Hello, I'm trying to configure a Tomcat server with SSL. I've generated a keypair thus: $ keytool -genkeypair -alias tomcat -keyalg RSA -keystore keys Next I generate a certificate signing request: $ keytool -certreq -keyalg RSA -alias tomcat -keystore keys -file tomcat.csr Then I copy-paste the contents of tomcat.csr into a form ...
I'm trying to connect to a webservice over SSL using Apache Commons HttpClient 3.1, using this: String url = "https://archprod.service.eogs.dk/cvronline/esb/LegalUnitGetSSLServicePort"; HttpClient client = new HttpClient(); PostMethod post = new PostMethod(url); StringRequestEntity entity = new StringRequestEntity(requestXml, "applicati...
Hi I have a special requirement for one of my applications where I need the servers nounce (Handshaker.srv_random) when verifying the client certificate. Yet JSSEs X509TrustManager only passes me the certificate, no other information of the handshake. I have located the place, where checkClientTrusted is called (inside ServerHandshaker...
I have a 3-node web farm being managed by IIS7 and Application Request Routing. I have a folder hierarchy in my web app that needs to be secured via SSL. What is the best practice for getting ARR to correctly route these SSL requests? I have installed the same certificate on all web farm servers and the server running ARR. I have tri...
I have got a working C# code for accessing OWA mails using WebDAV against a FBA enabled exchange 2003 (http://support.microsoft.com/kb/891748/en-us/) But my client's OWA (exchange 2003) has Basic authentication and SSL (i-e when I try to access the web mail link through browser I get a grey login box instead of a web page I can log into...
I have a PP-enabled site that needs to be tested. I've already tested it with Sandbox credentials and it works ok. The next step is to test it with live PayPal credentials on test server. Here I hit a wall, because using real credentials from liveserver.com on test.liveserver.com gives me error of "malformed url" (which as I read stands...
Trying to connect to an imap server from an app that uses javamail to connect. I can't modify the code, but it's throwing the 'Server chose unsupported or disabled protocol: SSLv3' error, and I can't find a property that I can override to enable that protocol. The server I'm connecting to does not support TLSv1 (yes, it's old). ...
Hi. Is there a way to check in Javascript if given a host it's SSL certificate is valid? (non blocking) In my case I want to display: "you can also use https://.." if via javascript I can make a request to https://my_url without being asked to accept an untrusted certificate. Can this be done asynchonously? -- M. ...
Hi, Question - Is it possible to proxy a HTTPS request using HttpListener & HttpWebRequest? (or is it not possbile due to the encryption?) I have got a .NET proxy working by using HttpListener & HttpWebRequest using the approach here. I'm trying to extend this at the moment to listen for HTTPS too (refer this question) however I'm won...
I am mostly following this page: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html I used this command to create the keystore keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/tomcat6/keystore and answered the prompts Then i edited my server.xml file and uncommented/edited this line <Connector port="8443" protocol="HTTP...
Hi, I have SQL reporting services configured to use a secure certificate and when I visit both Reports and ReportManager I get a 404 not found error. The reporting services logs do not contain any error information. I am a bit at a loss to know where to start to diagnose this problem, especially as SSRS is not using IIS. I created th...
I've tried to setup .keystore on Jboss 4.2. due to this documentation from jboss community http://community.jboss.org/wiki/sslsetup but Jboss console generate this error LifecycleException: service.getName(): "jboss.web"; Protocol handler start failed: java.io.FileNotFoundException: C:\Documents and Settings\mebada\.keystore (The sy...
shtml pages are not displayed in iis7. i get the following error when tried to access shtm file The page you are requesting cannot be served because of the extension configuration. If the page is a script, add a handler. If the file should be downloaded, add a MIME map. pls help -Vivek ...
Hi all, I have a standalone Axis2 server running using org.apache.axis2.transport.SimpleAxis2Server I would like to enable mutial SSL on this server. I have managed to get 1-way SSL working using my own selft signed certificates. I have uncommented the SSLVerifyClient paramter, but this makes no difference. The server is running with ...
My client failed her PCI compliance audit. The server supports Remote Desktop (Terminal Service) but only provides encryption and not authentication. This exposes the server to Man-In-The-Middle attacks. The supposed solution is to force SSL as the transport layer for RDP. Anyone know how to do this? The server runs Windows 2003. ...
Hi, Can anybody explain how SSL can be configured inside a Firefox extension? I have a client who wants to connect to an https server and download some contents. My problem here is I don't know how to configure the communication between the client and the server inside the extension. I would appreciate if somebody would explain this to...
More often than I like when designers edit some of our sites' pages, they include javascript or an external image our SSL pages that are not encrypted. For example if we have a page like this: https://www.example.com/cart/EnterCreditCard And the designer includes some non-encrypted image like this: <img src='http://www.cardprocess...
Hi, I have a page on my site which was meant to be SSL enabled. Now, if the page has a link to an external site, does this invalidate my SSL encryption? Thanks ...
I am using ssl_requirement and since setting it up, my application's Flash messages are disappearing. I've modified the plugin slightly as accounts can optionally have a domain mapped to their account. In that case the non-ssl areas of the site should use the mapped domain, whereas the ssl areas should use the subdomain: def ensure_pro...
I just created a self-signed certificate on a linux box running tomcat 6. I created the keys like this, valid for 10 years: keytool -genkey -alias tomcatorange -keyalg RSA -validity 3650 and copied the keystore into a folder in tomcat, and updated server.xml to point at the keystore. Now my network admin is asking for the both the p...