I have looked into various posts about how to retrieve something via HTTPS on Android, from a server that uses a self-signed certificate. However, none of them seem to work - they all fail to remove the "javax.net.ssl.SSLException: Not trusted server certificate" message. It is not an option to modify the server to have a trusted certif...
I would like to redirect specific domains from http to the corresponding https address in lighttpd. I tried out the tutorial on the lighttpd page but there it is not written for a specific domain. This is what I want: $HTTP["host"] =~ "secure.example.com" { server.document-root = "/var/www/secure.example.com" // IF NOT SSL, RE...
I have an ASP.NET MVC2 application hosted in a non-secure environment (http), also I have my account services (WCF) on an SSL server. I need to post a form that is on the non-secure http application to a secure SSL and access then the service. By no means I'm allowed to host the application in the SSL server (because it will loose the lo...
Inside of large companies, is it standard practice to use SSL (e.g. https) for running corporate apps over the LAN. I am thinking of ERP systems, SFA systems, HR systems, etc. But I am also thinking of SOA...web service providers and consumers. In other words, is there any concern that something on the LAN could be sniffing plaintext ...
I want to find all client authentication certificates from the X509Store(StoreLocation.CurrentUser) Is there anyway to do this? Even by getting all then filtering by a certain property to get all Client Authentication certificates? ...
How to implement a https connection with SSL and ASIHTTPRequest? Are there some special steps to do? Can it be that this has nothing to do with ASIHTTPRequest? It has to do only with the server-side I think. Can someone post a link or describe the process of how a https connection can be established? This is what I found out so far: I ...
Hi, I'm trying to setup a anonymous SSL connection, i.e. one that doesn't require certificates, from an android to a PC. The problem is that I can't find an appropriate cipher suite on the android. IIRC anonymous cipher suites have "anon" in their name, running socket.getEnabledCipherSuites() doesn't return any cipher suites with 'anon'...
In a Rails controller, I can set a cookie like this: cookies[:foo] = "bar" And specify that the "secure" (https-only) flag be on like this: cookies[:foo, :secure => true] = "bar" :secure is false by default. How can I have cookies be secure by default, application-wide? This is on Rails 2.3.8 ...
Is it possible to build a SMTP/IMAP client that can run in the browser that uses only Javascript? ...
I use SSL connection to connect web client to server. It works without any problem for a long time. But from yesterday it gives following error can anyone tell me the reason. javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown at com.sun.net.ss...
I am using the function SSL_CTX_set_cipher_list to set the ciphers supported for the SSL connection. What argument to pass to SSL_CTX_set_cipher_list to disable weak ciphers. I tried passing ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH but it doesn't seem to work. My tool to detect weak cipher reports for the following as enabled still ** SSLv3...
Hello, With SWT Browser, is there any way to import a SSL certificate file into Java and make it work with SWT Browser? With Firefox, you can import it by Edit-Preferences-Advanced-Encryption-View Certificates-Import command, but since Mozilla doesn't share profile with each other, we are not able to reuse that. Is there any way? A...
Hello everyone, i would like to know which Certification Authorities are "allowed" on android.. Since i'm going to buy a ssl certificate i would like to understand if i'll get some problems in android using it. Thanks ...
I'm currently building a web-based file upload/download hub for a company that wanted an easy way to send files to customers. My question revolves around which parts of the site really need to be SSL encrypted. Is it good practice to only encrypt the login forms, but leave other parts of the site (like the file transfer process) unencr...
I am trying to create an SSL connection from android client to the server over SSL. In the very beginning I was always getting javax.net.ssl.SSLHandshakeException: no cipher suites in common on the server when connection was attempted. After some investigation I realized that Android uses Bouncy Castle SSL implementation and the cip...
Hello, I have two projects, one is a WCF service, the other is an ASP.NET MVC site. The service is to be exposed to multiple consumers, including my MVC site. Both the site and the service require access over SSL. I only have one SSL certificate I can use. Any ideas how I can set these two projects up in IIS? Thanks in advance. ...
Question: I have written a console program that uses the SQL server 2005 web service to upload reports to SQL Server 2005 reporting service (so that I don't have to upload 100 reports by hand everytime). It works fine locally, and remotely. But now, the problem is one server uses SSL so rs.Url = "https://hostname/ReportServer/reportserv...
How to enable webservice call over HTTPS with self-signed cert in ColdFusion 9? According to the doc, <cfhttp> should work, but how about <cfinvoke>? If I use cfhttp, do I still need to install the cert as outlined here? http://kb2.adobe.com/cps/400/kb400977.html I tried simply using https in cfinvoke, I got SSLPeerUnverifiedException...
The most commonly used 'C' Implementation of SSL (OpenSSL) doesn't support parallely operations on it's SSL Session. (i.e. You cannot do a SSL_read & SSL_write) parallely for the same session. Does the Java bases SSL, JSSE support this feature? i.e. For the same SSL Session created using JSSE, can I do read and write parallely on diffe...
If I set up a proxy (such as Squid for example) configured with certs to listen for HTTPS are browsers able to connect to the proxy over TLS/SSL? Example of what I'm asking: Browser Proxy Server yahoo.com -> TLS -> Squid -> HTTP -> yahoo.com I've set up a proxy listening on 443, but am not having success getting...