ssl

Configure multiple keystores in JBoss depending on requested hostname

Hello, I have my J2EE application deployed into a JBossAS. My Application has to respond to two different hostnames (https://foo.com/myApp and https://bar.com/myApp). It is the same instance of the app serving those two hostnames. But I don't know how to configure the keystores. I need different keystores for each hostname. Is there a ...

ActiveMQ over SSL to a .Net client

Does anyone know if it's possible to connect a c# client to an ActiveMQ instance over SSL using the Spring.Messaging.Nms library? Or if not using Nms then some other library? Many thanks ...

Why does firefox say "connection partially encrypted" on this page?

Here's the page: https://www.testmasters.net/test/ssltest2.aspx When I go to it (in firefox or chrome), it says "connection partially encrypted". But all references to objects are https and not http as far as I can tell. What's odd is that if you remove the RequiredFieldValidator, the page works fine. Here's the source (ASP.NET 3.5): ...

SSL Issues with IntraWeb - Delphi 2007

I've been trying to SSL working on my IW program for the last little while and I keep running up against the 'Could not load SSL Library'. I've followed every piece of advice I could find on the subject, but still no joy. I've tried the suggested DLLs in both the local directory and in system32. Does anyone have a definitive answer abou...

How can I convert a SSL certificate from PEM to DER and keep the private key?

Backstory: I have a PKCS#12 (p12) certificate with a symmetric cipher (password) that I used OpenSSL to convert to a PEM; opening that as text I see it contains both a BEGIN/END CERTIFICATE section as well as BEGIN/END RSA PRIVATE KEY. The .NET Framework X509Certificate class only supports the "ASN.1 DER" format, so I used OpenSSL to co...

AIX: IBM Java: java.net.SocketException: Connection timed out:could be due to invalid address

We have seen the following exceptions very frequently on IBM AIX when attempting to make an SSL connection to our server: java.net.SocketException: Socket closed at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275(Compiled Code)) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275(Compiled Code)) at java.io.BufferedO...

Dealing with SEC_I_RENEGOTIATE and TLS1_ALERT_NO_RENEGOTIATION in SChannel

I'm working with SChannel at the moment for an async (IOCP) based server and I've got most things working fine but I'm having a problem with renegotiation. Specifically, when peer A sends peer B a request to renegotiate and peer B responds with an TLS1 'NO RENEGOTIATION' alert how does peer A continue? I seem to have an invalid context a...

How do you configure Apache on Windows for SSL?

Apache just fails to start with NO error message when we try to reboot it after enabling the code for the ssl module. NOTE: I was able to use OpenSSL to generate a request and have a legit wildcard certificate in place and referenced in the httpd.conf ...

HttpWebRequest to SSL fails

I'm using this code, to make a request to a given URL: private static string GetWebRequestContent(string url) { string sid = String.Empty; HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create(url); req.KeepAlive = false; using (HttpWebResponse res = (HttpWebResponse)req.GetResponse()) { using (StreamReader sr = new...

IIS v7 disabling SSL v 2.0

I am attempting to disable SSL v2.0 protocol on IIS 7. The following article refers to IIS v6: http://support.microsoft.com/kb/187498 It doesn't seem to apply because the only protocol listed in the registry is SSL 2.0 (not all the others) and the setting "DisabledByDefault=1" is already in there, which would seem to imply that it is d...

Is there any way to configure multiple SSL sites on the same server without a wildcard certificate?

I've set up multiple ssl sites on iis using Servier Bindings as per this article: http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/8d9f2a8f-cd23-448c-b2c7-f4e87b9e2d2c.mspx?mfr=true I have two different ssl certs for the two sites installed but when I browse to either site I get the same certificate. Is there a...

AJAX, Subdomains, and SSL

I have a site, foo.com, that makes ajax requests to bar.foo.com. Will this work. Also, if foo is a secure connection, https, does bar.foo.com need to be https too? Can these two sites use different certificates? ...

Windows FTP Server with XCRC and SSL (Other than CuteFTP SS)

I am currently using CuteFTP Secure Sever 3.3 but it has problems. It seems to muck up connection management, drop connections occasionally and die on large files. I am looking for a replacement that supports XCRC because I use the Synchronize Folders function in the CuteFTP client. I would prefer to detect file similarity by XCRC rat...

How to extracts additional info from SSL certificate to allow access to WebService client on WAS

For explaining my situation, I will start with an example. Let's say there are two WS(WebService) clients A & B with trusted certificates. Now in normal excecution when both A & B make a call to WAS(Websphere application server) through SSL where my WebServices reside, WAS trusts both of them because of their trusted certificates and alo...

Download xml.gz file with HttpsURLConnection

Hello. I am trying to download an xml.gz file from a remote server with HttpsURLConnection in java, but I am getting an empty response. Here is a sample of my code: URL server = new URL("https://www.myurl.com/path/sample_file.xml.gz"); HttpsURLConnection connection = (HttpsURLConnection)server.openConnection(); connection.connect(); ...

Authenticating a Web Service

We are deploying our ASP.NET 3.5 app to a production server for beta testing. Each page is secured using SSL. On our homepage (default.aspx) we have web services which populate flash objects. I am getting an error: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from ...

Who sells the cheapest EV SSL certificate?

I want a SSL certificate for my web site that will not only be accepted without warning by all popular browsers (at least accepted by Firefox and Internet Explorer), but also give my visitors the green address bar. Which certificate authority is selling the least expensive extended validation SSL certificates? ...

http to https to http using mod_rewrite and IBM http server

Ok I have an apache IBM HTTP Server WAS 6.1 setup I have my certs correctly installed and can successfully load http and https pages. After a successful j_security_check authentication via https I want the now authorized page (and all subsequent pages) to load as http I want this all to work with mod_rewrite because I don't want to c...

Creating a TCP Client Connection with SSL

I'm trying to create a TCP connection and send/read data that uses SSL, but I haven't been able to successfully accomplish this. What I'd like to do is something like this: TcpClient _tcpClient = new TcpClient("host", 110); BinaryReader reader = new BinaryReader(new System.Net.Security.SslStream(_tcpClient.GetStream(),...

How to generate an SSL client certificate from a disconnected network?

I have a unique situation where I need to implement client certificate authentication over HTTPS between IE browser and IIS 6. The browser and IIS are separated by a firewall that only allows the browser to connect to IIS on the SSL port. We have an internal certificate server on the same network as IIS. I've generated an SSL server c...