can you put SSL on a IP address or only on a web server's domain name?
Hi, In a web application, if it doesn't have a domain name (like a web service for example), can you still add a SSL certificate to a IP address? If yes, how? ...
ssl
What is SSL and how does it relate to HTTPS?
What is SSL and how does it relate to HTTPS? ...
Disable SSL on Websphere Application Server
Hi all, Is there a way to disable SSL on WAS? So you can just log on using a username and password. That isnt tied to disabling the Global Security? Cheers ...
Is SSL really worth it?
I'm wondering if I should add an SSL layer between my server and client. I'm not handling any confidential data, but there is a very small chance someone might want to hack transmissions in order to gain intelligence (this is a game by the way). Now the ammounts of data to be processed is considerable when compared to a small website and...
Should I use self-signed certificates in general? For SVN in particular?
How secure is it to use self-signed certificates? As far as I understand it, an attacker could pretend to be my server if I don't have a certificate from an authority. Is this much of a risk? Should I buy a certificate for Subversion? ...
Is a https query string secure?
I am creating a secure web based API that uses HTTPS however if I allow the users to configure it (include sending password) using a query string will this also be secure or should I force it to be done via a POST? ...
How can I check if a server has ssl enable or not
Hello all, Does anyone of you know, if and if so, how can I check, with my application code, if a server has ssl enable or not? Thx ...
Certificate Trust Lists and IIS7
I need to generate a CTL for use with IIS7. I generated a CTL file using MakeCTL (on Win2k3 SDK) and put only my own RootCA certificate in the CTL. However, when I then use adsutil.vbs to set my website to use this CTL, I get: ErrNumber: -2147023584 (0x80070520) Error Trying To SET the Property: SslCtlIdentifier I'm using adsutil.vbs...
php SOAP call over SSL - How do I jam a cert, key, and CA cert together in the request?
So, I'm trying to consume a webservice using something like this: $client = new SoapClient("some.wsdl", array('local_cert' => "cert_key.pem")); I've done this successfully in the past with other web services that required a cert & key concatenated into the local_cert file. Now, I'm trying to consume a service that also relies on a ...
Connecting phpMyAdmin to a MySQL server over SSL
I may be barking up the wrong tree... However, what I have is a MySQL server that accepts connections only from a client with a valid SSL cert (see this link). This works great for example with Rails. I have my database on one server, and a Rails app that connects using the client certificate. Maybe not the fastest, but it works. The co...
IIS, XP, SSL vs. KeepAlives
I'm stuck between a rock and a hard place. I'm developing on XP using Studio 2005/IIS. Thus far, this has been problem free for me; until today. I needed to add an SSL cert so I could finish development for a part of the site that runs in SSL using sessions that are only allowed in secure mode. So, I install the cert and fire up studio...
How to enumerate HTTP listeners from a Java EE web app
I have a web app with a web-based configuration UI. If the user accesses via HTTP, I want to alert the user that they should really use HTTPS and give them a link to click on to get to the HTTPS-prefixed URL. Now, this is pretty straightforward if we're on the default ports, but often, we're not - for example, HTTP might be on 8080, wit...
How to redirect to (or enforce) SSL connection?
I am using Zend Framework(MVC part of it), and need to either redirect user to SSL enabled page or to force SSL from controller somehow and don't quite see how to do that? Maybe someone can share the knowledge? Thanks! ...
Some images do not load under http, but do under https
I've come across an issue where some images on a site load under https but do not load under http. For example if you go to https://www.mydomain.com/myimage.gif, the image appears fine, but if you go to http://www.mydomain.com/myimage.gif the image comes back with a not found error. This happens to only certain images. Other images lo...
PHP Soap client using local_cert -- Cannot connect
I'm looking for any advice that can be offered on this one... I am trying to create a soap request in php using my server certificate and key aggregated in the local_cert parameter. I've verified that my cert & key are correct and I've created the local cert file using the key and cert appended respectively. The response I get when I ...
Issue with Self Signed Cert in WCF - Must have Private Key....
Hello, I am creating a WCF service hosted within IIS7 on Windows Vista SP1. I am getting the following error: The certificate 'CN=SignedByLocalHost' must have a private key that is capable of key exchange. The process must have access rights for the private key. It looks like I would need to give the host process assess to the certif...
Does a truststore need the sub-ca certificate?
I'm trying to setup a hierarchical PKI. Can I create a truststore containing only the root ca certificate, and will that mean my application trusts certificates signed by a sub-ca certificate which is in turn signed by the root ca? As an aside, it seems that you must provide an entire certificate chain, including the root ca certificate...
JavaScript/Greasemonkey: Avoiding FireFox Security Warning when Submitting a Form from a Secure Page
Hi, I'm writing a Greasemonkey script to connect two company-internal webpages. One is SSL, and the other is insecure and can only be accessed via a POST request. If I create a hidden form on the secure page and submit it via an onclick() in an <a>, it works fine, but FF gives a warning: Although this page is encrypted, the infor...
iPhone client certificate.
I would like to verify that an app I am writing is running on an iPhone. What would be perfect is this: Apple baked an SSL client certificate into each iphone which can be authenticated by a receiving server. I this the case? I have not started researching this yet, I will update with anything I find. UPDATE: Here is some Apple docum...
HTTPS on iPhone
I need to be able to use https to connect to a server and I'm wondering if there's recommended way of doing this on the iPhone that's NOT: - an undocumented api call - does not require manually storing certificates in the app bundle Thanks all. ...