I have an Apache 2.2 server with an SSL certificate hosting several services that should be only access using SSL. ie: https://myserver.com/topsecret/ should be allowed while http://myserver.com/topsecret/ should be either denied or, ideally, redirected to https. http://myserver.com/public should not have this restriction, and should...
Hi, I have an application in which a gecko browser is embedded. The application is crashing when I try to access any https url's because nss is not properly initialised at this point. The crash is in PK11_TokenExists(). I want to block my browser from rendering https sites. If a user clicks on a https link I can block that load in OnSta...
My last couple of projects have involved websites that sell a product/service and require a 'checkout' process in which users put in their credit card information and such. Obviously we got SSL certificates for the security of it plus giving peace of mind to the customers. I am, however, a little clueless as to the subtleties of it, and ...
Hi! I am trying to understand what's the actual difference between SSL and Kerberos authentications, and why sometimes I have both SSL traffic and Kerberos. Or does Kerberos use SSL in any way? Anyone could help? Thank you! ...
Is it OK if the same OpenSSL context is used by several different accepting sockets? In particular I'm using the same boost::asio::ssl::context with 2 different listening sockets. ...
I have this strange call stack and I am stumped to understand why. It seems to me that asio calls open ssl's read and then gets a negative return value (-37) . Asio seems to then try to use it inside the memcpy function. The function that causes this call stack is used hunderds of thousands of times without this error. It happens ...
Is it doable to set up a non-domain-based (standalone) Windows Server 2008 as an SSTP VPN (Secure Socket Layer Tunneling Protocol VPN)? I'd like to enable remote users to access a network via SSL-based VPN (currently using PPTP) by making an SSTP VPN connection via a Win2k8 server. Most of the docs seem to include running in an AD doma...
(I've asked the same question of the jmeter-user mailing list, but I wanted to try here as well - so at the least I can update this with the answer once I find it). I'm having trouble using JMeter to test a Tomcat webapp using a self-signed SSL cert. JMeter throws a SocketException with message Unconnected sockets not implemented. Accor...
I have an ASP.NET application that will host multiple tenants (Software-as-a-Service style). Each tenant will have their own domain name (www.mydomain.com, www.yourdomain.com) and their own SSL certificate. Is there a way to host the application such that all of the tenants are on the same application instance? I know you can have mul...
Hi, I am currently working on the authentication of an AJAX based site, and was wondering if anybody had any reccomendations on best practices for this sort of thing. My original approach was a cookie based system. Essentially I set a cookie with an auth code, and every data access changed the cookie. As well, whenever there was a fai...
I've got a customer trying to access one of my sites, and they keep getting this error > ssl_error_rx_record_too_long They're getting this error on all browsers, all platforms. I can't reproduce the problem at all. My server and myself are located in the USA, the customer is located in India. I googled on the problem, and the main sou...
How can I prevent this exception when making a soap call to a server that is using a self signed certificate? require "rubygems" gem "httpclient", "2.1.2" require 'http-access2' require 'soap/rpc/driver' client = SOAP::RPC::Driver.new( url, 'http://removed' ) client.options[ 'protocol.http.ssl_config.verify_mode' ] = OpenSSL::SSL::VERIF...
I'm using the following code to make sure all certificates pass, even invalid ones, but I would like to know if there is a better way, as this event gets called globally and I only want the certificate to pass for a certain HTTP call and not for any others that are happening asynchronously. // This delegate makes sure that non-validatin...
I setup my own open id provider on my personal server, and added a redirect to https in my apache config file. When not using a secure connection (when I disable the redirect) I can log in fine, but with the redirect I can't log in with this error message: The underlying connection was closed: Could not establish trust relationship for...
I have to deploy my ASP.NET application into two seperated IIS servers. My application works over HTTPS/TLS. My ASP code has to handle client SSL certificate and it means I can't use simple forward load balancers, because I will never get such certificate from nginx or Apache Load Balancer. As I understand there is no common (open-sourc...
Hi I have a Java client that calls a web service at the moment using the Http protocol. When i try to use the Https protocol i keep getting this error java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big. Any ideas what could be up? Thanks Damien ...
Hi, Is it possible to secure only the Login.aspx page (and the postback) and not the whole site in IIS? We are looking to do this specifically with a SharePoint site running Forms Based Authentication against our Active Directory. Links to this will be helpful. This is what we have done so far: 1. Setup SharePoint to use FBA against ...
I would like to know and understand the steps involved in fetching mail from pop3 server using plain c language ...
I'm going over some client code I've inherited for doing secure communication over HTTPS, and it seems that it's not checking the common name in the server certificate (eg. 'CN = "example.com"' against the actual URL that's being requested. This is probably deliberate, since our client app is required to talk to various environments, so ...
Hi I am trying to call a webservice using ssl. How do i get the relevant server cert so that i can import it into my truststore? I know about the use of property com.ibm.ssl.enableSignerExchangePrompt from a main method but i would add the server cert to my truststore manually. I dont want this property set in any of my servlets Any h...