How do I list / export private keys from a keystore?
How do I list and export a private key from a keystore? ...
ssl
SSL pages under ASP.NET MVC
How do I go about using HTTPS for some of the pages in my ASP.NET MVC based site? Steve Sanderson has a pretty good tutorial on how to do this in a DRY way on Preview 4 at: http://blog.codeville.net/2008/08/05/adding-httpsssl-support-to-aspnet-mvc-routing/ Is there a better / updated way with Preview 5?, ...
What's the difference between rapidSSL and geotrust certificates?
I want to buy a 128bit SSL certificate for a website selling services. I checked http://www.rapidssl.com/ssl-certificate-products/ssl-certificate.htm and http://www.geotrust.com/ssl/compare-ssl-certificates.html. Why are the prices for QuickSSL (Geotrust, $249) and RapidSSL (rapidSSL, $69) so different? Is there any particular reason for...
.NET client calling a java webservice -- (how to change the root namespace)
Currently we have a java webservice that we are trying to connect to via a .NET client. This is all done over SSL. Are there any well known gotchas as this seems to be a problem that has come up again and again. What are the most well known gotchas I should be looking for? The java web service is a SOAP/WSDL. There are no WS-* extension...
JDK/JRE source code with matching JSSE (SSL) source code and matching runnable JDK / JRE?
I have seen Where to find Java 6 JSSE/JCE Source Code? and asked the question myself How to get JRE/JDK with matching source? but I don't either of these was specific enough to get the answer I was really after, so I'm going to try a way more specific version of the question. Basically the problem that I am trying to solve is that I wou...
How do you get a System.Web.HttpWebRequest object to use SSL 2.0?
I don't know if I have all the information needed to phrase this question well, so bear with me. I have a local web page (local meaning 192.168.*) that is protected with a self-signed SSL cert. I'm trying to access this page using a System.Net.HttpWebRequest object, but I'm running into a weird problem. If this page is accessed in Inte...
Accepting client certificates from any CA
I am setting up support for users to sign in with client certificates. Unfortunately IIS refuses to acknowledge any certificate not chained to an installed CA (see this article). As the feature is implemented only for users´ convenience, it would be great to allow any client certificate. Is there any way to accomplish this? My server i...
Is there a way I can tell whether an SMTP server is expecting a client to connect using "implicit" SSL versus "explicit" SSL?
SSL can either be "explicit" or "implicit" as explained by this link: http://help.globalscape.com/help/secureserver2/Explicit_versus_implicit_SS.htm System.Net.Mail only support "explicit" SSL, as explained here: http://blogs.msdn.com/webdav_101/archive/2008/06/02/system-net-mail-with-ssl-to-authenticate-against-port-465.aspx So, I'm...
SSL Certificate no WWW Apache (ModRewrite) EV
ModRewrite can easily handle stripping the www off the front of my domain. In .htaccess: RewriteEngine On RewriteCond %{HTTPS} on RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L] RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^(.*)$ http://%1/$1 [R=301,L] But with SSL...
Setting up your first SSL page using PHP5
I would like to use a secure SSL login on my website! I have not used SSL before, so I am looking for some good reading. Can anyone tell me where I can find some sample code of SSL snippets or page code. (Not too technical) I do have a static IP My host is set-up to handle SSL Pages. Interested in: Basic page code. / Tree structure...
Have you noticed stray hits to your web pages that have no parameters?
We have a web application that passes parameters in the url along the lines of this: www.example.com/ViewCustomer?customer=3945 Reasonably often, we will see attempts to access just: www.example.com/ViewCustomer Or system logs this as invalid and sends back a "An error has occurred, contact support with trace number XXX" type page....
[C lib] Adding a TLS/SSL layer to communications..?
Hello everybody, My stuff is made with several components among which some are written in C. As I would like to add some security features, I am thinking of communicating over an SSL/TLS layer. Could you advise me some good lib to do this (if possible) ? ...
How to make parts of a website under SSL and the rest not?
I need to create a cherrypy main page that has a login area. I want the login area to be secure, but the rest of the page should not be so. How can I do this in CherryPy? Ideally, any suggestions will be compatible with http://tools.cherrypy.org/wiki/AuthenticationAndAccessRestrictions Thanks. ...
How are ssl certificates verified?
What is the series of steps needed to securely verify a ssl certificate? My (very limited) understanding is that when you visit an https site, the server sends a certificate to the client (the browser) and the browser gets the certificate's issuer information from that certificate, then uses that to contact the issuerer, and somehow com...
How secure is sending sensitive data over https?
I would like to ask you about your opinion guys. Is SSL secure enough for using sensitive data (like password) in query string? Is there any extra options to implement? thanks for any word.X. ...
SSL Certificate encryption vs cypher encryption
I just installed a SSL certificate. This certificate is encrypted with 2048 bit encryption. However, the cypher is 128 bit encryption(or 40, or some other variation depending on the browser.) It seems that there are two different types of encryption here. The "handshake" encryption of 2048 and the "over the wire" encryption of some mag...
Building libcurl with SSL support on Windows
Hi, I'm using libcurl in a Win32 C++ application. I have the curllib.vcproj project added to my solution and set my other projects to depend on it. How do I build it with SSL support enabled? ...
Ruby SOAP SSL Woes
I have a SOAP client in Ruby that I'm trying to get working with a Ruby SOAP server, to no avail. The client works fine over SSL with a Python SOAP server, but not with the Ruby version. Here's what the server looks like: require 'soap/rpc/standaloneServer' require 'soap/rpc/driver' require 'rubygems' require 'httpclient' def cert(file...
How to deploying a self signed SSL certificate to multiple servers
I need to create a self signed SSL certificate and the install the same certificate on two different web servers. For this specific scenario I have two web servers (Win2K3 w/ II6) in a network load balanced configuration. I have installed the IIS resource tool kit and can use the SelfSSL tool to make a certificate. However my confusion...
IE: Choose a digital certificate from a blank, empty list
I've created a web application that I've hosted with IIS 7 on a Windows Server 2008 machine. I've loaded a security certificate for secure.xxxxx.com. When I browse to the web site with Microsoft Internet Explorer, I get this prompt: Choose a digital certificate Identification The website you want to view requests identificati...