hello guys, I'm figthing for hours now to figure out this problem. I have a wcf service that I host on II7, all works fine when I use the normal http protocol. I added SSL capabilites and since then I cannot access it from code. I can create a client but cannot run any of its methods. here is what I have <system.serviceModel> ...
I'm calling a method on a web service from behind a proxy server using the following code: myWebService.TestWebService webservice = new myWebService.TestWebService(); webservice.Url = "http://test.com/webservice?wsdl"; WebProxy proxy = new WebProxy("1.2.3.4", 8080); proxy.Credentials = new NetworkCredential("username", "password"); web...
Hi, Our customer has asked that our application be able to communicate through HTTPS. The application itself is a C#.NET application, a client/server/database sort of application. My understanding from my programmer is that this is an additional layer of unnecessary encryption, but because our customer has asked for it we're going to ...
I recently migrated my web services from Axis to CXF (2.1). It appears that while Axis needed the "axis.socketSecureFactory" set, CXF grabs the default. How do I set the default SocketFactory in Java to my own implementation (such as a property)? What I am not looking to do is to set the default SocketFactory properties like setting t...
Most mail clients that support SSL/TLS only require the user to say whether or not SSL should be enabled. The user doesn't have to know anything about Explicit & Implicit SSL and the differences between them. So, how does the mail client determine which type of SSL to use? Is it based on default port numbers? Does it just try one and th...
Hello, I've just started learning SSL and boy is it confusing Q1 - How long does SSL connection between a client and server persist? Until client surfs to some other URL or…? Q2 A) Assume a client (browser) establishes a SSL connection with a IIS server. Now how does IIS figure out on each postback that it is dealing with sa...
This is probably a stupid question, but how much of a security risk is it to set my web server ssl configuration (e.g. keystore password) via System.setProperty... If I did something like: System.setProperty("javax.net.keyStorePassword", "password"); Is that likely to cause a security problem? Is there a way to safeguard against t...
I am new to php and I am getting this error trying to load a cert jameys-macbookpro41:~ user$ php -f ~/Sites/providerService.php Warning: stream_socket_client(): Unable to set local cert chain file `cert.pem'; Check that your cafile/capath settings include details of your certificate and its issuer in /Users/jamey/Sites/providerServic...
I have recently been working on a C# application that calls a webservice over SSL and handles the certificate security using a delegate for the ServerCertificateValidationCallback event like so: System.Net.ServicePointManager.ServerCertificateValidationCallback += delegate(object certsender, X509Certificate certificate, X509Chai...
I'm trying to use the HttpListener class in a C# application to have a mini webserver serve content over SSL. In order to do this I need to use the httpcfg tool. I have a .pfx file with my public and private key pair. If I import this key pair manually using mmc into the local machine store, everything works fine. However, if I impor...
I'm doing something in Java SE that would require me to use SSL in an unusual way. The required steps would be something like: Establish an SSL session; Exchange some private information; Renegotiate connection parameters to stop using cryptographic operations. I haven't found in the Java API a way to to this. I believe that the prob...
Hello, A) Can you, at the server side, enforce SSL connection ( via selecting Require Secure Channel option ) only per web application, or can you also enforce it per virtual directory or even only per web page? B) How exactly does enforcing SSL connection work? That if users specify http instead of https protocol ( in requested U...
Is there any recommendation or limit to the number of IPs one can bind to a website in IIS7? I have a website that is bound to several IPs (each has it's own SSL certificate) and it seems like the SSL processing on it is becoming really slow ...
I need to determine the expiration date of the SSL certificates on my IIS boxes programatically. Ideally I would want to do this in C#, but if VB script is the only way that is acceptable as well. Environment => IIS versions 6 & 7, .NET 2.0, Windows 2003 & 2008 Thanks ...
Hi, I'm trying to read from a secure (i.e. SSL) web page, in Java code. I'm trying to use both URLConnection (java.net) and Apache's HTTPClient. In both cases, when I make the request, I get this exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.securit...
Hey All, I'm trying to reproduce a production system locally but I having issues using the services. I have set up the local instance of the server as close as I can to the production server but my local client will not work with it. However the same client on my local machine works fine with the production instance. In order to use ...
I don't know if this is a question more suited for Serverfault.com, really depends on the answer, but I have followed this tutorial in .NET C# to setup a WCF service under 'wsHttpBinding' (Transport Security & Certificate Authentication), I have created a test development certificate using the methods described here and I have also confi...
Where can I find the windows certificate store location on the hard drive for server 2003. I am coding a c# utility for managing few certificates we use to notify when they are expiring. So, I choose to store them in the windows certificate store. Instead of using any existing location(Personal...) that I see in MMC I would like to creat...
If I create a SslStream instance like this: secureStream = new SslStream(stream, true, tlsRemoteCallback, tlsLocalCallback); And then I use one of the AuthenticateAsServer or BeginAuthenticateAsServer methods, is it at all possible for the LocalCertificateSelectionCallback (tlsLocalCallback) to be invoked? And if so, how? I'm under ...
When I try to create a soap object, I get a fault when I first initialize the class. I can't set driver.options["protocol.http.ssl_config.verify_mode"] = OpenSSL::SSL::VERIFY_NONE because its already faulted. Any ideas? require 'soap/wsdlDriver' => [] wsdl = "https://somesiteinhttps.com" driver = SOAP::WSDLDriverFact...