Edit Thanks for the suggestions; to clarify, we already use SSL, but that doesn't generally authenticate the requesting party, merely the responding party (IIRC?). I'll look into the other ideas right away, thanks for the brainstorm! Background The organization I work for has a heterogeneous bunch of servers providing various service...
Have a webservice call from within a c# windows service. Service is behind an SSL cert. Certificate was registered into trusted root (password provided by provider). Problem is that from the development machine verything works perfectly but once deployed onto production server, we keep on getting a 403 error. Can browse to the service...
I recently inherited a Rails site that uses ActiveMerchant for e-commerce transactions through CyberSource as a merchant gateway. A few days ago, I received an email from CyberSource informing me that CyberSource's SSL authority, Entrust, is mandating the use of higher-strength SSL certificates, and that in order for SOAP API calls to b...
I'm using apache to validate the certificate revocation on multiple client certificates. Many of the certificates are under different CA hierarchies. Normally this is situation is handled by the oscp aia location. However, One of the contraints is that some of the certs do not have ocsp aia locations in their extensions. Therefore in ap...
The problem I am having is with a small number of users they can't POST form data larger then around 800 bytes to our server, but this size doesn't appear to be consistent. The browser just sits there for a while and eventually times out. Small POST data works fine though. The problem also occurs when using GET instead of POST. This p...
I have a form on a page that is shown via https:// as follows: <form id="memberslogin_form" name="memberslogin_form"> <fieldset> <legend>Login</legend> <div> <label for="membershipId">Membership number</label> <input type="text" class="field" name="membershipId" id="membershipId""/> </div> <div> <label for="memberPassword">Pas...
Hello, I currently have a webHttp binding WCF restful service, it works great over http, I can make Post of large sizes due to my webconfig settings, now I am trying to use it over https (ssl), now my gets work fine, but my posts dont, it doesnt work when the file size is over a certain amount, i was wondering why this could be since ...
A have a Perl cron job that recently started having its HTTPS connections start failing with an error of "500 SSL read timeout". I've tracked that the error is being thrown as part of an alarm in Crypt::SSLeay, but I don't know if this is simply something taking too long to respond. So far, I've adjusted the timeout from the default 30...
Can SSL sockets be used to identify clients? What i am thinking of is, can i configure an SSL socket to only accept connections from clients that have a certificate that i create beforehand? ...
I'm writing a small program with the OpenSSL library that is suppose to establish a connection with an SSLv3 server. This server dispenses a self-signed certificate, which causes the handshake to fail with this message: "sslv3 alert handshake failure, self signed certificate in certificate chain." Is there a way I can force the connecti...
I am trying to create a Confluence plugin. I have been following theses instructions. However when I run the atlas-create-confluence-plugin command maven throws SSL errors trying to get resource from https://m2proxy.atlassian.com/repository/public/. Do I need to change a setting in my configuration? System setup: Windows Vista, wit...
The Google App Engine Launcher tells me: WARNING appengine_rpc.py:399 ssl module not found. Without the ssl module, the identity of the remote host cannot be verified, and connections may NOT be secure. To fix this, please install the ssl module from http://pypi.python.org/pypi/ssl . I downloaded the package and it contained ...
I've got a java applet that loads some pre-installed native code extensions to display custom content in the browser. Some of this content may include native code to be loaded by the JVM. Obviously, this is a security concern. I'd like to enforce that all content comes only from authorized servers. The path I've been following to acco...
I need to connect to a host, if it's off-line I get a TCP timeout (and it's ok), and if it's online with SSL available, I proceed to the logon phase. The problem is, when the server is online, accepts connection on the configured TCP port, but then doesn't answer to SSL handshake, our application waits indefinitely for an answer. I'm u...
What would cause this strange error when trying to use the poplib.POP3_SSL class. Traceback (most recent call last): File "test.py", line 131, in <module> M = poplib.POP3_SSL('XXXXXXXX', 995) AttributeError: 'module' object has no attribute 'POP3_SSL' My environment is Python 2.6, REHL5 I've never run into this problem before a...
My goal is to deploy a simple rails application on a windows server using the glassfish gem. I have no trouble getting the glassfish gem to work with regular http, however I now need to add SSL security and I cannot find any links on how to enable https in the glassfish gem. Has anyone succeeded in setting up the glassfish gem to supp...
Using the below code to test an ssl connection over RMI: public class HelloImpl extends UnicastRemoteObject implements Hello { public HelloImpl() throws RemoteException { super(0, new SslRMIClientSocketFactory(), new SslRMIServerSocketFactory()); } public String sayHello() { return "Hello World!"; } p...
Moved to ServerFault: Apahe configuration with virtual hosts and SSL on a local network I'm trying to setup my local Apache configuration like so: http://localhost/ should serve ~/ http://development.somedomain.co.nz/ should serve ~/sites/development.somedomain.co.nz/ https://development.assldomain.co.nz/ should serve ~/sites/develop...
One of the requirements of our Joomla backend admin session is to encode the user's IP within the cookie to prevent replay attacks. If I implemented SSL for the admin session, would this solve this issue? ...
I really hope someone knows what I'm doing wrong here, cuz I sure don't! We have a certain page on our site which has account balance information on it, and we want to make it secure with SSL. But we only want this one particular page to be secure. I have the following in the localhost:80 virtualhost, and it works perfect: RewriteCon...