Since the latest version of NSS does not provide the SSLSample program, I copied the folder SSLSample from the older version of NSS (3.9, 3.12) to the /security/nss/cmd folder inside nss-3.12.4 . When I run make nss_build_all in my 3.12.4, the other programs generated its own binary but not my SSLSample folder. I would like to know wh...
I have an ASP.NET application that calls other web services through SSL (outside the application). I simply added a web reference (https://url/some.asmx) and used the web services and it works well. However, my questions are, how is the connection (channel) managed? is the connection to web services dropped after each web services call? ...
I'm trying to send emails from a python script with smtplib, and it works with no problems with smtp through Exchange 2003, but with Exchange 2007 shows: SMTPException: No suitable authentication method found. Python code is the same in both cases (except server and login information of course). I'm passing username and password in a...
We are hosting a JEE Application running on JBoss. For security reasons this application that should be available on the internet is protected with a front-end Apache server. We are using AJP to enable this. This works fine when we access the application through http. When we try to do this with https, it doesn't work, we get a 404 erro...
I'm trying to use Hudson (which uses SVNKit) to access a Subversion repository that requires a client certificate to access it. I can access the same repository using the same client certificate via Eclipse (also using SVNKit). When Hudson tries to check out the repository, it fails with: org.tmatesoft.svn.core.SVNException: svn: Recei...
Hey everyone, I have an application that allows the user to download a csv. This works great when not using SSL. However, when using a secure connection I get the "Internet Explorer was not able to open this Internet Site". I know that the problem has to do with my HttpCaching policy. The following MS Support document explains the issue...
Hi, i want to have both an Apache and a Game Server to be reachable on port 443 of the same IP address. The game server connection is a normal TCP connection that is established when the client logs in and stays open until the client logs out, perhaps hours later. At first I though about using mod_proxy in reversed mode and let the cl...
Consider the following sample code which uses a TrustManager to log whether an outgoing connection used a valid certificate (but accept the connection in all cases): import java.security.*; import java.security.cert.*; import javax.net.ssl.*; public class CertChecker implements X509TrustManager { private final X509TrustManager def...
We have a very simple ASP.NET web application comprising mostly static content and a single form which we want to protect with SSL. The secured page is in its own folder, but it inherits from an unsecured master page, and it shares some other resources (the logo, css file and some pictures) with the rest of the website. The site is hoste...
I have created a self-signed certificate on my server. Now I need to import the certificate to the trust store so that the application . If it was Tomcat, I would put it here: %JAVA_HOME%\jre\lib\security\cacerts Where is the equivalent in JBoss? Where should I look? ...
Hi all, I am using NSStream with SSL property for socket connection. It works fine when I use the local IP address such as 192.168.1.77. But if I use any server like www.xyz.com (it has SecurityLevelTLSv1), it shows an error error code:-9843, Message:Operation could not be completed. (NSUnknownErrorDomain error -9843.) Here is my code: ...
I'm wondering if there are any demo sites which show different cases where HTTPS is misconfigured or broken. Or does anyone know of websites in the wild that display various broken / misconfigured HTTPS cases? ... Perhaps ideas on how to track them down with a search engine? I'm looking for sites which exhibit broken https behaviors, for...
I'm having trouble enabling the socket transport "ssl" in PHP. When I run my script, I get the error: Warning: fsockopen() [function.fsockopen]: unable to connect to ssl://www.my.site.com:443 (Unable to find the socket transport "ssl" - did you forget to enable it when you configured PHP?) I'm running IIS6 on Windows and...
I am using a master page layout etc, so all the pages have some parts of it coming from one master page or another. Now, checkout is one of these pages, and it needs to be secure. In my master page, I am using relative path to images and Url's, and these images end up with "http". I thought that if I am using relative path, my master ...
Suppose you have a mutual SSL service, which in addition to the SSL, has application authentication. Thus, clients provide certificates (as well as servers), but the client request (e.g., REST request) also contains a username/password which the back-end application server authenticates with. In terms of the "degree" of client authen...
Hi All, I have many servers which SSL. Now anyone working with SSL and hundereds of servers will know the pain of renwewal and distribution of SSL certificates. I want to automate this whole process(renewal and distribution). Is there any open source product that can do this or any perl module that could assist me in doing this? Than...
What is the best starting point to learn connecting to ssl web services by iphone? Until now i did some basic connections over http via SOAP etc. but i have no experience on https. Any good sources, tutorials, starting references, "use nsurl...class"s are appreciated ...
If I screen scrape a form from a site secured with SSL, and put that form on my site (which is also secured by SSL), do I still get the benefits of SSL? ...
Hi I have a really weird issue with Java and SSL certificates. Hope someone can help. A web is running in a cluster of 3 identical servers All servers contain "Application A" which is a JSR-168 portlet. "Application A" uses a web service that runs on httpS://webservices.domain.com/ "Application B" also uses a web service on httpS://w...
Hi, I have created a RESTful Service and implemented the Authentication. It accepts username and password and then grants access to the service requested. It Works fine. Now I want to use SSL on top of my Service. For this I Created Certificate, Then In IIS I gave the required settings. But my service is not working. I am using webHttp...