Search Results

Search found 20336 results on 814 pages for 'connection strings'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 295/814 | < Previous Page | 291 292 293 294 295 296 297 298 299 300 301 302  | Next Page >

  • sftp chroot access via SSH

    - by Cudos
    Hello. I have this setup in sshd_config: AllowUsers test1 test2 Match group sftpgroup ChrootDirectory /var/www X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp Match user test2 ChrootDirectory /var/www/somedomain.dk X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp I am trying to restrict test2 to only use /var/www/somedomain.dk For some reason when I try to login e.g. with Filezilla on account test2 I get this error: "Server unexpectedly closed network connection" The users are created and works. the SSH service has been stopped and started. test1 works when using e.g. filezilla and the root of the connection is /var/www. What am I doing wrong?

    Read the article

  • DLINK Dir-655 Sharing and connecting wirelessly

    - by CYREX
    I have a D-LINK DIR-655 and i wish to do the following: My PC is connected to the internet via eth0 (Wired) and it has a wireless card. I wish to connect to the DIR-655 Router and share my connection via the router but wirelessly. I do not want to connect via a cabled wired to the router. I want to connect to the router via wifi. After that i want to make the Router share the wireless connection am giving it to other PCs wirelessly. So the sharing and connecting in all PCs will be done via WiFi.

    Read the article

  • Uploading with browser makes all other browser tabs and devices disconnect

    - by fabsenet
    Whenever I upload a video to YouTube all other browser tabs behave like there is no connection at all. It even affects my phone and other computers on the network therefor I think it has to do with my router. When the upload is done everything works normally again. I never observed this behavior with any other upload. My router is a Fritz!Box 7390 and my uploading PC is connected through a 1000mb/s switch (wired) to the router. Uploading through another browser does not change anything. I understand that other sites become slow as the network resources are limited, but stopping altogether feels wrong. speed.io measures for my internet connection: 40.894 Kbit/s down, 2.685 Kbit/s up, 29 ms ping, 2.048 con/m connects

    Read the article

  • Windows Server 2003 Terminal Services error

    - by Adrian S
    Hi! I have a Win2K3 machine which I want to access via remote desktop. When I try remote desktop on another machine the session just ends as soon as it attempts connection. I never see the log-on sceeen or anything. It just returns to the remote desktop connection dialog. I have checked the service on the target machine and it's up and running, so how can I determine the error? Is there any way to re-install terminal services and see if it just fixed?

    Read the article

  • apt-get update stuck on "Waiting for Headers"

    - by crasic
    I'm setting up a Maverick server on a spare PC. The install completes fine and the system boots up into the shell. However, when I try to do a apt-get update , apt hangs on almost every entry with the message 99% [Waiting for headers] sometimes a message of 96 b/s appears on the far right. The actual percent that it claims also varies. Searching around online gave a potential solution by using the option Acquire::http::Pipeline-Depth="0" this somewhat alleviates the problem, i.e. it stalls on every other entry with the same message as above. If you wait it out (the whole update took about 4 hours), the update still fails as a good portion of the hits show a "unable to connect" or similar message, despite the fact that I can ping the server from the pc just fine. The problem is also unrelated to the mirror used since I've tried about a dozen mirrors with no success, I've even tried commenting out everything but the main entry in sources.list and it still refuses to update. The network connection is fine since I can ping and wget (apt won't let me install lynx until I run a successful update) just fine. I've also reinstalled the distro with no luck. The only thing weird about the setup is that the PC is connecting to the internet through my windows laptop with ICS configured properly, but as I've said before, the network connection is fine.

    Read the article

  • Can / how to install openSUSE as a GUI-less home server with only wifi?

    - by Dougal
    Hello there, I'm following an article to set up openSUSE as a commandline server (http://www.howtoforge.com/perfect-server-opensuse-11.1). It seems to only work for wired internet connections. Is there any way to install openSUSE as a commandline server in my home network but using a wifi internet connection? Preferably from the get-go and not simply installing with LAN cable internet and then installing some wifi things later. Or, perhaps, to rephrase the question "How can I get the openSUSE install / post-install procedure to recognize my wifi internet connection?" Kind regards, Dougal

    Read the article

  • Website hosted on IIS is not accessbile

    - by Tola Odejayi
    I have two sites set up in IIS on a remote machine RM; one on regular port 80, and the other on port 5773. From my local machine LM, I can access the site on 80, but I cannot access the one on 5773; I get a status code of 502 and an error code of 10060 (A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond) when I try to do this. I can access the 5773 site via IIS when I am logged into RM (i.e. by right clicking on a page on the site and going 'Browse'). I can also access pages on the 5773 site via a browser, again when I am logged into RM. I just can't do the same via a browser when I am logged into LM. I have ensured that port 5773 is open for outgoing traffic on LM. Could the problem be that I also need to ensure that port 5773 is open for inbound traffic on RM?

    Read the article

  • Would a typical corporate firewall block a Java applet having the following behaviour

    - by auser
    I'm thinking of developing a proxy-like program to forward ports on a remote PC to a local PC (for example SSH). Assume that both local and remote PCs are running behind typical firewalls (i.e. consumer broadband router firewall, Windows firewall or corporate firewalls). The program will be a Java program which the user will run on both the remote and local PC. The remote client will periodically poll a central server to determine whether there are pending client connections. A session could be initiated as follows: The local client contacts the central server and request the current connection details for a specific remote client. The central server responds with the remote server's last received IP address and port. The next time the remote server polls the central server, the client's IP address and port are returned. The remote server initiates a connection to the local client using the IP address and port returned by the central server and listens for a response on a random port. The remote server will pass the value of the port it's listening on to central server. Goto 1, if client fails to connect to server. Would this work or will a typical firewall block the interactions.

    Read the article

  • Is there any danger in disabling windows firewall on a azure worker role?

    - by NullReference
    I'm trying to troubleshoot a bug on our Azure worker role where we occasionally get the error "Unable to read data from the transport connection: An established connection was aborted by the software in your host machine". This error occurs when we are connecting to outside resources like google auth servers. A few people have recommended disabling the firewall\antivirus on the server. I'm just wondering what kind of security risk we would take by doing this. The server doesn't have iis installed but would it be vulnerable to hacking without the firewall? Thanks

    Read the article

  • my application did not show toast mesage when network is not available [closed]

    - by Smart Guy
    my application did no show toast message when network is disable if (position == 2) { final ConnectivityManager connMgr = (ConnectivityManager) getSystemService(Context.CONNECTIVITY_SERVICE); NetworkInfo activeNetworkInfo = connMgr .getActiveNetworkInfo(); android.net.NetworkInfo mobile1 = connMgr.getNetworkInfo(ConnectivityManager.TYPE_MOBILE); if (activeNetworkInfo == null) { Toast.makeText(LoginScreen.this, "No Active Network",Toast.LENGTH_LONG).show(); } else { if (activeNetworkInfo.isConnected()) { btnLogin.setOnClickListener(new OnClickListener() { public void onClick(View view) { String pinemptycheck = pin.getText().toString(); String mobileemptycheck = mobile.getText().toString(); if (pinemptycheck.trim().equals("")||(mobileemptycheck.trim().equals(""))) { Toast.makeText(getApplicationContext(), "Please Enter Correct Information", Toast.LENGTH_LONG).show(); } else { showProgress(); postLoginData(); } } }); } else if (activeNetworkInfo.isConnectedOrConnecting()) { Toast.makeText(LoginScreen.this, "network is Connecting", Toast.LENGTH_LONG) .show(); else if (mobile1.isAvailable()) { btnLogin.setOnClickListener(new OnClickListener() { public void onClick(View view) { showProgress(); postLoginData(); } }); } else if (!mobile1.isAvailable()) { Toast.makeText(LoginScreen.this,"No other Connection Found ",Toast.LENGTH_LONG).show(); btnLogin.setOnClickListener(new OnClickListener() { public void onClick(View v) { Toast.makeText(LoginScreen.this," No other Connection Found", Toast.LENGTH_LONG).show(); } }); }}}

    Read the article

  • Connecting to a LDAPS server

    - by Pavanred
    I am working on a development machine and I am trying to connect to my LDAP server. This is what I do - telnet ldaps- 686 then the response is - Could not open connection to the host on port 686 : connect failed But, the strange part is when I connect to my server - telnet ldap- 389 then the connection is successful. My question is, why does this happen? Do I have to install SSL certificate on the client machine where I make the call from? I do not know much about this. I know for a fact that the LDAP server is working fine because other applications are successfully using it currently.

    Read the article

  • BGP Router reccomendations for simple redundancy [closed]

    - by Jona
    We have two sites that each have an internet connection and have a dedicated dark fibre between them. Each site has it's own IP space and we have an AS number. We're looking to be resilient to failure of the internet connection to either site and so need to buy a pair of approriate routers. Requirements are: Able to run 2 bgp sessions (one with the ISP, one with the other site router) Option to take a full table from the upstream ISPs would be nice. Able to provide HA gateways on the LAN side (e.g. 192.168.0.254 will automatically migrate if it's host router lost power) A dedicated device rather than a server running Linux / BSD Not crazy expensive. Any help / advice much appreciated.

    Read the article

  • Do these 3 crashes have something in common?

    - by David U
    I'm running OS X 10.6.8 on a Mac Mini. I tried to install 3 applications today and all 3 installations failed. I am wondering if the failures have something in common. First I installed GraphViz. The installation succeeded, but when I try to open any .dot file, I get a dialog that says GraphViz has quit unexpectedly. Next I installed Doxygen. It installed, but when I try to launch it I get a dialog that tells me Doxywizard quit unexpectedly. After some googling I thought perhaps my system lacked QT, and that was the problem. I downloaded the Qt 4.8.4 packages and installed them. But when I try to launch qtdemo.app, or any of the other apps that came with the qt installation, I get a dialog that says I can't open the app because it's not supported on this type of Mac. I have crash logs from GraphViz and Doxygen. They're long and I think it unnecessary to post them unless they would help someone determine my problem. Thanks Excerpt from System Log, added later: 12/13/12 5:26:21 PM [0x0-0x4f04f].com.apple.DiskImageMounter[1322] 2012-12-13 17:26:21.927 DiskImages UI Agent[1333:903] *** -[NSMachPort handlePortMessage:]: dropping incoming DO message because the connection or ports are invalid 12/13/12 5:30:31 PM [0x0-0x1a01a].org.mozilla.firefox[824] [ConvConfHandler] isPreferred contentType: application/x-apple-diskimage 12/13/12 5:35:32 PM DiskImages UI Agent[1384] *** -[NSMachPort handlePortMessage:]: dropping incoming DO message because the connection or ports are invalid 12/13/12 5:35:32 PM [0x0-0x5a05a].com.apple.DiskImageMounter[1376] 2012-12-13 17:35:32.988 DiskImages UI Agent[1384:903] *** -[NSMachPort handlePortMessage:]: dropping incoming DO message because the connection or ports are invalid 12/13/12 6:07:33 PM DisplayLinkUserAgent[772] (00116500.405)-[DLDistributedNotificationCenter stream:handleEvent:] reconnected. 12/13/12 6:07:33 PM [0x0-0x6c06c].backupd-helper[1446] Not starting Time Machine backup after wake - less than 60 minutes since last backup completed. 12/13/12 6:08:43 PM Installer[1403] PackageKit: *** Missing bundle identifier: /Library/Receipts/BrotherPPD.pkg 12/13/12 6:08:48 PM Installer[1403] PackageKit: *** Missing bundle identifier: /Library/Receipts/NeoOffice-2.2.3-Intel.pkg 12/13/12 6:08:48 PM Installer[1403] PackageKit: *** Missing bundle identifier: /Library/Receipts/NeoOffice-2.2.3-Patch-2-Intel.pkg 12/13/12 6:08:48 PM Installer[1403] PackageKit: *** Missing bundle identifier: /Library/Receipts/NeoOffice-2.2.5-Intel.pkg 12/13/12 6:08:48 PM Installer[1403] PackageKit: *** Missing bundle identifier: /Library/Receipts/NeoOffice.pkg 12/13/12 6:08:48 PM Installer[1403] PackageKit: *** Missing bundle identifier: /Library/Receipts/PIXMA iP6000D 290.pkg 12/13/12 6:14:39 PM com.apple.launchd.peruser.501[359] ([0x0-0x70070].com.att.graphviz[2047]) Job appears to have crashed: Bus error 12/13/12 6:14:41 PM ReportCrash[2056] Saved crash report for Graphviz[2047] version 2.28 (2.28.0) to /Users/duzzell/Library/Logs/DiagnosticReports/Graphviz_2012-12-13-181441_Amun.crash 12/13/12 6:15:19 PM com.apple.launchd.peruser.501[359] ([0x0-0x74074].org.doxygen[2070]) Job appears to have crashed: Bus error 12/13/12 6:15:19 PM ReportCrash[2056] Saved crash report for Doxywizard[2070] version 1.8.2 (???) to /Users/duzzell/Library/Logs/DiagnosticReports/Doxywizard_2012-12-13-181519_Amun.crash

    Read the article

  • Mac OS X: pushing all traffic through a VMWare VM

    - by bj99
    I want to set up an Astaro (Sophos) UTM in a Virtual Machine. The Setup should be at the end the following: Cable Modem (one IP adress) | [Ethernet] Sophos UTM (running as VM [VMWare Fusion 5] on the MacMini) | [WIFI] Airport Express v2 (for sharing Local Network to wireless and wired clients) 1)| [WIFI] 2)| [Ethernet over Thunderbolt Ethernet Adapter]* Clients MacMini (Local File Server) *To have the Mini also protected behind the UTM So the setup process for the UTM works fine, but then the problems start: I just have one external IP (from my cable modem provider)== So if I put the VM in briged mode my Internet connection drops, because the MacMini also has its IP adress. If I put the VM to NAT mode the Mini itself is not protected by the UTM So: is there a way to hide the en0 interface(Ethernet) and the en1 interface (Wifi) from the MacMini, so that they not even appear in System Preferences Network section but are available to the VM? That way the Mini must connect to the en2 interface (Thunderbolt adapter) to make any Internet/LAN connection and I just use the given single IP from the Cable Modem. Thaks for any suggestions... Sebastian

    Read the article

  • Black screen with thinkpad edge e525, AMD radeon HD before and after installation, plymouth?

    - by carolien
    I have a new thinkpad edge e525 (which should work) and wanted to try ubuntu (first linux experience). With the ubuntu desktop-cd I had a blackscreen before installation, I could fix that with nomodeset. After the installation, when rebooting I got the black screen again. First I see some ubuntu colour with a green busted stripe. I have the same problem with the live boot, also tried mint live, the stripe gets pink. I installed xubuntu 64bit from an alternate cd and I didnt have problems until de reboot after the installation. Same problem, just a black screen with the green stripe than blackscreen. I tried several things: adding nomodeset to the bootmenu, but than I get: No connection to plymouth and it is stuck at checking the battery status. I tried to replace quiet splash with text. Didnt work either. actually one time I saw a blue booting image before that. I managed to get a root command though via the recovery boot. I didnt dare to just remove the plymouth package. Can I just delete plymouth or do I have to deinstall it as described in several ways. (Problem is, right now the notebook doesnt have a internet connection. And I dont know how to manage it with a usb stick?) Or do I have to install the AMD catalyst driver manually? (Again, how can I do that with an usb stick) I also tried this: Ubuntu hits a black screen after boot. Is there any solution without internet? And if I need internet which is the right one? Please explain step by step what I have to write and so on! Thank you! also tried: set gfxpayload=text and: just remove splash and adding vesafb.nonsense=1 to the grub editor, because I couldnt find it anywhere

    Read the article

  • Bizarre SSH Problem - It won't even start

    - by thallium85
    I recently got Ubuntu 12.04 Precise, got it up and running with some MediaWiki software, static IP on the box and router and was able to access the main page even from a cell phone. Everything seemed great... Then I wanted to finally get rid of the monitor and keyboard and login remotely via SSH. I installed openssh-server, let everything point to port 22 for a test run and installed putty on my Windows XP machine. I got a connection refused. Went back and started checking the Ubuntu install itself... (I'm under root from this point on) $ sudo -s $ service ssh status ssh stop/waiting $ service ssh start ssh start/running, process 2212 $ service ssh status ssh stop/waiting Apparently ssh has stopped or is waiting for something.... $ ssh localhost ssh: connect to host localhost port 22: Connection refused I can't even connect to myself... I checked ufw (firewall) to see if port 22 is doing alright... $ sudo ufw status Status: active To Action From 22 ALLOW Anywhere 22/tcp ALLOW Anywhere 22 ALLOW Anywhere (v6) 22/tcp ALLOW Anywhere (v6) sshd_config shows only Port 22 Is ssh not using the right IP address at all? I just don't get what I did wrong here. When this is up and running I will def change the port number, but for now, I don't want to mess with the default install too much until a test run with putty is successful. Edit: Here are my sshd_config file and my ssh_config file. The command /usr/sbin/sshd -p 22 -D -d -e returns: /etc/ssh/sshd_config line 159: Subsystem 'sftp' already defined. Edit: @phoibus moving the sshd_config file and reinstalling did the trick! service ssh status the above command shows that ssh is now running and I am now able to log in from my windows xp computer remotely via putty. Thanks so much! I can now use my monitor for other things!

    Read the article

  • how to type/send hex on a putty session

    - by Amit Phatarphekar
    I'm using Putty to make a serial connection to a device. I need to send a Hex string on this session. How do I do this? The Hex String is FF7E414244 This is required to break the serial device into command interface mode... From an XP machine, I can use HyperTerminal. And then on the serial connection, do a "send file", where the file has this hexstring entered using hex editing means. So this mechanism works. But now I have a windows 7 with no hyperterminal. so I'm using putty. But now how do I send the hex string? Thanks

    Read the article

  • How to connect Android phone to a Wifi network using PPPoE?

    - by Slavo
    I have an ISP at home, which provides me with a PPPoE connection. My router supports that and I've configured it to autoconnect periodically, so I don't have to type my username and password each time. When I connect to the Wireless router from the PC, I have internet and everything works fine. However, when I do so using my Android phone, there's no internet connection on the phone. It connects to the router, but I cannot open any web page. How can I enable internet access from such an ISP on my phone? Is it something in the router setup? The router is Linksys WRT54GL.

    Read the article

  • Keep source IP after NAT

    - by John Miller
    Until today I used a cheapy router so I can share my internet connection and keep a webserver online too, while using NAT. Users IP ($_SERVER['REMOTE_ADDR']) was fine, I was seeing class A IPs of users. But as traffic grown up everyday, I had to install a Linux Server (Debian) to share my Internet Connection, because my old router couldn't keep the traffic anymore. I shared the internet via IPTABLES using NAT, but now, after forwarding port 80 to my webserver, now instead of seeing real users IP, I see my Gateway IP (Linux Internal IP) as any user IP Address. How to solve this issue? I edited my post, so I can paste the rules I'm currently using. #!/bin/sh #I made a script to set the rules #I flush everything here. iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain iptables -F iptables -X # I drop everything as a general rule, but this is disabled under testing # iptables -P INPUT DROP # iptables -P OUTPUT DROP # these are the loopback rules iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # here I set the SSH port rules, so I can connect to my server iptables -A INPUT -p tcp --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 --dport 513:65535 -m state --state ESTABLISHED -j ACCEPT # These are the forwards for 80 port iptables -t nat -A PREROUTING -p tcp -s 0/0 -d xx.xx.xx.xx --dport 80 -j DNAT --to 192.168.42.3:80 iptables -t nat -A POSTROUTING -o eth0 -d xx.xx.xx.xx -j SNAT --to-source 192.168.42.3 iptables -A FORWARD -p tcp -s 192.168.42.3 --sport 80 -j ACCEPT # These are the forwards for bind/dns iptables -t nat -A PREROUTING -p udp -s 0/0 -d xx.xx.xx.xx --dport 53 -j DNAT --to 192.168.42.3:53 iptables -t nat -A POSTROUTING -o eth0 -d xx.xx.xx.xx -j SNAT --to-source 192.168.42.3 iptables -A FORWARD -p udp -s 192.168.42.3 --sport 53 -j ACCEPT # And these are the rules so I can share my internet connection iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A FORWARD -i eth0:1 -j ACCEPT If I delete the MASQUERADE part, I see my real IP while echoing it with PHP, but I don't have internet. How to do, to have internet and see my real IP while ports are forwarded too? ** xx.xx.xx.xx - is my public IP. I hid it for security reasons.

    Read the article

  • 12.04 WiFi issue on a particular access point

    - by user71706
    I have a WiFi access point that I connect to a PC to share its Internet connection with multiple machines, in a training environment. All the machines with 11.04 connect to this access point with no problem, and can access any server on the Internet. These machines have an Intel Wireless -N 1030 BGN chipset (as reported by lspci). Now, my problem is that I don't manage to connect 12.04 machines to this wireless network. The systems I tried do manage to connect (confirmed by Network Manager), but when I try to access a website like http://kernel.org, the browser shows "Connecting to kernel.org...", but displays a "The connection has timed out" error page. Other symptoms: Name resolution works (for example 'nslookup kernel.org') finds kernel.org's IP address 'ping kernel.org' doesn't work The same 12.04 machines have no problem at all with other wireless networks. So there is probably something weird in my access point (though the 11.04 machines are not impacted). Would you have any suggestions for investigating this issue? Thanks, Michael.

    Read the article

  • IIS not listening over external network, all other traffic working

    - by Beuy
    Hello there, I have a very odd situation, I have a server (let's call it X) running 2008 R2 with two NIC's in it, one is connected to the work domain and has a subnet of 192.168.10.0/24 the other is connected to a ADSL connection and has a subnet of 192.168.1.0/24. The server has IIS installed. On the ADSL connection I have setup a dynamic dns and port forwarding to allow external HTTP, HTTPS, FTP and RDP connections. FTP and RDP are working fine however neither HTTP or HTTPS are working at all. I can browse the websites by going to localhost on the machine, the HTTP and HTTPS ports appear as "Filtered" when I try to scan them using PortQueryUI and browsers respond with a "Server took too long to load or was not responding" error. This was working fine just a few days ago, Windows firewall is disabled I don't have any software firewall on it. And I'm really lost. Any help would be great.

    Read the article

  • First Shard for SQL Azure and SQL Server

    - by Herve Roggero
    That's it!!!!! It's ready to go and be tested, abused and improved! It requires .NET 4.0 and uses some cool technologies, like caching (the new System.Runtime.Caching) and the Task Parallel Library (System.Threading.Tasks). With this library you can: Define a shard of 1, 2 or 100 SQL databases (a mix of SQL Server and SQL Azure) Read from the shard in parallel or sequentially, and cache resultsets Update, Delete a record from the shard Insert records quickly in the shard with a round-robin load Reset the cache You can download the source code and a sample application here: http://enzosqlshard.codeplex.com/  Note about the breadcrumbs: I had to add a connection GUID in order for the library to know which database a record came from. The GUID is currently calculated on the fly in the library using some of the parameters of the connection string. The GUID is also dynamically added to the result set so the client can pass it back to the library. I am curious to get your feedback on this approach. ** Correction from my previous post: this is a library for a Horizontal Partition Shard (HPS): tables are split across databases horizontally. So in essence, the tables need to have the same schema across the databases.

    Read the article

  • curl can't verify cert using capath, but can with cacert option

    - by phylae
    I am trying to use curl to connect to a site using HTTPS. But curl is failing to verify the SSL cert. $ curl --verbose --capath ./certs/ --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: ./certs/ * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS alert, Server hello (2): * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Closing connection #0 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. I know about the -k option. But I do actually want to verify the cert. The certs directory has been properly hashed with c_rehash . and it contains: A Verisign intermediate cert Two self-signed certs The above site should be verified with the Verisign intermediate cert. When I use the --cacert option instead (and point directly to the Verisign cert) curl is able to verify the SSL cert. $ curl --verbose --cacert ./certs/verisign-intermediate-ca.crt --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: ./certs/verisign-intermediate-ca.crt CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using RC4-SHA * Server certificate: * subject: C=US; ST=State; L=City; O=Company; OU=ou1; CN=example.com * start date: 2011-04-17 00:00:00 GMT * expire date: 2012-04-15 23:59:59 GMT * common name: example.com (matched) * issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA - G3 * SSL certificate verify ok. > HEAD / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 > Host: example.com > Accept: */* > < HTTP/1.1 404 Not Found HTTP/1.1 404 Not Found < Cache-Control: must-revalidate,no-cache,no-store Cache-Control: must-revalidate,no-cache,no-store < Content-Type: text/html;charset=ISO-8859-1 Content-Type: text/html;charset=ISO-8859-1 < Content-Length: 1267 Content-Length: 1267 < Server: Jetty(7.2.2.v20101205) Server: Jetty(7.2.2.v20101205) < * Connection #0 to host example.com left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): In addition, if I try hitting one of the sites using a self signed cert and the --capath option, it also works. (Let me know if I should post an example of that.) This implies that curl is finding the cert directory, and it is properly hash. Finally, I am able to verify the SSL cert with openssl, using its -CApath option. $ openssl s_client -CApath ./certs/ -connect example.com:443 CONNECTED(00000003) depth=3 /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority verify return:1 depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 verify return:1 depth=1 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 verify return:1 depth=0 /C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com verify return:1 --- Certificate chain 0 s:/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- Server certificate -----BEGIN CERTIFICATE----- <cert removed> -----END CERTIFICATE----- subject=/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- No client certificate CA names sent --- SSL handshake has read 1563 bytes and written 435 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : RC4-SHA Session-ID: D65C4C6D52E183BF1E7543DA6D6A74EDD7D6E98EB7BD4D48450885188B127717 Session-ID-ctx: Master-Key: 253D4A3477FDED5FD1353D16C1F65CFCBFD78276B6DA1A078F19A51E9F79F7DAB4C7C98E5B8F308FC89C777519C887E2 Key-Arg : None Start Time: 1303258052 Timeout : 300 (sec) Verify return code: 0 (ok) --- QUIT DONE How can I get curl to verify this cert using the --capath option?

    Read the article

  • Deploy multiple emails to email providers, but without showing favouritism

    - by Ardman
    We are currently developing a new email deployment system. We have the system currently configured so that it reads a record from the database and loads the email content and deploys it to the target. Now we want to move this over to multiple threads. That is easily done, except we then hit the email providers returning SMTP codes referring to "Too many connections", or "Deferred connection". The solution to this is to have a thread open up a connection to the email provider and deploy n emails and then disconnect. We have currently configured the application so that it will support these session based email deployments. The problem is this, the database table has multiple email addresses in and they aren't grouped by email provider because that will show favouritism. We need to be able to retrieve a set number of, i.e. Hotmail, emails (@hotmail.com, @hotmail.co.uk, @live.co.uk) so that we are reducing the number of connections to Hotmail and reducing the risks of getting the "Too many connections" error. We are at the point now where we have gone round and round in circles trying to get a solution, so I thought I'd throw it out there and see if anyone has any ideas? EDIT I would like to stress that this application is not used for spamming purposes.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 291 292 293 294 295 296 297 298 299 300 301 302  | Next Page >