know fine tutorials, sample codes for SSL socket programming with Jetty? I am going to implement some secured applications with Jetty.. :) ...
I'm trying to enable SSL for only certain actions on my CakePHP based website. I'm doing this using requireSecure() and redirecting to https://url in the corresponding blackHoleCallback(). To keep the server load down, I'd like to redirect back to http://whatever_url once the user is done with the action that requires SSL. How do I do ...
I want to create certificates programmatically in C#.net which are signed by a CA. I was able to create a self signed certificate with CertCreateSelfSignCertificate as described here: http://msdn.microsoft.com/en-us/library/aa376039(VS.85).aspx http://stackoverflow.com/questions/187588/self-signed-certificate-in-windows-without-makecert...
I have an application that communicate with multiple hosts at the same time. In this case I need to use multiple keystores to establish communication with other hosts. In this case setting the system property "javax.net.ssl.keyStore" is problematic. I found an earlier post that discusses the problem well. Then what would be the best ap...
I know that using SSL is one way to do this. I go to websites like Facebook and LinkedIn and see that they only use https when they are dealing with sensitive data like passwords and personal settings. How is this done? How are they able to implement https on some websites while using http on others, while still remaining secure, or are ...