I am trying to catch any https traffic to the front of my site so: https://www.domain.com is redirected to: http://www.domain.com However other subdomains need to be redirected elsewhere. For the most part this is all working, apart from the https -> http redirection. Here's my .htaccess file at the moment: RewriteEngine On Rewri...
I have a WCF service returning JSON to jQuery ajax calls and presenting the results on an ASPX page. When the page is NOT under SSL, the ajax calls work perfectly. When the page IS under SSL, the calls fail. I understand that this behavior must be due to the Same Origin Policy (SOP). So, how do I setup my WCF service to accept calls fro...
Is it still not kosher to have a https page with images that are not accessed via SSL? (ie imagine a web app which is SSL for all important content, but images and styles are coming via a plain http CDN). ...
I have 2 domains domain1.com and domain2.com hosted on IIS server, both point to one IP address. I have a SSl cert issued for domain1.com. How do I decline https://domain2.com request before user sees name mismatch certificate error? ...
Hi, I need to develop a PHP class to communicate with Apple servers in order to do Push notification (APNS). I have the certificate (.pem) and I tried to follow various tutorials found on Internet but I'm still getting error trying to connect to ssl://gateway.sandbox.push.apple.com:2195 with stream socket : $apnsHost = 'gateway.sandbox...
I have code that uses Microsoft's XDomainRequest object in IE8. The code looks like this: var url = "http://<host>/api/acquire?<query string>"; var xdr = new XDomainRequest(); xdr.onload = function(){ $.("#identifier").text(xdr.responseText); }; xdr.open("GET", url); xdr.send(); When the scheme in "url" is "...
I'd like to use client certificates to verify the identity of administrative callers to my web service. Then I can issue certificates only to the people I want to call my web service and be pretty sure noone else can call it. This is in a very controlled scenario where only one or two people will get the client certificate, so distributi...
Hi, We have a tomcat server (6.0.20) running one web application behind two urls, e.g. www.foo and secure.foo This is configured in the server.xml as one host with a single alias: <Host name="www.foo" appBase="webapps"> <Context docBase="foo" path=""></Context> <Alias>secure.foo</Alias> </Host> Ideally we'd like any requests...
Hi, I am getting the "javax.net.ssl.SSLException: Received fatal alert: certificate_unknown" error when attempting to send a HTTPS message. I believe the message is due to the endpoint not recognising the sent certificate or is rejecting it. But I want to be doubly sure this is a server issue and not a local client issue before I go b...
Hi there, and thanks in advance for your help or any tip that could get me out of here. I work on a JEE app with a JBoss server and an Apache. I'm not really familiar with SSL connections and certificates, I understand the basic, but I have to deal with it. So on my local configuration (localhost) I have my connection certificate config...
Does anyone know the process to renew SSL certificate for custom java web server? ...
I will first show the code that works in a non-ssl (http) environment. This code uses a custom json error handler, and all errors thrown, do get bubbled up to the client javascript (ajax). // Create webservice endpoint WebHttpBinding binding = new WebHttpBinding(); ServiceEndpoint serviceEndPoint = new ServiceE...
We are running on SSL on following server topology: 1 ISA (SSL Terminate/cache/proxy+AD authentication) 1 Sharepoint 1 IBM DB2 Database as enterprise/corporate DB 1 MS SQL Server as local DB We have recently optimized the caching, compression, minification, and other ASP.net best practices such as viewstate and cookie siz...
Experimented sending secure emails using C# and was wondering if I have understood things correctly. I currently have the following program: using System; using System.Net.Mail; using System.Net; using System.Security.Authentication; using System.Security.Cryptography.X509Certificates; using System.IO; using System.Net.Security; namesp...
I am trying to be more selective in which pages/requests are using SSL for performance reasons. I would like to use htaccess to redirect to https:// for only the required pages and redirect back to http:// for everything else. This is what I have: RewriteEngine On # force https RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)/(abc|x...
Hi, When one develops a self-hosted WCF http server, one of the steps needed is to bind an SSL certificate to a port number: httpcfg set ssl -i 0.0.0.0:8012 -h 0000000000003ed9cd0c315bbb6dc1c08da5e6 as stated in: http://msdn.microsoft.com/en-us/library/ms733791.aspx However, It is hardly expected that in my deployment environment one w...
Hi, I've got the issue of IE6 showing the "secure and nonsecure items" error on an SSL page. Looking into it though none of the usual causes seem to apply. There are no calls to http://, there are no iframes in the page, fiddler and httpfox both show only requests to https:// - what else can i check? In Firefox and IE there is nothing ...
we are registered under verisign for mydomain.com, but not www.mydomain.com, so all of my ssl redirects must also remove the www. (if any). so the redirect must go to https://mydomain.com it currently redirects to that with: mydomain.com www.mydomain.com http://mydomain.com http://www.mydomain.com but does not work for: https://www....
Scenario: calling a client web service over SSL (https) with mutual SSL authentication. Different service endpoint URLs and certs (both keystore and truststore) for test vs. production environments. Both test and production environments run tomcat / JBoss clustered. Production environment has load balancing / BigIP, runs Blade and non...
I have an application which is communicating with many different sites and each site has its own SSL certificate signed by our own internal CA. Doing this prevents us the need from purchasing SSL certificates for each site (hundreds or thousands) and is more secure then using a wildcard certificate with a shared key on each of those site...