Search Results

Search found 93727 results on 3750 pages for 'code documentation'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 642/3750 | < Previous Page | 638 639 640 641 642 643 644 645 646 647 648 649  | Next Page >

  • [JP ???] Chrome+HTML5 Developers Live Japan #6

    [JP 日本語] Chrome+HTML5 Developers Live Japan #6 This program is in Japanese only. 今回の Chrome+HTML5 Developers Live Japan では、Googleの及川 (@takoratta) と共に、モバイルブラウザでの様々なデバッグ方法についてお話します。 【モバイルブラウザ デバッグベストプラクティス】... From: GoogleDevelopers Views: 803 12 ratings Time: 01:05:21 More in Science & Technology

    Read the article

  • [JP ???] Chrome+HTML5 Developers Live Japan #0 :

    [JP 日本語] Chrome+HTML5 Developers Live Japan #0 : This program is in Japanese only. これまで「クロたん」の愛称で親しまれてきた「GoogleのChrome担当者だけど何か質問ある?」ですが、今回から技術的なものはGoogle Developers Liveの一部としてお届けして参ります。その記念すべき第一回目は日本最大の HTML5 コミュニティ - html5j 代表の白石俊平さんをお迎えしてお送りします。 「パララックスでレスポンシブでjQuery Mobileなサイトのつくりかた」 視差スクロール(パララックス)、レスポンシブWebデザイン&レスポンシブイメージ、jQuery Mobile、Lessなど、最近はやりの技術を盛り込みまくって企業サイトを作ってみました。その過程でぶつかった課題や意思決定、学んだノウハウを皆さんと共有したいと思います。 一歩先ゆくWebサイトを作りたい方に贈ります。 From: GoogleDevelopers Views: 0 1 ratings Time: 01:00:00 More in Science & Technology

    Read the article

  • [JP ???] Google Cast SDK ??

    [JP 日本語] Google Cast SDK 概要 Chromecast 向けアプリケーションを開発される皆さんのために Google Cast SDK が公開されました。このエピソードでは、Google Cast SDK の概要についてお話... From: Google Developers Views: 301 10 ratings Time: 05:17 More in Science & Technology

    Read the article

  • ???? ??? ?? ?? ?? (Start Playing The Distribution Game on YouTube)

    유튜브를 활용한 게임 확산 전략 (Start Playing The Distribution Game on YouTube) 권순선, Sang Kim and Jarek Wilkiewicz. Edited version of a presentation recorded at YouTube Korea, Seoul, Nov 2012 유튜브는 매일 8억명 이상이 방문하며 매달 40억 시간 이상 시청되고 있습니다. 게임은 그중에서도 가장 많은 사람들이 시청하는 분야 중 하나입니다. 여러분의 게임을 유튜브와 결합하시면 그 어떤 미디어들보다도 더 효과적으로 동영상 시청자들을 게이머로 전환하실 수 있습니다. 이번 세션에서는 PC, 콘솔게임 그리고 모바일에서 유튜브와 게임을 결합한 재미있는 사례들을 보여 드립니다. 기술적, 사업적으로 가장 좋은 예제들을 알려 드리고, 저희가 가장 좋아하는 게임 플레이 동영상들도 함께 보여 드립니다! From: GoogleDevelopers Views: 85 3 ratings Time: 01:00:02 More in Gaming

    Read the article

  • ?????? ?? ??? 2

    크롬캐스트와 구글 캐스트 2 작년에 미국에서 출시한 크롬캐스트는 N 스크린과 스마트 TV 시장에 새로운 화두를 던지고 있으며 타임지가 뽑은 2013년도의 제품을 선정되기도... From: Google Developers Views: 25 4 ratings Time: 20:05 More in Science & Technology

    Read the article

  • ?? ??? ??? ??

    구글 개발자 지원팀 소개 구글 플레이 개발자 지원이 드디어 한국어로도 가능해졌습니다. 문의 가능한 내용부터 주의해야 할 사항 그리고 팁까지 소개될 예정입니다. 수정되... From: Google Developers Views: 11 0 ratings Time: 19:21 More in Science & Technology

    Read the article

  • ?? ???? ???? ?? ??? ??? ??? ??

    구글 클라우드 플랫폼을 통한 안정된 글로벌 서비스 런칭 글로벌 서비스를 준비하는 많은 기업의 고민인 운영 인프라를 구글의 클라우드 플랫폼을 통해서 보다 효율적이고 안정적으로 구성할 수 있는... From: Google Developers Views: 2 0 ratings Time: 39:51 More in Science & Technology

    Read the article

  • ??? new AdMob?? ???? ???, ??? ??? ???? ?????.

    구글의 new AdMob으로 수익성과 편의성, 그리고 최고의 컨트롤을 확보하세요. AdMob은 개발자들이 수익을 낼 수 있는 가장 손쉬운 수단입니다. 본 강연에서는 new AdMob에서 제공하는 기능과 수익화도구들에 대해 알아보고, 어떻게... From: Google Developers Views: 25 1 ratings Time: 39:01 More in Science & Technology

    Read the article

  • ?????? ?? ???

    크롬캐스트와 구글 캐스트 작년에 미국에서 출시한 크롬캐스트는 N 스크린과 스마트 TV 시장에 새로운 화두를 던지고 있으며 타임지가 뽑은 2013년도의 제품을 선정되기도... From: Google Developers Views: 6 0 ratings Time: 15:55 More in Science & Technology

    Read the article

  • ?? ???, ??? ?? ?? ???

    구글 플레이, 성공을 위한 최적 플랫폼 구글 플레이를 통한 성공의 가능성과 크기를 실제 사례를 통해 알아보고, 이를 위해 구글 플레이팀과 함께 협력하는 방법에 대해 알아봅니다. From: Google Developers Views: 5 0 ratings Time: 31:24 More in Science & Technology

    Read the article

  • ?? ??? ??? ?? 2

    구글 개발자 지원팀 소개 2 구글 플레이 개발자 지원이 드디어 한국어로도 가능해졌습니다. 문의 가능한 내용부터 주의해야 할 사항 그리고 팁까지 소개될 예정입니다. 수정되... From: Google Developers Views: 5 0 ratings Time: 20:44 More in Science & Technology

    Read the article

  • ?? ?? ????? ??? ?????

    다시 한번 안드로이드 디자인 가이드라인 안드로이드 디자인 가이드라인은 안드로이드 앱을 디자인할 때 바로 참고할 수 있는 첫 번째 자료이며 컨텐츠 중심 / 반응형 디자인과 같은 최신의... From: Google Developers Views: 23 0 ratings Time: 41:59 More in Science & Technology

    Read the article

  • Nginx and client certificates from hierarchical OpenSSL-based certification authorities

    - by Fmy Oen
    I'm trying to set up root certification authority, subordinate certification authority and to generate the client certificates signed by any of this CA that nginx 0.7.67 on Debian Squeeze will accept. My problem is that root CA signed client certificate works fine while subordinate CA signed one results in "400 Bad Request. The SSL certificate error". Step 1: nginx virtual host configuration: server { server_name test.local; access_log /var/log/nginx/test.access.log; listen 443 default ssl; keepalive_timeout 70; ssl_protocols SSLv3 TLSv1; ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; ssl_client_certificate /etc/nginx/ssl/client.pem; ssl_verify_client on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; location / { proxy_pass http://testsite.local/; } } Step 2: PKI infrastructure organization for both root and subordinate CA (based on this article): # mkdir ~/pki && cd ~/pki # mkdir rootCA subCA # cp -v /etc/ssl/openssl.cnf rootCA/ # cd rootCA/ # mkdir certs private crl newcerts; touch serial; echo 01 > serial; touch index.txt; touch crlnumber; echo 01 > crlnumber # cp -Rvp * ../subCA/ Almost no changes was made to rootCA/openssl.cnf: [ CA_default ] dir = . # Where everything is kept ... certificate = $dir/certs/rootca.crt # The CA certificate ... private_key = $dir/private/rootca.key # The private key and to subCA/openssl.cnf: [ CA_default ] dir = . # Where everything is kept ... certificate = $dir/certs/subca.crt # The CA certificate ... private_key = $dir/private/subca.key # The private key Step 3: Self-signed root CA certificate generation: # openssl genrsa -out ./private/rootca.key -des3 2048 # openssl req -x509 -new -key ./private/rootca.key -out certs/rootca.crt -config openssl.cnf Enter pass phrase for ./private/rootca.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:rootca Email Address []: Step 4: Subordinate CA certificate generation: # cd ../subCA # openssl genrsa -out ./private/subca.key -des3 2048 # openssl req -new -key ./private/subca.key -out subca.csr -config openssl.cnf Enter pass phrase for ./private/subca.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:subca Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Step 5: Subordinate CA certificate signing by root CA certificate: # cd ../rootCA/ # openssl ca -in ../subCA/subca.csr -extensions v3_ca -config openssl.cnf Using configuration from openssl.cnf Enter pass phrase for ./private/rootca.key: Check that the request matches the signature Signature ok Certificate Details: Serial Number: 1 (0x1) Validity Not Before: Feb 4 10:49:43 2013 GMT Not After : Feb 4 10:49:43 2014 GMT Subject: countryName = AU stateOrProvinceName = Some-State organizationName = Internet Widgits Pty Ltd commonName = subca X509v3 extensions: X509v3 Subject Key Identifier: C9:E2:AC:31:53:81:86:3F:CD:F8:3D:47:10:FC:E5:8E:C2:DA:A9:20 X509v3 Authority Key Identifier: keyid:E9:50:E6:BF:57:03:EA:6E:8F:21:23:86:BB:44:3D:9F:8F:4A:8B:F2 DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca serial:9F:FB:56:66:8D:D3:8F:11 X509v3 Basic Constraints: CA:TRUE Certificate is to be certified until Feb 4 10:49:43 2014 GMT (365 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y ... # cd ../subCA/ # cp -v ../rootCA/newcerts/01.pem certs/subca.crt Step 6: Server certificate generation and signing by root CA (for nginx virtual host): # cd ../rootCA # openssl genrsa -out ./private/server.key -des3 2048 # openssl req -new -key ./private/server.key -out server.csr -config openssl.cnf Enter pass phrase for ./private/server.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:test.local Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: # openssl ca -in server.csr -out certs/server.crt -config openssl.cnf Step 7: Client #1 certificate generation and signing by root CA: # openssl genrsa -out ./private/client1.key -des3 2048 # openssl req -new -key ./private/client1.key -out client1.csr -config openssl.cnf Enter pass phrase for ./private/client1.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:Client #1 Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: # openssl ca -in client1.csr -out certs/client1.crt -config openssl.cnf Step 8: Client #1 certificate converting to PKCS12 format: # openssl pkcs12 -export -out certs/client1.p12 -inkey private/client1.key -in certs/client1.crt -certfile certs/rootca.crt Step 9: Client #2 certificate generation and signing by subordinate CA: # cd ../subCA/ # openssl genrsa -out ./private/client2.key -des3 2048 # openssl req -new -key ./private/client2.key -out client2.csr -config openssl.cnf Enter pass phrase for ./private/client2.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:Client #2 Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: # openssl ca -in client2.csr -out certs/client2.crt -config openssl.cnf Step 10: Client #2 certificate converting to PKCS12 format: # openssl pkcs12 -export -out certs/client2.p12 -inkey private/client2.key -in certs/client2.crt -certfile certs/subca.crt Step 11: Passing server certificate and private key to nginx (performed with OS superuser privileges): # cd ../rootCA/ # cp -v certs/server.crt /etc/nginx/ssl/ # cp -v private/server.key /etc/nginx/ssl/ Step 12: Passing root and subordinate CA certificates to nginx (performed with OS superuser privileges): # cat certs/rootca.crt > /etc/nginx/ssl/client.pem # cat ../subCA/certs/subca.crt >> /etc/nginx/ssl/client.pem client.pem file look like this: # cat /etc/nginx/ssl/client.pem -----BEGIN CERTIFICATE----- MIID6TCCAtGgAwIBAgIJAJ/7VmaN048RMA0GCSqGSIb3DQEBBQUAMFYxCzAJBgNV BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMTBnJvb3RjYTAeFw0xMzAyMDQxMDM1NTda ... -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) ... -----BEGIN CERTIFICATE----- MIID4DCCAsigAwIBAgIBATANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJBVTET MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ dHkgTHRkMQ8wDQYDVQQDEwZyb290Y2EwHhcNMTMwMjA0MTA0OTQzWhcNMTQwMjA0 ... -----END CERTIFICATE----- It looks like everything is working fine: # service nginx reload # Reloading nginx configuration: Enter PEM pass phrase: # nginx. # Step 13: Installing *.p12 certificates in browser (Firefox in my case) gives the problem I've mentioned above. Client #1 = 200 OK, Client #2 = 400 Bad request/The SSL certificate error. Any ideas what should I do? Update 1: Results of SSL connection test attempts: # openssl s_client -connect test.local:443 -CAfile ~/pki/rootCA/certs/rootca.crt -cert ~/pki/rootCA/certs/client1.crt -key ~/pki/rootCA/private/client1.key -showcerts Enter pass phrase for tmp/testcert/client1.key: CONNECTED(00000003) depth=1 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = rootca verify return:1 depth=0 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = test.local verify return:1 --- Certificate chain 0 s:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=test.local i:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca -----BEGIN CERTIFICATE----- MIIDpjCCAo6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJBVTET MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ dHkgTHRkMQ8wDQYDVQQDEwZyb290Y2EwHhcNMTMwMjA0MTEwNjAzWhcNMTQwMjA0 ... -----END CERTIFICATE----- 1 s:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca i:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca -----BEGIN CERTIFICATE----- MIID6TCCAtGgAwIBAgIJAJ/7VmaN048RMA0GCSqGSIb3DQEBBQUAMFYxCzAJBgNV BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMTBnJvb3RjYTAeFw0xMzAyMDQxMDM1NTda ... -----END CERTIFICATE----- --- Server certificate subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=test.local issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca --- Acceptable client certificate CA names /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=subca --- SSL handshake has read 3395 bytes and written 2779 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: zlib compression Expansion: zlib compression SSL-Session: Protocol : TLSv1 Cipher : AES256-SHA Session-ID: 15BFC2029691262542FAE95A48078305E76EEE7D586400F8C4F7C516B0F9D967 Session-ID-ctx: Master-Key: 23246CF166E8F3900793F0A2561879E5DB07291F32E99591BA1CF53E6229491FEAE6858BFC9AACAF271D9C3706F139C7 Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket: 0000 - c2 5e 1d d2 b5 6d 40 23-b2 40 89 e4 35 75 70 07 .^...m@#[email protected]. 0010 - 1b bb 2b e6 e0 b5 ab 10-10 bf 46 6e aa 67 7f 58 ..+.......Fn.g.X 0020 - cf 0e 65 a4 67 5a 15 ba-aa 93 4e dd 3d 6e 73 4c ..e.gZ....N.=nsL 0030 - c5 56 f6 06 24 0f 48 e6-38 36 de f1 b5 31 c5 86 .V..$.H.86...1.. ... 0440 - 4c 53 39 e3 92 84 d2 d0-e5 e2 f5 8a 6a a8 86 b1 LS9.........j... Compression: 1 (zlib compression) Start Time: 1359989684 Timeout : 300 (sec) Verify return code: 0 (ok) --- Everything seems fine with Client #2 and root CA certificate but request returns 400 Bad Request error: # openssl s_client -connect test.local:443 -CAfile ~/pki/rootCA/certs/rootca.crt -cert ~/pki/subCA/certs/client2.crt -key ~/pki/subCA/private/client2.key -showcerts Enter pass phrase for tmp/testcert/client2.key: CONNECTED(00000003) depth=1 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = rootca verify return:1 depth=0 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = test.local verify return:1 ... Compression: 1 (zlib compression) Start Time: 1359989989 Timeout : 300 (sec) Verify return code: 0 (ok) --- GET / HTTP/1.0 HTTP/1.1 400 Bad Request Server: nginx/0.7.67 Date: Mon, 04 Feb 2013 15:00:43 GMT Content-Type: text/html Content-Length: 231 Connection: close <html> <head><title>400 The SSL certificate error</title></head> <body bgcolor="white"> <center><h1>400 Bad Request</h1></center> <center>The SSL certificate error</center> <hr><center>nginx/0.7.67</center> </body> </html> closed Verification fails with Client #2 certificate and subordinate CA certificate: # openssl s_client -connect test.local:443 -CAfile ~/pki/subCA/certs/subca.crt -cert ~/pki/subCA/certs/client2.crt -key ~/pki/subCA/private/client2.key -showcerts Enter pass phrase for tmp/testcert/client2.key: CONNECTED(00000003) depth=1 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = rootca verify error:num=19:self signed certificate in certificate chain verify return:0 ... Compression: 1 (zlib compression) Start Time: 1359990354 Timeout : 300 (sec) Verify return code: 19 (self signed certificate in certificate chain) --- GET / HTTP/1.0 HTTP/1.1 400 Bad Request ... Still getting 400 Bad Request error with concatenated CA certificates and Client #2 (but still everything ok with Client #1): # cat certs/rootca.crt ../subCA/certs/subca.crt > certs/concatenatedca.crt # openssl s_client -connect test.local:443 -CAfile ~/pki/rootCA/certs/concatenatedca.crt -cert ~/pki/subCA/certs/client2.crt -key ~/pki/subCA/private/client2.key -showcerts Enter pass phrase for tmp/testcert/client2.key: CONNECTED(00000003) depth=1 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = rootca verify return:1 depth=0 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = test.local verify return:1 --- ... Compression: 1 (zlib compression) Start Time: 1359990772 Timeout : 300 (sec) Verify return code: 0 (ok) --- GET / HTTP/1.0 HTTP/1.1 400 Bad Request ... Update 2: I've managed to recompile nginx with enabled debug. Here is the part of successfull conection by Client #1 track: 2013/02/05 14:08:23 [debug] 38701#0: *119 accept: <MY IP ADDRESS> fd:3 2013/02/05 14:08:23 [debug] 38701#0: *119 event timer add: 3: 60000:2856497512 2013/02/05 14:08:23 [debug] 38701#0: *119 kevent set event: 3: ft:-1 fl:0025 2013/02/05 14:08:23 [debug] 38701#0: *119 malloc: 28805200:660 2013/02/05 14:08:23 [debug] 38701#0: *119 malloc: 28834400:1024 2013/02/05 14:08:23 [debug] 38701#0: *119 posix_memalign: 28860000:4096 @16 2013/02/05 14:08:23 [debug] 38701#0: *119 http check ssl handshake 2013/02/05 14:08:23 [debug] 38701#0: *119 https ssl handshake: 0x16 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL server name: "test.local" 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_do_handshake: -1 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_get_error: 2 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL handshake handler: 0 2013/02/05 14:08:23 [debug] 38701#0: *119 verify:1, error:0, depth:1, subject:"/C=AU /ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca",issuer: "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca" 2013/02/05 14:08:23 [debug] 38701#0: *119 verify:1, error:0, depth:0, subject:"/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=Client #1",issuer: "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca" 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_do_handshake: 1 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL: TLSv1, cipher: "AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1" 2013/02/05 14:08:23 [debug] 38701#0: *119 http process request line 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_read: -1 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_get_error: 2 2013/02/05 14:08:23 [debug] 38701#0: *119 http process request line 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_read: 1 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_read: 524 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_read: -1 2013/02/05 14:08:23 [debug] 38701#0: *119 SSL_get_error: 2 2013/02/05 14:08:23 [debug] 38701#0: *119 http request line: "GET / HTTP/1.1" And here is the part of unsuccessfull conection by Client #2 track: 2013/02/05 13:51:34 [debug] 38701#0: *112 accept: <MY_IP_ADDRESS> fd:3 2013/02/05 13:51:34 [debug] 38701#0: *112 event timer add: 3: 60000:2855488975 2013/02/05 13:51:34 [debug] 38701#0: *112 kevent set event: 3: ft:-1 fl:0025 2013/02/05 13:51:34 [debug] 38701#0: *112 malloc: 28805200:660 2013/02/05 13:51:34 [debug] 38701#0: *112 malloc: 28834400:1024 2013/02/05 13:51:34 [debug] 38701#0: *112 posix_memalign: 28860000:4096 @16 2013/02/05 13:51:34 [debug] 38701#0: *112 http check ssl handshake 2013/02/05 13:51:34 [debug] 38701#0: *112 https ssl handshake: 0x16 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL server name: "test.local" 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_do_handshake: -1 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_get_error: 2 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL handshake handler: 0 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_do_handshake: -1 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_get_error: 2 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL handshake handler: 0 2013/02/05 13:51:34 [debug] 38701#0: *112 verify:0, error:20, depth:1, subject:"/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=subca",issuer: "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca" 2013/02/05 13:51:34 [debug] 38701#0: *112 verify:0, error:27, depth:1, subject:"/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=subca",issuer: "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=rootca" 2013/02/05 13:51:34 [debug] 38701#0: *112 verify:1, error:27, depth:0, subject:"/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=Client #2",issuer: "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=subca" 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_do_handshake: 1 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL: TLSv1, cipher: "AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1" 2013/02/05 13:51:34 [debug] 38701#0: *112 http process request line 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_read: 1 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_read: 524 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_read: -1 2013/02/05 13:51:34 [debug] 38701#0: *112 SSL_get_error: 2 2013/02/05 13:51:34 [debug] 38701#0: *112 http request line: "GET / HTTP/1.1" So I'm getting OpenSSL error #20 and then #27. According to verify documentation: 20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found. 27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted the root CA is not marked as trusted for the specified purpose.

    Read the article

  • ssh key error - Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

    - by user1963938
    Amazon Ec2 :: Redhat 6. 64 Bit I'm trying to follow the socks5 guidelines (http://www.catonmat.net/blog/linux-socks5-proxy/ ) to open a socks on one of our servers but unfortunately I got suck at step 1 . ssh -N -D 0.0.0.0:1080 localhost I get error Permission denied (publickey,gssapi-keyex,gssapi-with-mic). How do I fix it ? More debug info ssh -v -f -N -D 0.0.0.0:1080 localhost OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_0' not found debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_0' not found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/identity debug1: Trying private key: /root/.ssh/id_rsa debug1: Trying private key: /root/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

    Read the article

  • Ipsec reload fails to load ipsec.conf Strongswan 5.0

    - by Quentin Swain
    I am having trouble configuring a connection to an Android device using a fedora 17 linux machine and strongSwanv5.0.1dr2. I have made some progress but when I try adding the configuration to support xauth authentication I receive an error when I try to reload the configuration file. I get a similar error for the value ikev1 for the keyexchange setting , and whenever i try to set a value for rightauth. Has anyone else had this problem The man page for ipsec.conf and the documentation on the strongswan wiki both indicated that these settings and values should be fine in 5.0.x.x. I could try setting authby but that is deprecated according to the documentation i read and the xauthpsk value isn't working. Any help is much appreciated thanks. can not load config '/etc/ipsec.conf': /etc/ipsec.conf:25: syntax error, unexpected STRING [leftauth] # /etc/ipsec.conf - Openswan IPsec configuration file # # Manual: ipsec.conf.5 # # Please place your own config files in /etc/ipsec.d/ ending in .conf version 2.0 # conforms to second version of ipsec.conf specification # basic configuration config setup # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey protostack=netkey # Enable this if you see "failed to find any available worker" # nhelpers=0 plutodebug=all conn %default ikelifetime=240m #keylifetime=20m keyingtries=3 ikev2=no conn android left=10.1.12.212 right=10.1.12.140 leftxauthserver=yes leftauth=psk rightauth=xauth keyexchange=ikev1 type=tunnel pfs=no rekey=no auto=start ike=aes256-md5;modp1024 phase2=esp ikev2=no #You may put your configuration (.conf) file in the "/etc/ipsec.d/" #include /etc/ipsec.d/*.conf

    Read the article

  • Issues with ProxyPass and ProxyPassReverse when proxying to localhost and a different TCP port

    - by mbrownnyc
    I am attempting to use ProxyPass and ProxyPassReverse to proxy requests through Apache to another server instance that is bound to the localhost on a different TCP port that the Vhost exists (VHost is bound to :80, when the target is bound to :5000). However, I am repeatedly receiving HTTP 503 when accessing the Location. According to the ProxyPass documentation... <VirtualHost *:80> ServerName apacheserver.domain.local DocumentRoot /var/www/redmine/public ErrorLog logs/redmine_error <Directory /var/www/redmine/public> Allow from all Options -MultiViews Order allow,deny AllowOverride all </Directory> </VirtualHost> PassengerTempDir /tmp/passenger <Location /rhodecode> ProxyPass http://127.0.0.1:5000/rhodecode ProxyPassReverse http://127.0.0.1:5000/rhodecode SetEnvIf X-Url-Scheme https HTTPS=1 </Location> I have tested binding the alternate server to the interface IP address, and the same issue occurs. The server servicing request is an instance of python paste:httpserver, and it has been configured to use the /rhodecode suffix (as I saw this to be mentioned in other posts about ProxyPass). The documentation from the project itself, Rhodecode, reports to use the above. The issue is persistent if I target another server that is serving on a different port. Does ProxyPass allow proxying to a different TCP port? [update] I won't delete this, in case someone comes across the same issue. I had set an ErrorLog, and in that ErrorLog the following error was reported: [Wed Nov 09 11:36:35 2011] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:5000 (192.168.100.100) failed [Wed Nov 09 11:36:35 2011] [error] ap_proxy_connect_backend disabling worker for (192.168.100.100) After some more research, I attempted to set SELinux to permissive (echo 0 >/selinux/enforce), and try again. It turns out the SELinux boolean httpd_can_network_connect must be set to 1. For persistence on reboot: setsebool -P httpd_can_network_connect=1

    Read the article

  • Cloudmin KVM DNS hostnames not working

    - by dannymcc
    I have got a new server which has Cloudmin installed. It's working well and I can create and manage VM's as expected. The server came with a /29 subnet and I requested an additional /29 subnet to allow for more virtual machines. I didn't want to replace the existing /29 subnet with a /28 because that would have caused disruption with my existing VM's. To make life easier I decided to configure a domain name for the Cloudmin host server to allow for automatic hostname setup whenever I create a new virtual machine. I have a domain name (example.com) and I have created an NS record as follows: NS kvm.example.com 123.123.123.123 A kvm.example.com 123.123.123.123 In the above example the IP address is that of the host server, I also have two /29 subnets routed to the server. Now, I've added the two subnets to the Cloudmin administration panel as follows: I've tried to hide as little information as possible without giving all of the server details away! If I ping kvm.example.com I get a response from 123.123.123.123, if I ping the newly created virtual machine (example.kvm.example.com) it fails, and if I ping the IP address that's been assigned to the new virtual machine (from the second subnet) it fails. Am I missing anything vital? Does this look (from what little information I can show) like it's setup correctly? Any help/pointers would be appreciated. For reference the Cloudmin documentation I am using as a guide is http://www.virtualmin.com/documentation/cloudmin/gettingstarted

    Read the article

  • ClearOS - how to create a site to site VPN between two ClearOS boxes?

    - by Scott Szretter
    I plan on setting up some ClearOS boxes at several sites, and would like to set up site-to-site VPN between the remote sites and a main site (all running ClearOS enterprise 5.2sp1 / latest version). I have found references for how to set up ClearOS to VPN in to devices such as cisco for IPSEC, and others with PPTP. But for these methods it did not mention how you might configure 2 ClearOS boxes to talk to each other ipsec or pptp. I also saw documentation on installing OpenVPN and using the OpenVPN client software to VPN in to the ClearOS box. I will probably use this for individual users to VPN in, but I have some small sites ( 1 to 10 users) that will have their own ClearOS box and need to create a site to site VPN link back to the main site's OpenVPN box. Is this possible, can you point me to docs, or other info or basically, how? A couple updates: I did find a thread that asks the same basic question, where the user has a vpn set up between the two clearos machines (after installing ipsec vpn modules), just not transporting traffic between the LANS - and the very last post claims you have to edit some files (/etc/ipsec.conf) and set leftnexthop rightnexthop values to %direct. After that, it's supposed to work. Could it be that simple? I also posted to clear foundation, and they pointed me to some documentation for setting up ipsec unmanaged vpn. This looks pretty good, but, I will most likely need to figure out how to handle a dynamic dns type setup at least on one end. Also, what does it mean by multi-wan? Finally, what happens when a vpn connection goes down exactly - someone has to reboot the box or ?

    Read the article

  • Experiences with BIRD for BGP?

    - by Shtééf
    We're currently using Quagga with Debian Linux to run a full table BGP router. The set-up has been dead simple up to now, but we've come to a point where I have to reconfigure the router quite a bit, and want to tighten things up. I've never really understood Quagga, and always found its documentation to be lacking. It appears to be mimicking Cisco, of which I only have basic understanding. BIRD has caught my eye recently. The couple of articles / presentations I found promote it as lightweight and more responsive under stress compared to Quagga. And it actually seems to have very decent documentation. So I'd like to know: Who's running BIRD right now, and in what kind of set-up? How is it stability-wise? I've read about it running in a couple of sites in production. Let's say I don't care at all for a Cisco-feel to configuration. How is configuration, maintainance, monitoring, etc. of BIRD in general? And any other notable experiences you may have with it.

    Read the article

  • Migrating a virtual domain controller for DR exercise

    - by Dips
    Hello gurus, I have a question. I have a requirement where I have a virtual domain controller and I have to migrate it to another virtual server in a different location. It is for test purposes to test out a DR scenario and the test will be deemed successful if the users that authenticate using the production DC can do so in the backup DC. I don't know much about this and thus don't know why it was assigned to me. So any assistance will be greatly appreciated. What I had in mind was: 1) Taking a snapshot of the production server and then restoring it in the other server. But I was told that this is not the suggested way of doing it. I was not told why. Is that right?If a snapshot is to be taken then what is the best way to do it. Any ideas on where I can get the documentation for this? 2) Another way would be to build the test DC from ground up, match it to the specs of production DC and then perform the DR test. Is this a better option? What will be needed to perform such an activity? Where can I find documentation on that? I apologise for the length of this query. As I said I am quite a novice and hope to get a better resolution. Any assistance will be greatly appreciated. Regards,

    Read the article

  • Windows 7 BSOD with Service Exception Error and Randomly Reboots

    - by Jason Shultz
    I've got a windows 7 laptop that BSOD with a Service Exception Error when I connect to a wireless network. It also does it when it's just sitting still doing nothing. I ran bluescreenview and here are the last four BSOD's from today: ================================================== Dump File : 051210-18642-01.dmp Crash Time : 5/12/2010 8:36:14 AM Bug Check String : SYSTEM_SERVICE_EXCEPTION Bug Check Code : 0x0000003b Parameter 1 : 00000000`c000001d Parameter 2 : fffff880`00000000 Parameter 3 : fffff880`06fda160 Parameter 4 : 00000000`00000000 Caused By Driver : Ntfs.sys Caused By Address : Ntfs.sys+7f030 File Description : Product Name : Company : File Version : Processor : x64 Computer Name : Full Path : C:\Windows\Minidump\051210-18642-01.dmp Processors Count : 2 Major Version : 15 Minor Version : 7600 ================================================== ================================================== Dump File : 051210-16551-01.dmp Crash Time : 5/12/2010 8:41:04 AM Bug Check String : SYSTEM_SERVICE_EXCEPTION Bug Check Code : 0x0000003b Parameter 1 : 00000000`c000001d Parameter 2 : fffff880`00000000 Parameter 3 : fffff880`06f40160 Parameter 4 : 00000000`00000000 Caused By Driver : ntoskrnl.exe Caused By Address : ntoskrnl.exe+70600 File Description : NT Kernel & System Product Name : Microsoft® Windows® Operating System Company : Microsoft Corporation File Version : 6.1.7600.16539 (win7_gdr.100226-1909) Processor : x64 Computer Name : Full Path : C:\Windows\Minidump\051210-16551-01.dmp Processors Count : 2 Major Version : 15 Minor Version : 7600 ================================================== ================================================== Dump File : 051210-17269-01.dmp Crash Time : 5/12/2010 8:45:51 AM Bug Check String : SYSTEM_SERVICE_EXCEPTION Bug Check Code : 0x0000003b Parameter 1 : 00000000`c000001d Parameter 2 : fffff880`00000000 Parameter 3 : fffff880`07db1160 Parameter 4 : 00000000`00000000 Caused By Driver : Ntfs.sys Caused By Address : Ntfs.sys+7f030 File Description : Product Name : Company : File Version : Processor : x64 Computer Name : Full Path : C:\Windows\Minidump\051210-17269-01.dmp Processors Count : 2 Major Version : 15 Minor Version : 7600 ================================================== ================================================== Dump File : 051210-19453-01.dmp Crash Time : 5/12/2010 5:46:25 PM Bug Check String : SYSTEM_SERVICE_EXCEPTION Bug Check Code : 0x0000003b Parameter 1 : 00000000`c000001d Parameter 2 : fffff880`00000000 Parameter 3 : fffff880`02625160 Parameter 4 : 00000000`00000000 Caused By Driver : win32k.sys Caused By Address : win32k.sys+2d4201 File Description : Product Name : Company : File Version : Processor : x64 Computer Name : Full Path : C:\Windows\Minidump\051210-19453-01.dmp Processors Count : 2 Major Version : 15 Minor Version : 7600 ==================================================  

    Read the article

  • Virtualbox Headless Server on Ubuntu missing VRDP Options

    - by The Daemons Advocate
    I'm running VirtualBox headless server on an Ubuntu 64 bit host, and I want to use it remotely. However, I'm having problems connecting via RDP. The DNS names in my network show the host to be 'server', and the guest to be 'ubuntu-vm'. From the official documentation, I gather that I am to connect to server on the default RDP port in order to see the guest machine. I start the virtual machine like so: vboxheadless -startvm My_VM Then I connect on my laptop, and I get... rdesktop -a 16 server ERROR: server: unable to connect So next I consult the documentation further, and I find there are RDP flags that can be turned on (but should be on implicitly for a headless server). So I pull up information using 'vboxmanage showvminfo My_VM', and I find the VRDP property is off. VRDP Connection: not active To make things even weirder, RDP flag seems to be missing from vboxmanage. I've installed straight from the ubuntu repo's using the virutalbox-ose package, not sure how that measures up against the official docs. For instance, this command doesn't exist: VBoxManage modifyvm My_VM --vrdp on From the UI, the VM's Settings regarding Display have greyed out the 'remote Display' option. What I'm looking for is advice :). I'm open to suggestions that don't involve starting again with something like VMWare. Thanks in advance!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 638 639 640 641 642 643 644 645 646 647 648 649  | Next Page >