I'm trying to use a RESTful web service in Adobe AIR. The service uses client side certificates for authentication, thus I need to set the cert and private key used by AIR/Actionscript's URLRequest when connecting to this RESTful service. Is setting the Cert/Private Key possible in Adobe AIR? I did find some documentation from Adobe p...
I am building an app with Ruby on Rails which allows users to sign up and create their own subdomain: joebloggs.myapp.com So at the very least I need a wildcard SSL certificate to handle when users are passing sensitive data (authentication, payment etc). In addition, we are allowing users who want to, to map their own domain to thei...
Does anybody has a WebLogic 8.1 two-way SSL full example? I am developing a small web application (1 HTML, 1 Servlet, 1 JSP) to send confidential data. The client could be a web browser. The server is WebLogic 8.1. The information should travel encrypted. Besides, the web application needs to authenticate the client, using more than a ...
I am using the IBM Websphere Everyplace Micro Environment JVM on a Windows Mobile 6 device. My application uses HTTPS connections and I have everything set up appropriately to use the J9JSSE package for SSL/TLS. Some messages that are being transmitted on the HTTPS connection are getting through just fine, but others are causing an exc...
I am trying to bind to AD with php_ldap (using ADLdap), from a Ubuntu (hardy 8.04LTS) host. Binding on port 389 is fine to ldap://myserver, but does not allow me to do things like set password, so I need to bind on port 636 to ldaps://myserver. I am aware that some form of credential passing occurs, perhaps with certificates, but I am r...
Here's the scenario: I need to connect to a web site to retrieve electronic lab results formatted in XML. In order to connect, I need to use a digital certificate. I've been able to get a version of this working in Perl. It looks like this: #!/usr/bin/env perl use strict; use WWW::Mechanize; $|++; my $username = 'xxx'; my $password...
I'm trying to get SSL, WCF and REST under Azure, but the page won't even load. Here are the steps I followed: 1) I mapped the www.mydomain.com CNAME to my azuresite.cloudapp.net 2) I procured an SSL certificate for www.mydomain.com and properly installed it at my azuresite.cloudapp.net hosted service project 3) I deployed my WCF REST...
Hi all... I have to build a small webapp for a company to maintain their business data... Only those within the company will be using it, but we are planning to host it in public domain, so that the employees can connect to app from various locations. (Till now I have built web apps that are hosted internally only) I'm wondering whe...
Erlang version: R13B01 Currently I'm struggling trying to make Erlang work with SSL. The programming part was easy, but now starting the system SSL-enabled is not. Following the Erlang SSL documentation: 1 - Made the start_ssl.rel file {release, {"OTP APN 181 01","R13B01"}, {erts, "5.7.2"}, [{kernel,"2.13.2"}, {stdlib,"1.16.2"}, ...
Hello all I'm trying to issue a simple request to a protected wsdl and web service using ssl, client certificates and basic authentication. Here's the code require 'savon' client = Savon::Client.new "https://example.com/service?wsdl" client.request.http.ssl_client_auth( :cert => OpenSSL::X509::Certificate.new(File.read("cert.pem")), ...
Hi, I'm using a third party web service. In order for my users to be able to access their third party account, they need to log in. I provide the interface for them to log in to the third party site from my site. My question is, do I need a SSL certificate if the webservice already provides one? The webservice has a special Login metho...
I have a self-signed certificate at the endpoint of my API. I'm trying to test some things using the simulator but am getting "untrusted server certificate". I have tried to use safari on the simulator to download the .crt file, but that doesn't seem to work. Where does iPhone Simulator get its keychain from? How can I add a trusted ...
Hello! What is the best value for SSLProtocol parameter in Tomcat APR config? Docs says: "Protocol which may be used for communicating with clients. The default is "all", with other acceptable values being "SSLv2", "SSLv3", "TLSv1", and "SSLv2+SSLv3"." At first I've made a mistake and actually had SSL2 enabled which caused problems to ...
I am developing a mobile application that is to run on a Windows Mobile PDA. The application is written in Java and to run it we are using the J9 JVM from IBM. The application communicates with an Apache Tomcat server over HTTP and we are trying to set it up now to use SSL. I have generated public/private keys for both the client and ...
Hi there! We have a secure website (SSL) in which we want to make calls to google's map server. The map server is http not https and every time there is a refresh of this screen (every minute for us) IE pops up its annoying mixed content message (trying to view a site with secure and non-secure info). What I am looking for is a way ar...
I am writing an application that uses NSStream's SSL functions on the iphone. I know that SSL is working because I can directly connect servers using SSL. I have encountered a problem where protocols that use starttls require me to communicate on the socket with unsecured, send the starttls command and then reuse the same socket for SSL....
I'm running a server that requires a blacklist of weak cipher suites. So which of the following are weak? http://java.sun.com/javase/6/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider ...
When both of the following conditions are true: 1.The page was delivered over HTTPS 2.The page was delivered with headers or a META tag that prevents caching ...the Autocomplete feature is disabled, regardless of the existence or value of the Autocomplete attribute. This remark applies to IE5, IE6, IE7, and IE8. See http://msdn.micro...
Hello everyone. I'm creating a Java client program that will be sending sensitive information to a Tomcat server. So I need to use SSL Connection so information will be encrypted. I need to use self-signed untrusted certificate but having problems making connection from java client. I have successfully setup Tomcat 5.5 to use SSL and ...
The other day I noticed that if I run IEInspector's HttpAnalyser and capture the post data when logging into my bank account or amazon account the post data shows my user name and password in the clear. This is a little concerning. Does anyone know at what point the SSL encryption takes place? This I assume would mean that any softwar...