I set up a secure version of my CSS server which points to a different folder which contains a version of the stylesheet with secure images in it, the robots.txt and .htaccess files are exactly the same (the only other files in the directory). The non-secure CSS file loads fine in the normal non-secure website, however it will not load i...
I set my database to require ssl. I've confirmed I can connect to the db via command line by passing the public key [and have confirmed I can't connect if I do not pass public key] I get the same error in my django app as when I do not pass a key. It seems I've not setup my settings.py correctly to pass the path to the public key. Wha...
Hello everyone, I am in the process of writing a login/register form for my MVC website and am facing an issue regarding security and AJAX. It seems that more and more popular sites are utilizing javascript to process logins, and many from a non https URL (www.giantbomb.com and www.gametrailers.com to name two). I'm wondering if there...
I'm trying to get a WCF web service to work with SSL, as you can imagine it works on my machine, however when I run it on the production environments I get this instead: Could not find a base address that matches scheme http for the endpoint with binding BasicHttpBinding. Registered base address schemes are [https]. Despite many h...
We're using Spring and JAXWS-generated client classes to access web services in a weblogic-deployed app. The WSDL defining the web service is remote and password-protected (basic http authentication). In a unit test it suffices to define a proxy in ~/.metro folder with the url and http password to use when accessing it. Is there a simila...
I found some manual here : http://support.microsoft.com/kb/316898/ru but can't make a step with : The Certificate Request Wizard dialog box opens. Click Next. Select Certificate type is "computer". On "Registration politics" step there is Active Directory registration politic by default and so it requests some registration serv...
Hello everyone. We have a WCF service under an SSL Web Server installed in IIS. The web service was created with .NET 3.5 and WCF 3.0. We can access it with a .NET 3.5 client without problems. Let's call the URL where the service is published something like: https://my-server.com/testservice.svc?wsdl We need to make a proof of concep...
I've got a server application using select.select(), and now I'm trying to add SSL to it, however I get the following error when listening to the "raw" sockets: ValueError: file descriptor cannot be a negative integer (-1) so I figured I'd use the ssl streams returned by ssl.wrap_socket in select instead. Doing so, it doesn't return a...
I need to test an ASP.NET site that requires SSL locally. I think IIS7 with the self-signing certs would do the trick, however, I am on XP. Any idea how I could test the site locally over https? ...
Fairly new to socket programming, but I've been assigned with a whopper of project. My issue is this: I try initiating an SSL handshake with both SSL_accept() and SSL_connect(), as well as renegotiating the handshake and then attempting to reconnect with SSL_renegotiate() and SSL_do_handshake() in succession, but all of these give me t...
I am running Ubuntu Hardy 8.04 and nginx 0.7.65, and when I try starting my nginx server: $ sudo /etc/init.d/nginx start I get the following error: Starting nginx: [emerg]: bind() to IP failed (99: Cannot assign requested address) where "IP" is a placeholder for my IP address. Does anybody know why that error might be happening? ...
Hi, I have a server in development and a few developers connecting to it. This server uses Java's TLS implementation with SSLEngine. We saw that, at first, every new connection would have a long delay (30-40 seconds). We narrowed it down to reverse DNS lookups timing out. We solved that by putting all our IPs in the HOSTS file. Now, t...
Hi everybody, I am trying to build a SSL secured Web Service client using CXF Spring configuration and I wonder how is it possible to tell to CXF to use this client certificate in my keystore. This should exists because if my keystore holds plenty of certificate how does CXF is supposed to do to find the good one? Here is my configurat...
I am considering establishing an encrypted connection from a .NET app toward a remote MySQL database. According to the manual, there is a SSL Mode option to do that. The example provided in the tutorial rely on a client X509 certificate. Is the client certificate absolutely needed, or can I just connect with SSL Mode=Required and a login...
Trying to setup SSL on the Magento checkout pages but have run into this issue: After payment details are submitted, the payment goes through fine (checked with sagepay) but when sagepay redirect to the success page (/sagepay/server/success/?SID=session_id), it then tries to redirect to /checkout/onepage/success/, where I get an error s...
Hello to all. I'm trying to build a simple client/server system wich uses SSLSocket to exchange data. (JavaSE 6) The server must have its own certificate, clients don't need one. I started with this http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore To generate key for the server and a self...
I have a virtual folder containing an administration application, like https://www.mysite.com/alpha which requires SSL. In the IIS manager properties for the folder, under "Authentication and access control", Anonymous Access is disabled and "Authenticated Access" is set to "Integrated Windows authentication." When I connect to the s...
We're having a problem getting Word documents to download in IE7/IE8 using window.open calls. This problem is currently only happening in our production environment with SSL enabled - our test environment is working correctly but does NOT have SSL enabled. Both environments are running IIS6 and use integrated authentication. The javas...
I'm having trouble getting a DNOA RP working behind an SSL appliance (terminates the client HTTPS connection and reverse-proxies HTTP to the webserver behind it). The problem is that the RP is incorrectly guessing the recipient endpoint from the incoming request (since it's not HTTPS by the time it hits the webserver) and comparing th...
General question to experienced developers: I want to develop a secure an area on my local machine which I will then roll up to the remote server. I am using IIS 6 with MVC2 on VS 2008. I understand that the SSL provider will only issue a certificate to a given domain, which while I find this logical, cannot figure out how to build l...