I've got a single directory in my ASP.Net website that I need to have SSL Enabled. For all other directories, I don't want SSL Enabled. Using IIS, I've checked the Require secure channel (SS) and 128-bit encryption checkboxes for the folder I want to require SSL. Now, when a user types in "http://", for my secure directory, I want to ...
Hey all, I'm interested in ensuring that a couple of pages in a webapp are only accessible via https, but I don't want to authenticate the users. Can I do this declaratively with security-constraints. or do I need to do something programmatically? Any help appreciated, thanks folks (Tomcat 5.5, servlet spec 2.3 - it's a legacy thing....
I'm trying to connect to google documents (following Marco Cantu's excellent REST example) but I am getting the following SSL errors: 1) If I use the SSL dlls from openssl-0.9.8i-i386-win32.zip I get the error: "Could not load SSL library" 2) If I use the SSL dlls from indy_OpenSSL096m.zip I get the error: "Error connecting with SSL"...
I need to create a secure channel between my server and a remote web service. I'll be using HTTPS with a client certificate. I'll also need to validate the certificate presented by the remote service. How can I use my own client certificate with urllib2? What will I need to do in my code to ensure that the remote certificate is corre...
Hello folks! I have managed to get authentication at least partly set up but am mystified as to why security isn't working... In my httpd.conf file for ssl I have.... <Directory /usr/local/apache2.2/cgi-bin/oia> SSLRequireSSL Satisfy All AuthType basic AuthName "Protected Intranet Area" AuthUserFile conf/.pas...
I installed curl using synaptic package manager on my Ubuntu machine. However it didn't installed with ssl enabled. When i do curl-config --protocols, it does not show HTTPS. I want to install curl with ssl enabled. If i do it manually by downloading curl and then compiling it with "--with-ssl" flag and then recompiling my PHP with "-w...
I connect to my web service, which hosted by IIS 6, using certificates and SSL, and for some reason, I get 400 (bad request) error code. When I looked on trace.axd, I can see the POST request, but I cannot see the true reason for the error. I have some questions: 1. If I see the post request, can I be sure that the problem isn't with SSL...
I'm programming a PHP site with Paypal integration and I've stumbled into a problem with the return url. I need users to be returned back to a specific url on my site after in the final step. I have things in my session variables that need to be moved into a database. The problem is, the Paypal secure form that has the "return" button ...
I'm writing a gSoap client application against a service that has both standard http and https versions. Everything I've written so far works fine with the http service, but when I switch over to the https service, suddenly I'm getting errors. The only change I made to the code for https support was to add the following on startup: s...
I am having an issue where all my js files that are loaded on a ssl page break in IE 8. Is there a technique to load them to work in all browsers and whether the page is secure or not? ...
I am adding a new SSL specific error code inside SSLerrs.h in Mozilla NSS. My question is, which file that contains the html page for that error? Because I need to modify the page too - to add my own messages. Thanks. ...
We're adding a second web server for redundancy and load sharing purposes. All connections are mandated to be SSL, and adding a dedicated appliance is not possible at this moment. I'd like to use round robin DNS, where both servers answer to the same domain using different IPs (we have a wildcard SSL certificate, so that's OK). I can ge...
In Firefox, I would like to know which code/file that is triggering the ssl_error_ssl_disabled error message? I want to look at the code that triggers this error message .. This is because, I add a new error messagge in my libssl3.so (compiled from nss), and paste it into /usr/lib, but somehow when I intentionally disable my ssl inside ...
Hello, I have no clue how to make an FTPS (FTP over SSL) on the iPhone. I would like to use the following code ftpStream = CFWriteStreamCreateWithFTPURL(NULL, (CFURLRef) url); CFWriteStreamSetProperty(ftpStream, kCFStreamPropertyFTPUserName,username); CFWriteStreamSetProperty(ftpStream, kCFStreamPropertyFTPPassword,password); self.netw...
I provide SSL pages on my web server, and I have a question. What is the difference between SSLCACertificateFile and SSLCertificateChainFile? When I use SSLCertificateChainFile, I got warnings from Japanese cellular phone browser, but when I use PC browser(like IE, FF), there was no problem. On the other hand, SSLCACertificateFile didn'...
I use the IE PrintTemplate to add custom page header/footer. The print template sample I found in Beyond Print Preview: Print Customization for Internet Explorer 5.5. But over SSL when the bowser renders following tag <IE:LAYOUTRECT ID='layoutrect1' CONTENTSRC='document' ONLAYOUTCOMPLETE='OnRectComplete()' NEXTRECT='layoutrect2' CLASS='...
Hi Everybody! I'm having some trouble with two web applications that communicate each other using WCF Services. This is my scenario: Web Application "A" is deployed in a server of the corporate intranet and part of domain "intranet" Web Application "B" is deployed in a server of the DMZ, exposed to internet and part of domain "extrane...
I am wondering if it is possible to embed a YouTube video on a https website. As far as I can tell YouTube videos can only be embedded with the http:// protocol. Is there a way to embed them on a page without Firefox throwing an error? ...
Whenever I see it being talked about, it sounds like one simply 'turns on' SSL and then all requests/responses to/from an online server are magically secure. Is that right? Is SSL just about code - can I write two apps and make them communicate via SSL, or do you have to somehow register/certificate them externally? ...
I'm having a heck of a time trying to figure this one out. I've got a simple YouTube API client put together, written in Flex, that uses a plain ol' URLRequest object to handle Google's "ClientLogin" authentication scheme. Everything works perfectly, except for one case: when Google responds with a 403 and a response body indicating ...