Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

Page 24/170 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

  • MediaTemple DV SSL and Passenger

    - by pcasa
    Followed these instructions to get Passenger and media temple's apache talking to each other. http://greggoodwin.com/2009/03/01/install-ruby-on-rails-with-passenger-on-mediatemple-dv-35-how-to/ I have ssl_requirement installed and pages requesting SSL but can't figure out which .conf file gets edited and what to put in it. httpd.conf, vhosts.conf, ssl.conf, vhosts_ssl.conf? For what its worth where my vhosts.conf file is at, there is also a httpd.include that looks like it holds some info from certs created by Plesk. In there it says to create a /var/www/vhosts/sitename.com/conf/vhost_ssl.conf file for ssl. Currently I have vhosts.conf in /var/www/vhosts/sitename.com/conf/vhosts.conf And it looks like ServerAlias www.sitename.com DocumentRoot /var/www/vhosts/sitename.com/rails/sitename/public <Directory "/var/www/vhosts/sitename.com/rails/sitename/public"> Options FollowSymLinks AllowOverride None Order allow,deny RailsEnv development Allow from all </Directory> RailsBaseURI /

    Read the article

  • Custom certificate as proof of transaction

    - by Andy
    I'm developing a site where a user conducts a given transaction and once completed, the user is issued with a 'secure certificate'. The certificate serves as proof of the transaction and the user is able to upload the certificate at a later stage, to view the details of the transaction. At the moment I'm using a custom XML document with encrypted fields. It works perfect, but I would like a standardized approach, such as an X.509 certificate. I'm no encryption expert, but from what I gather, X.509 is more geared towards SSL issued by a CA. Is it possible to create your own valid valid CRT file? As a test, I created a CRT file with the example provided on WikiPedia. However, when I open the file in Windows I get this warning: Invalid Public Key Security Object File - This file is invalid as the following: Security Certificate. Not having much luck here, so time to ask the experts. What direction should I be heading in? Any guidance would be greatly appreciated.

    Read the article

  • HAProxy NGInx SSL setup

    - by Niclas
    I've been looking around different setups for a server cluster supporting SSL and I would like to benchmark my idea with you. Requirements: All servers in the cluster should be under the same full domain name. (http and https) Routing to subsystems is done on URI matching in HA proxy. All URIs have support for SSL support. Wish: Centralizing routing rules ---<----http-----<-- | | Inet -->HA--+---https--->NGInx_SSL_1..N | | +---http---> Apache_1..M | +---http---> NodeJS Idea: Configure HA to route all SSL traffic (mode=tcp,algorithm=Source) to an NGInx cluster turning https traffic into http. Re-pass the http traffic from NGInx to the HA for normal load-balancing which performs load balancing based on HA config. My question is simply: Is this the best way to to configure based on requirements above?

    Read the article

  • Problem installing SSL on centos 5.2 with plesk

    - by Haluk
    Hello, I'm trying to install an ssl certificate to a dedicated centos 5.2 server. I followed the hosting company's instructions but the ssl is not working. When I try to access my website using https, Firefox gives the following error: uses an invalid security certificate. The certificate expired on 3/13/2010 11:56 AM. (Error code: sec_error_expired_certificate) I'm not sure where the problem is. You should also know that this server has plesk installed, even though I'm not using it, it could potentially be somehow overriding my httpd.conf or ssl.conf. Thanks!

    Read the article

  • disable "SSL 2.0+ upgrade support" in nginx

    - by Bhargava
    I evaluated the SSL credentials of my server with qualsys ssl page ( https://www.ssllabs.com/ssldb/index.html ) and found the entry "SSL 2.0+ upgrade support" being marked as yes. I want to disable this sslv2 handshake too. I searched around and found http://forum.nginx.org/read.php?2,104032m, which points to creating a openssl.cnf file. Have a naive question here. After creating the file, does one need to re-key his certificate for this to work ? Are there any other steps to follow ? I use nginx 1.0.11 and openssl "OpenSSL 1.0.0e-fips 6 Sep 2011". I have set ssl_ciphers in nginx to SSLv3 TLSv1;

    Read the article

  • SSL and IP addresses on a dedicated server

    - by spike5792
    I've just moved from a shared web hosting server operating on WHM/cPanel running six domains with 1 dedicated IP address. 1 of the 6 domains has an SSL certificate. I have since moved to a dedicated server also with 1 dedicated IP and running cPanel/WHM with the same six domains. I want 1 of the domains to have the SSL certificate but I am being told that it's not possible unless I buy another dedicated IP address. I want to question the hosting provider on this but they haven't really acknowledged it - they've just kept saying that it needs its own IP as the IP I am currently using is shared between my six domains. Does anyone have any experience of this and tell me why my new expensive dedicated hosting provider can't setup SSL using the certificate as I had done before on my shared server?

    Read the article

  • Setting up SSL with 389 Directory Server for LDAP authentication

    - by GioMac
    I've got 389 Directory Server running on RHEL 5 with groups, users, posix etc. RHEL clients are authenticating users with LDAP - no problems, everything works perfect, but passwords are sent in plaintext and are visible with network sniffer. So, decided to run with SSL: Created CA - got both private and public CA certificates Using CA certs: generated both of private and public certificates and combined (1st file) for 389DS according to 389DS certificate request, imported with CA public cert to 389DS from graphical console (2nd file). Enabled SSL in 389DS On the client, using authconfig-gtk enabled SSL for LDAP, specified only CA public certificate Doesn't work. Howto? What is the best way to integrate safely?

    Read the article

  • Creating Client Certificate - Windows

    - by Aur
    I am trying to create client certifications against a microsoft CA using the built in website. (Microsoft Active directory Certificate Services) From what I can tell you have to login as the user to create the corresponding certificate. Is there anyway to get around that? I tried to create my own template duplicating the user tempalte but it doesn't match and gets rejected when trying to authenticate. Is this something I'd have to look at building? Any help is appreciative, thank you for your time.

    Read the article

  • Cannot install new certificate in IIS 7 on Windows Server 2008 R2

    - by Alex B.
    We are trying to renew our existing web site certificate on our IIS 7 site under Windows Server 2008 R2, but we continue to get the "Access is denied" error that others have posted. However, when we have gone to implement the common fix of making sure the Administrator group has full access to all folders and subfolders on the C:\ProgramData\Microsoft\Crypto\RSA folder, we get an "Access is Denied" error on changing those permissions. Yes, we are logged in as Administrator user - it just seems to not allow us to modify the group permissions to this folder. Help! We need to renew our certificate before March 2011!

    Read the article

  • How to ignore the error of the certificate

    - by cavin luo
    Sorry ,my English is poor, I have never speak English after I leave the school. but now this problem have trouble me for a long days. My problem: when I open the website which the security certificate is wrong ,then IE8 show: =========================== There is a problem with this website's security certificate. The security certificate presented by this website was not issued by a trusted certificate authority. Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. We recommend that you close this webpage and do not continue to this website. Click here to close this webpage. Continue to this website (not recommended). ============================== I want to open this website(https) without show this alert page the method may use "regedit", or change the internet Options, or by code ......and so on. please help me thanks thanks thanks

    Read the article

  • Auto enter pass phrase in case of Python ssl Client/Server

    - by rauch
    I need to create Client/Server application to send files from clients to Server. I use simple ssl sockets for that and authenticate with certificates. ms = socket.socket(socket.AF_INET, socket.SOCK_STREAM) ssl_sock = ssl.wrap_socket(ms, keyfile=".../newCA/my_client.key", certfile=".../newCA/my_client.crt", server_side=0, cert_reqs=ssl.CERT_REQUIRED, ca_certs=".../newCA/CA/my-ca.crt" ) ssl_sock.connect((HOST, MPORT)) And Server side: msock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.ssl_sock = ssl.wrap_socket(msock, keyfile=".../newCA/my_server.key", certfile=".../newCA/my_server.crt", server_side=1, cert_reqs=ssl.CERT_REQUIRED, ca_certs=".../newCA/CA/my-ca.crt" ) self.ssl_sock.bind(('', self.PORT)) self.ssl_sock.listen(self.QUEUE_MAX) The problem is the following: when client tries to connect to Server, it requires Enter the pass phrase for private key for Both: for Server-side and Client-side. In Java we need to set System Property: javax.net.ssl.keyStorePassword="" and it has to be used automatically, But how is it been used in Python? I can't enter pass phrase all time the client connects.

    Read the article

  • Exchange 2003 SMTP SSL and various email clients

    - by FrancisV
    This Exchange 2003 server sits behind a firewall with a virtual SMTP server listening on port 465 and attached an SSL certificate from Comodo to the virtual server. However, when trying to send from Apple Mail.app 4.x and Outlook 2011 for Mac, it never completes the connection (time out). Oddly though, the same setup works with Thunderbird. My question is: Does it matter if the friendly name of the certificate is different from the internal hostname? The machine has 2 hostnames: external and internal. The official SSL is using the external name. When using a self-signed certificate with the same name as the internal, I still can't send from the Mail.app and Exchange clients but I can with Thunderbird.

    Read the article

  • Eliminate default SSL certificate

    - by microchasm
    I'm setting up a server for local access. I created a CA and have SSL certs signed and working on other domains. The problem is I'm trying to create a cert for a domain name that is the same as the host name? I copied the steps to make the cert for the other domain, but when I create and sign this cert, and modify httpd.conf with the path to the cert and key, the localhost.localdomain cert seems to be taking precedence. In other words, when I view the cert in firefox, it is the localhost.localdomain cert instead of the one I just created. I looked at ssl.conf, and tried to change the default path to the one issued, and I tried to comment out the VirtualHost, but neither worked. How can I override the servers default certificate with the one I issued and signed? Thanks.

    Read the article

  • Flash Media Server slow over SSL

    - by Antilogic
    We are using FMS to host a VoD site. We host FMS internally (we do not use a CDN). We recently installed an SSL certificate to alleviate connection issues for clients (they're networks either block or don't support RTMP), however we're noticing that when streaming in RTMPS connections are drastically slower (on the order of Mbps). I know SSL causes some amount of over head but both client and server show almost no signs of exertion. Speedtest.net and a locally hosted speed test confirm that bandwidth is not an issue. I'm really not a network guru, so I'm at a loss as to where to check next. Do any of you have an idea why streaming media would run so slow over SSL?

    Read the article

  • Adding SSL to Heroku site post launch

    - by dineth
    I have a rails API that I want to deploy on Heroku. $20/month for a SSL site on heroku is a little steep given I am not earning anything out of this app yet. I am after advice and wondering if it is possible to add SSL sometime in the future? This is for a iOS app that I'm writing. Basically the idea would be that I continue to use https://myapp.heroku.com through their piggyback SSL. Once I get some cash in, I want to transition to using https://www.myapp.com. At this point the API would still need to work for app users who haven't upgraded to a new version of the app that points to the new domain. Anyone know if this is possible? Would both URLs continue to work? My gut feeling tells me this is not possible. Any advice would help. Thanks!

    Read the article

  • postfix smtps issue

    - by DavidC
    Im currently experiencing the following issue with postfix over ssl (smtps) Apr 7 13:43:55 server88-208-248-147 postfix/smtpd[5777]: connect from xxxxxxxxxxxxxxx[xxx.xxx.xxx.xxx] Apr 7 13:45:09 server88-208-248-147 postfix/smtpd[5777]: lost connection after UNKNOWN from xxxxxxxxxxxxxxx[xxx.xxx.xxx.xxx] Apr 7 13:45:09 server88-208-248-147 postfix/smtpd[5777]: disconnect from xxxxxxxxxxxxxxx[xxx.xxx.xxx.xxx] my main.cf is as follows: smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtp_use_tls = yes smtpd_tls_auth_only = no smtpd_tls_CAfile = /etc/postfix/caroot.crt smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_loglevel = 1 when accessing smtp and running start tls i get the following: # telnet xxxxxxxxxxxxxxx 25 Trying xxxxxxxxxxxxxxx... Connected to xxxxxxxxxxxxxxx . Escape character is '^]'. 220 xxxxxxxxxxxxxxx ESMTP Postfix ehlo localhost 250-xxxxxxxxxxxxxxx 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN STARTTLS 220 2.0.0 Ready to start TLS please help as i'm lost of places to look now. os is Ubuntu 10.4 and the SSL is a wildcard SSL, imap/pop and apache work flawlessly with the same certificate.

    Read the article

  • Which SSL certificate to buy [closed]

    - by Sparsh Gupta
    I am reading several notes on SSL certificates and comparison. What matters to me the most is speed. I can read that encryption is same with all different certificates available but I was wondering if there is any difference in the performance of the website with different certificates involved. I am ofcourse interested in end to end response times and I wonder if the type of encryption or number of certificates required as Chain Certificates makes a difference in speed. I dont really care for cost but looking for a good SSL certificate which ideally gives me absolutely no pain and best performance. Recommendations?

    Read the article

  • Apache Ubuntu SSL Configuration

    - by JSP
    Where besides the vhost configuration can SSL be configured? I see an SSL configuration in sites-available but it's not an enabled vhost (and the certificate it points to is expired). Using apache2 -V shows me the configuration directory is /etc/apache2 but I can not for the life of me find the SSL configuration and it's driving me crazy. Any suggestions on where to look or what I'm missing? Ubuntu 12 Linux ip-10-39-119-18 3.2.0-23-virtual #36-Ubuntu SMP Tue Apr 10 22:29:03 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

    Read the article

  • SSL issues with puppet agent at openSUSE

    - by Roman Grazhdan
    I have a master running at my vps, and it has a simple helloworld manifest which works fine with any ubuntu machine I have. It connects, exchanges keys and creates test file allright, so I'm sure it's not server issue. The agent which is running at a virtual machine with openSUSE says: err: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. This is often because the time is out of sync on the server or client I believe it's probably a broken or missing lib, since the package is not built very accurately - it wouldn't start out of the box because of wrong path to lockfile, for example. So how do I figure out what exactly is wrong here? The time is allright, I've checked it. I probably could do without SSL if it's possible, since that SUSE machines are just for training, but it's the last opportunity.

    Read the article

  • Installing a personal security certificate for Windows Server 2008 Terminal Services user

    - by Rick
    We use StoneEdge Order Manager, which runs under Microsoft Access, on several Windows computers as well as through Terminal Services on Windows Server 2008. Terminal Services users are unable to process credit cards using the First Data Global Gateway on the server. We have followed the necessary setup instructions provided under the user account, which involves adding a certificate in the Internet Options control panel. The Windows XP desktops require this to be done, or a generic 'unable to connect' message is shown when attempting to charge a card. On the server, this message is shown regardless of whether the certificate has been installed. Is there anything else that needs to be done that is specific to Windows Server that is not mentioned in the workstation instructions? Setup Instructions

    Read the article

  • Exchange 2007 OWA not listening on SSL port

    - by krs1
    I have an Exchange 2007 server that went down after a power failure. It has OWA access via SSL both externally and internally. OWA is working fine from the internal notwork, however I am getting a timeout when I attempt to connect externally. I pulled up wireshark and noticed that the server actually redirects to SSL. For some reason the server is not listening on the SSL port, and this seems to be causing the timeout. I normally do only development work, but I'm stuck with this since my sysadmin took off for the week and isn't answering my phone calls. As far as I know it shouldn't be a firewall issue. Aside from me not wanting to work on the damn thing, what should I look for?

    Read the article

  • SSL Certificated Validity

    - by Haluk
    Hi, I'm using an SSL certificate from geotrust. I just ordered and installed it this weekend. However when I try to access my website using https, firefox (and the other browsers as well) the browser warns that the certificate expired a few days ago. I guess there could be two reasons: I made a mistake during the installation of the certificate Geotrust did not sign the certificate properly. First I want to rule out the second reason considering my browser tells me the certificate expired a few days ago. This does not make sense at all. Is there a way to extract the expiration date from the certificate? Thanks!

    Read the article

  • SSL on Apache seems to significantly affect WebDAV performace

    - by takesides
    I'm using Apache 2.2 running on Windows Server 2008 R2 as a WebDAV server for clients to upload large media files (roughly 100-2000MB). I am finding that when I have SSL enabled (openSSL 0.9.8o) and use HTTPS for the uploads the throughput is around 13Mbps but when I disable it and just use HTTP I get around 80Mbps. I can't understand why this is happening as my understanding was that the heavy SSL work was done at the beginning of the connection. Does anyone have any idea why the performance is so drastically affected by enabling SSL? Cheers.

    Read the article

  • SSL Certificate only works when session active in Server 2008

    - by CodeMonkey1
    I have a web app that uses an installed certificate to send a web request to a 3rd party web service. This has worked for a long time on Windows Server 2003, but just recently we found a problem with it on 2008 installations. When logged into the server as the same user the App Pool uses, either locally or via remote desktop, the web app and it's secure 3rd party request works fine. However, when there are no user sessions open, the 3rd party request fails, as if the certificate were not attached to the web request. Any ideas?

    Read the article

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >