Does Automated SSL cert renewal work?
Does Automated SSL cert renewal work ? If so, are major companies using automated renewal? Are there any security risk involved in this? ...
ssl
C# SMTP Socket issues
I am writing an application which tests email addresses, for one part of this I need to send a small amount of data to an email address to validate it completely, I am currently using sockets to acomplish this. Whilst I was testing I used a friends SMTP server to test on, and my socket worked fine, but when I tried the same thing on a b...
SSL on a DotNetNuke portal
Hello everyone, I have a question. I have never worked with a DotNetNuke setup with SSL before. Our server has SSL set up correctly on the server via our hosting company. My question is, if I enable SSL on one of my DNN portals, are there any gotchas or settings I need to be aware of, assuming the server is set up correctly? ...
Enabling strong ciphers in Tomcat 5.
Hello. I am attempting to refine the suite of ciphers that my webapp allows. In Tomcat's server.xml I have the following connector defined: <Connector port="443" maxHttpHeaderSize="8192" maxThreads="3000" minSpareThreads="250" maxSpareThreads="500" enableLookups="false" disableUploadTimeout="true" acce...
SSL Handshake issue using Spring RESTTemplate
Im using the Spring RESTTemplate on the client side to make calls to a REST endpoint. The client in this case is a spring app and using Tomcat as the servlet container. I'm running into issues making a connection to a https endpoint. I am receiving the following error: org.springframework.web.client.ResourceAccessException: I/O error:...
SSL slowness in EC2
We've deployed our rails app to EC2. In our setup, we have two proxies on small instances behind round-robin DNS. These run nginx load balancers for a dynamically growing and shrinking farm of web servers. Each web server also runs nginx with a cluster of mongrels. The nginx here takes care of static content and load balancing the mo...
WSDL over SSL mode.
I have a simple web service that is going to be invoked over ssl mode (https://ipaddress%3Acompany/service/servicename?wsdl). so i created a keystore and truststore with sun jdk tool(keytool) and saved the in the server. But I still get the below error. Using metro webservice javax.net.ssl.SSLHandshakeException: sun.security.validator.V...
SSL and NIO Non-blocking Sockets
How do you recommend making a highly scalable SSL client? Currently, I'm using plain Sockets to connect to the Apple APNS server which requires a non-HTTP SSL sockets. I considered using the NIO library, but it is lacking a SSLSocketChannel, and I couldn't find a good library or a smooth tutorial on how to roll out your own. ...
What's the Ruby OpenSSL library equivalent of this command?
Hi all, what's the Ruby OpenSSL library equivalent of the following command? openssl pkcs12 -clcerts -nodes -in apns.p12 -out apns.pem I've been reading through the documentation that I could find, but it's so sparsely documented and I'm not having much luck with that. Thanks! ...
Open Source Library for sending emails via gmail (smtp.gmail.com) using SMPTS (TLS)
For a long time sending email uing SMTP (port 25) via a remote mail server (usually at the website hosting company) was easy to do with an application. Open a TCP port 25, send "HELO ..." etc To do this using googles email service is giving me a problem because they insist on using port 465 SMTPS ie SMTP with TLS encryption: http://en....
HTTPClient-java.net.SocketException: Unconnected sockets not implemented thrown
Iam using HTTPClient 4.0 to connect a remote server and transfer file using HTTPS. When i tried to connect i get the exception "java.net.SocketException: Unconnected sockets not implemented". Please look at the stack trace java.net.SocketException: Unconnected sockets not implemented at java.lang.Throwable.<init>(Throwable.java:196)...
What is a socket library?
While reading about OpenSSL I've stumbled upon sentence: "It would be nice if security was as simple as linking in a different socket library when building a program". What is this mentioned socket library? What is it used for (i.e. in Java or C#)? ...
How to setup a test HTTPS site under IIS
I have a WCF service that I would like to run on https:// how can I setup a test site on local host for this? ...
SSL WCF Could not establish trust relationshop
I have a WCF web service that works perfectly with an http address, but since then I've needed to make sure it works over https. Because I am using IIS 7, the process was pretty easy to get the web site https binding up and running using this guide here I opened up a browser, and got the usual security prompts, but everything worked f...
Obtain SSL information in PHP running as CGI
On many servers, PHP runs as CGI. This is an essential part of using suexec to run the scripts for each site as the user associated with the site. So giving up CGI is not appealing. But as I understand it the various values such as $_SERVER['SSL_CLIENT_S_DN_CN'] are not set when PHP runs as CGI. This is a pity, as it would be good to...
SSL_accept with blocking socket
I made a server with SSL and blocking sockets. When I connect with telnet (so it does not do the handshake), the SSL_accept blocks indefinitely and blocks every new handshake/accept (and by definition new connections). How can I solve this awful problem ? ...
ssl on login form?
I have SSL on my website....when the user logs in from a http page the form action is sent to https page, would this still secure the posted data? Or would it be better to have the form and the page it is posted to both SSL? Thanks ...
Can I use JS encryption instead of SSL for credit card payments?
Hi, I have an HTML form where people can make payments on my sites. Instead of using SSL, I'm wondering whether I could use a JS lib that would encrypt the credit card information and send it to the server in clear text but encrypted, than the server would decrypt it. I found several libs that do that, they basically ask for a key pair ...
direct http to https on certain pages?
Hi I have added the below code to .ht access but how can I add another page to this? such as login.php also if the user types in www. they get a "untrusted connection" as the SSL is only valid without the www. how could I fix this? Thanks RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.html RewriteRule (.*...
Should Sockets be secured
I am working on an update function for a pet project of mine, and was wondering if I need to spend the time to make sure my connections are secure? Basically the client sends the version number of the software on the users computer to a server, the server checks the users version against the latest version available, and if a newer vers...