When Internet Explorers AutoComplete is turned on for Forms the entries for each field in the HTML form should be cached and displayed as a prompt when the user starts entering content into the form the second time around. On my website the AutoComplete feature is never displayed for any forms that exist on that site. But yet other w...
I've generated a certificate request, submitted it to the Microsoft Certificate Services program. It issues the certificate. I downloaded it to conf/ssl/server.cert I configured it in apache to using SSLCertificateFile conf/ssl/server.cert SSLCertificateKeyFile conf/ssl/server.key When I start the server with this config I get Sec...
Hello I have a 2 threads application. One GUI thread and one worker thread (CWinThread) in which I make time consuming operations - calculations and HTTP comunication. I have to switch from HTTP to SSL socket connection. I also need to make a verification of server certificate (is it trusted, is it expired, is it revoked) Which libr...
A while ago, I set up my company's local (non-internet) client database on my domain server, using Apache and PHP/MySQL. I recently decided to set it up to use an SSL connection rather than a standard HTTP connection. (I know, I should have from the beginning, but that's another matter). I've set up my server and my certificate success...
Okay, I've asked on the Community Server Forums and was totally ignored. So I'll ask here. The OpenID provider (presumably janrain) for CommunityServer does not work with an SSL OpenID endpoint. I really don't know of a non SSL OpenID endpoint and even if I did...I'm not sure if I'd want to use it. I have a community server installation...
Like the question says, if I have a request for a page on my site like this http://somename.something.here/Dada.aspx to something like this https://somename.something.here/Dada.aspx ...
Hi, I've an MFC application that currently uses CAtlHttpClient to query a web server for some information. I'd like to change this so that the query goes over securely, with server authentication, using SSL. Googling reveals that Microsoft has changed the way they support this several times, e.g., WinInet, WinHTTP, but for the life of...
Hi, I get the above error when trying to run the code from Microsoft's Secure SOAP sample http://msdn.microsoft.com/en-us/library/s2ya483s.aspx The call, from M'soft's code, seems to be correct: Status = g_Sample_SecurityInit._SecurityFunc.AcquireCredentialsHandleA( NULL, // Name of principal UNISP_NAME_A...
So, I got ZF MVC site and want to force SSL connection on everything under my /checkout/ I tried using mod_rewrite for that, so my .htaccess would look like this: RewriteEngine on RewriteRule (\/checkout.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R] RewriteRule !\.(js|ico|gif|jpg|png|css|swf|xml|avi|flv|mov|mp3|wav)$ index.php [L] Sure...
Well, maybe not with all 4 things, but here's my situation: I have an ActiveMQ backend (running on my desktop Mac). It's a stock Apache ActiveMQ server I have which I am basically using as an echo server to tail the logs and debug my client. The client is an iPhone project with a hacked up Stomp.framework implementation using AsyncSocke...
Is there a difference between SSLv3 and TLSv1? How does IIS6.0 control what type of security is used for a website enabled with HTTPS? MS says that there is a hierarchy in which the security and encryption level is negotiated before connection is established. What is this hierarchy? Is SSLv3 available in IIS6.0 by default on Windows S...
I have to write a Java Client to connect to an SSL server. The server uses openssl certificate, and is configured to do Client Auth. I can't seem to locate any useful resources online that can help me (who doesn't know anything about openssl and much about SSL) to understand who to go about implementing my Client Side. Help! ...
Is there a way to setup authentication (ala "Basic Authentication") without actually setting up an SSL Certificate? I'd also like to do this in REST or regular SOAP WCF Services, preferably in REST, but would like to be able to mix the services. In other words, "I want to be able to send a regular old username and password just like in...
I'm doing a first pass at rolling my own authentication and sessions in rails and am not sure that I understand the session support that is present. (By first pass, I mean I'm initially authenticating via http, not https. Production code will use https.) My understanding of secure sessions is that you pass a token to the browser via a c...
I can't figure out if this is a bug in Firefox or an anomaly with the website as it only seems to occur through a specific sequence. TLDR steps below If you visit the main page (link below) and then click on the quotes link it will send you to a page called quoteconfig.aspx which checks for javascript and then redirects you if it's ena...
I can't seem to get my head around this one. I'm using HttpWebRequest to try and send some data out to another site. I'm attempting to figure out the best way to get our firewalls configured, but I'm at a loss. By watching the NetMon trace, it appears as though it's ignoring what I tell it; the HTTP headers I see go out from the request ...
Our ssl certificate recently expired, so we were issued a new one by the CA. Unfortunately, when biztalk uses this certificate to access a server, the server rejects it, giving us a 403.17 error (Expired or not yet valid). So I checked the dates of the certificate and it seems okay. But to really check if the certificate was working, w...
I am building an application and I am planning on using Open SSL for securing data transfers. I am planning on only having the client validate the server's certificate. I am confused on how I should secure the server's certificate. I would like to encrypt the server's certificate containing the private key but I do not want to use any ha...
I've got an ssl certificate for what I think is my domain and I want to apply it to two separate applications in that domain that run under ASP classic in IIS on Windows 2000. I have the following stupid questions: Are certificates issued for URLs or domains? Or subdomains? Can I use the same cert for multiple websites (applications)...
I use Django for my website and I want to know whether there is a work around for testing secure pages in Development server. As a temporary workaround, I wont use HTTP to check the webpages in dev server, which I think is not a correct way? What do you think? ...