I have a shopping cart website running classic ASP that needs help during the checkout process. When a user is ready to checkout, they are redirected to an SSL version of the site. Response.Redirect "https://mysecuresite.com/beginCheckoutProcess.asp" When the jump occurs, the customer starts a new session when they arrive at the SSL...
Hello, I am using the ssl_requirements plugin on shared hosting account. This hosting provider uses Passenger to manage Rails. Everything works fine until I try to go to a page that requires ssl (enforced by adding the ssl_required filter). When this happens Passenger crashes and sends back a 500 error. The error reads: Passenger encou...
On my https web site, how can I display images from a web site without a certificate? I own the example domain of: - http://www.example.com - http://static.example.com (used for my CDN) I own a certificate for WWW.example.com but not STATIC.example.com. On my www.example.com domain, you can register for the service over SSL using htt...
I have been looking around to figure out how to configure Glassfish front ended with Apache. And most of the tutorials using the load balancing plug in is making me enable SSL on Apache. I am trying to understand the connection. I should be able to do non SSL communications when I dont have a need for SSL. ...
Hi, I want to make a POST to a php-written Web Service that sits on a secure connection. The following code is just a test console app I wrote after a few hours of trial and error. Essentially, I found out a few different methods to use HttpWebRequest, but all of them are the same thing. Testing my URI with 'http' on a web browser, sh...
Hi, I am looking for connecting TcpClient over SSL. I am using .Net compact framework 1.0. Is there is opensource (or commercial) library that provides functionality similar to System.Net.Sockets.TcpClient but over ssl. Thanks, Kishore. ...
I want to lock down my website so that the end customer cannot change the standard web pages(aspx). I have investigated code signing and digital certificates. But that is more suited for the dlls and executables, and not to the aspx/html pages themselves. Is this possible? If so, please provide me some links. Thanks, Murali ...
Hi, After wasting two days with this question (and trying to make it work), I've decided to take a step back and ask a more basic question, because apparently there's something I don't know or I'm doing wrong. The requirements are simple, I need to make an HTTP post (passing a few values) over https from C#. The website (if given the...
I am looking for a way to retrieve the certificate chain of a targeted server. I already have code that lets me grab the server certificate that is presented when I connected, but I would also like the option of pulling each sub-certificate in the chain all the way to the root. Here's the code I use to get the target server's public k...
I've heard that Japan has a law that stipulates that all pages that contain forms with personal information must be SSL-encrypted. For example, under this law, a simple contact form with a "name" and "email address" fields would need to be encrypted. Is this true? Does anyone have a link to the details of this law (japanese language...
The overall goal here is to have jetty be configured with a client certificate to be able to call a secure SOAP web service. Does anyone know how to configure Jetty to accept a client certificate (*.cer) ? Update: I did not find an easy way to implement a solution to my problem/question, but the sole answer here technically is correct!...
Please help me understand how the process goes. I understand that web browsers contain root certificates for certificate authorities (CAs) like verisign, Entrust, Comodo .. etc, but what exactly happens when a user accesses a secure page? Does the web browser send a request to the server of the CA to verify the ceriticate or it just uses...
I have a WCF web service, currently served over WSHttpBinding endpoint with Transport security and Windows client credential type. The service is hosted on top of IIS 5.1 with SSL configured using a certificate from the domain certificate authority. IIS itself runs with the identity of [email protected] on a domain computer. Anonymous acce...
I'm POSTing data to a HTTPS server using libcurl compiled with openssl using Visual Studio 2008 in windows and it all works fine with CURLOPT_SSL_VERIFYPEER set to 0. I've tried following http://curl.haxx.se/docs/sslcerts.html and just about every "SSL and SECURITY OPTIONS" option in the manual. I'm wondering what the right combination o...
I am working on a SSL client server program and I have to reuse the following method. private boolean postMessage(String message){ try{ String serverURLS = getRecipientURL(message); serverURLS = "https:\\\\abc.my.domain.com:55555\\update"; if (serverURLS != null){ serverURL = new URL(serverURLS); ...
In a testing environment, I self-signed a cert and installed it on a web site in IIS 6. This is using .NET 2.0. Cert seems fine (minus the fact that client services don't fully trust it as one would expect). I can do whatever I want to by hitting the site locally from the server on HTTPS or HTTP. The problem is coming in when accessing ...
I am trying in code to access a URL running on IIS (6 or 7) and in it find out what is the SSL certificate and specifically who the certificate was issued to. Usually this is the url of the site if the certificate is valid. However, in my case I want to get the information from an internal IP that is behind the loadbalancer so I cannot c...
Over the weekend we added SSL security to a Tomcat 6 instance that has been running for awhile without error. This morning, after the number of sessions increased on the machine, Tomcat began throwing 500 errors to users. I checked the logs and found an instance of OutOfMemory, followed by dozens of errors related to Google Guice attem...
Hi all, I'm looking to do a partial SSL site in rails. I basically want to protect the user actions behind SSL, but nothing else. Anyone know of a plugin or gem that makes this simple and efficient? ...
I need a Reverse Proxy to front both Lablz Web server and SSL VPN Adito (SSL Explorer fork) by sitting on one IP/port. Failed to achieve that with Nginx. Failed to use Adito as a generic reverse HTTP proxy. Can HAProxy fall back to being a TCP proxy if it does not sense HTTP traffic? In other words can it fall back to Layer 4 if its Lay...