I want to create a action filter that will check the url, and if its not using Ssl, redirect to the same page but with SSL. What is the best way of doing this? Should I just check the RawUrl, and scan the string for https, and if its not there then do: context.Response.Redirect(context.Request.RawUrl.Replace("http:", "https:")); ...
I have a asp.net mvc application. Some pages require SSL, is there a way to mimick ssl locally through cassini or IIS 7? Edit So I followed the directions for the answer below that linked to ScottGu's blog post. ...
Is it possible to configure a WebServiceTemplate with a java keystore? edit I'm looking for a way to configure the location of the keystore in the spring config ...
Hello! I'm using the latest indy snapshot (installed yesterday) and newest SSL libraries. When trying to send a mail using idSMTP, the first time the component connects, I get an exception: Could't load the SSL libraries . Funny thing is, a retry works always. Debugging I found that the problem is in IsSSLOpenSSLHeader, function ...
I have a problem with a keystore in pkcs12 format, which contains a private key I need to use to authenticate myself (using mutual authentication) to a remote SSL server. The keystore file can be read perfectly fine by Firefox, and when used, I can access the remote server without problems. However, my Java program does not work with t...
I have an interesting issue with HTTPS ports not being handled properly. It is a relatively small issue and I bet it is pretty simple to solve, I am just not thinking of it. We have a website served with IIS 6, www.mylongdomainname.com. We have a secure portal which is handled via https://www.mylongdomainname.com. Now we have several...
I have a socket server that I am trying to move over to SSL on python 2.5, but I've run into a snag with pyOpenSSL. I can't find any good tutorials on using it, so I'm operating largely on guesses. Here is how my server sets up the socket: ctx = SSL.Context(SSL.SSLv23_METHOD) ctx.use_privatekey_file ("mykey.pem") ctx.use_certificate_fi...
We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required. This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed. Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assu...
I am looking that chapter 8 of the RedHat, JBoss documentation. I am trying to setup Certificate Authentication as described on this page . On the page it says that the login-config file should have this in it: <application-policy name="jmx-console"> <authentication> <login-module code="org.jboss.security.auth.spi.BaseCe...
Hi, I have https on my site. Pages with rewritten URL in my site are inaccessible while direct urls (folders). here's the htaccess ## 2009-12-17 16:52 JGC [START] ## Enable http compression for this site <IfModule mod_deflate.c> SetOutputFilter DEFLATE ## Directive "DeflateCompressionLevel" not allowed in .htaccess, only valid in...
Hi, I recently created a Certificate Signing Request(CSR) and submitted. But it was rejected stating "CSR has a PKCS9 extension profile", does a CSR generated using OPEN SSL via XCA contain any profile information? Isn't CSR a very generic request? Thanks in advance. ...
I'm getting ready to finally deploy my first iPhone app. The app uses SSL to connect to a REST web service. While reading the docs on deploying the app to the app store, I came across some drivel regarding having to go through a 30 - 60 day government vetting process just to ship an app that simply connects to an HTTPS server. My questi...
Sorry ,my English is poor, I have never speak English after I leave the school. but now this problem have trouble me for a long days. My problem: when I open the website which the security certificate is wrong ,then IE8 show: =========================== There is a problem with this website's security certificate. The security certi...
I use apache/passenger on my development machine, but need to add SSL support (something which isn't exposed through the control panel). I've done this before in production, but for some reason I can't seem to get it work on OSX. The steps I've followed so far are from a default apache osx install: Install passenger and passenger pre...
I would like to learn the basics of digital certificates. Including how to create a self-signed certificate. Does anyone know a good introductory text about this? ...
I'm connecting to a HTTPS website with a self-signed certificate using a Java applet. The applet can't open the HTTPS connection - it returns the following exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unab...
I'm having trouble combining a url query parameter rewrite (fancy-url) with a .htaccess ssl redirection. My .htaccess file is currently: Options +FollowSymLinks Options -Indexes ServerSignature Off RewriteEngine on RewriteBase / # in https: process secure.html in https RewriteCond %{server_port} =443 RewriteCond $1 ^secure$ [NC] Rewri...
Hello there ! We've got here a problem of random disconnections between our Java apps and our PostgreSQL 8.3 server with a "bad record MAC" SSL error. We run Debian / Lenny on both side. On the client side, we see : main, WRITE: TLSv1 Application Data, length = 104 main, READ: TLSv1 Application Data, length = 24 main, READ: TLSv1 Appl...
Hi, I'm using an SSL certificate from geotrust. I just ordered and installed it this weekend. However when I try to access my website using https, firefox (and the other browsers as well) the browser warns that the certificate expired a few days ago. I guess there could be two reasons: I made a mistake during the installation of the c...
Is there a way to make ssl handshake more visible to me using boost asio? I am getting an error: "asio.ssl error". I just want more verbosity, because this message means almost nothing to me. Thanks. ...