Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

Page 128/170 | < Previous Page | 124 125 126 127 128 129 130 131 132 133 134 135 | Next Page >

Re-using port 443 for another service - is it possible?

- by Donald Matheson

The ultimate goal is to allow a remote data connection service to operate on port 443 on a the SQL server. The application accessing the connection is behind a firewall and it is because of the client's reluctance to open another port that I have been asked to try and get this working. The current environment is Windows 2003 R2 (SP2) and SQL Server 2005. IIS is not installed, but when I try and install the third party connection software (SequeLink) it won't as it reports something is still configured on/using port 443. Netstat does not show anything listening on the port and I've tried editing the system32\drivers\etc\services file removing any reference to port 443 and also using sc delete to delete the HTTP and HTTPFilter (HTTP SSL in services console) services to see if this would help. Rebooting after each change. What could still be using the port? Is what I'm trying even possible (I have my doubts but have to investigate every avenue)? Any help/pointers would be greatly appreciated.

Read the article
Unable to use Gmail in Thunderbird 3

- by Jatin Ganhotra

Mozilla Thunderbird v.3.1.7 I am trying to setup Gmail, but none of the settings are working. I have tried every resource: Blogs, tutorials Instructions by Google Instructions by Thunderbird Questions here But, still its not working. My settings are as follows Server Settings Server Type: IMAP Mail server Server Name: imap.gmail.com Username: [email protected] Port: 993 Default: 993 Connection Security: SSL/TLS Authentication method: Encrypted password Outgoing server (SMTP) Server Name: smtp.gmail.com Port: 587 Default: 25 Connection Security: STARTTLS Authentication method: Encrypted password Username: [email protected] IMAP is enabled in my Gmail settings. ERROR: Connection to the server [email protected] timed out. I am behind a proxy server and I have configured those settings under: Thunderbird Preferences - Advanced - Network and Disk Space - Connection Settings - Manual Proxy Configuration The proxy configuration works, as when I created a Blogs and News feeds a/c, it was working properly and fetching the feeds for me. So, Thunderbird is configured properly as per the proxy settings. Help me.

Read the article
How to enabled pdo mysql in Centos 5.8

- by nacho3d

I have a VPS with Centos 5.8 In phpinfo displays: './configure' '--disable-fileinfo' '--disable-pdo' '--enable-bcmath' '--enable-calendar' '--enable-ftp' '--enable-libxml' '--enable-magic-quotes' '--enable-sockets' '--prefix=/usr/local' '--with-apxs2=/usr/local/apache/bin/apxs' '--with-curl=/opt/curlssl/' '--with-imap=/opt/php_with_imap_client/' '--with-imap-ssl=/usr' '--with-kerberos' '--with-libdir=lib64' '--with-libxml-dir=/opt/xml2/' '--with-mysql=/usr' '--with-mysql-sock=/var/lib/mysql/mysql.sock' '--with-openssl=/usr' '--with-openssl-dir=/usr' '--with-pcre-regex=/opt/pcre' '--with-pic' '--with-zlib' '--with-zlib-dir=/usr' I've tried this: http://www.host1free.com/forum/vps-technical-support/7248-tutoria-centos-apache-webserver-mysql-php-eaccelerator-apc.html And aparently it installed php-pdo # rpm -qa |grep php php-5.3.13-1.el5.remi php-xml-5.3.13-1.el5.remi php-common-5.3.13-1.el5.remi php-cli-5.3.13-1.el5.remi php-pdo-5.3.13-1.el5.remi php-xmlrpc-5.3.13-1.el5.remi php-mcrypt-5.3.13-1.el5.remi But I've restarted apache and it still says in my phpinfo: '--disable-pdo' Should I rebuild php? Do I need to do some other step?

Read the article
Need help configurating my Tomcat server without any WAR files

- by gablin

I just reinstalled my entire server, and now I can't seem to get my JSP-based website to work on Tomcat anymore. I use the same server.xml file, which worked perfectly before the reinstallation, but no longer. Here's the content of the server.xml file which worked before:  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />  <Listener className="org.apache.catalina.core.JasperListener" />  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />  <GlobalNamingResources>  <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources>  <Service name="Catalina">    <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost">      <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>        <Host name="www.rebootradio.nu"> <Alias>rebootradio.nu</Alias> <Context path="" docBase="D:/services/http/rebootradio.nu" debug="1" reloadable="true"/> </Host> </Engine> </Service> </Server> The JSP site doesn't use any WAR files or anything like that; there's just a default.jsp in the specified folder D:/services/http/rebootradio.nu which loads the site. As I said, this configuration worked before, but now with the latest verion of XAMPP and Tomcat it doesn't work anymore. All I get is a 404 message saying The requested resource () is not available.

Read the article
phpmyadmin port change?

- by Rajat

How do i change my default phpmyadmin port to 443 or 9999? Is it possible or do I have use port 80 only? If possible, then how do I change share the same? Apache is listening on port 9999 for sure. However, going to URL http://<webserver>:9999/phpmyadmin/ Will give following error (with Firefox browser) An error occurred during a connection to webserver:9999. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) Anyone has any clue what is going on?

Read the article
Distributing entropy to virtual machines.

- by Louis

Dear All, I'm interested in generating secret keys for SSL on virtual machines using true randomness. By true randomness I mean the same level of entropy that can be generated by UNIX's dev/random and entropy gathering daemon (EGD). Is there a "general knowledge" recipe to route entropy from the physical layer to the virtual machines via the hypervisor regardless of the Hypervisor/Guest OS combination? Example: suppose one "hypervises" with VMware VSphere and instantiates Windows Guest OS. Can this hypervisor collect entropy from its peripherals (like dev/random/ would) and distribute it to these guest Windows OS? When considering the big vendors (VMware, Hyper-V, Citrix, etc), do they have entropy pools that gather entropy that can easily be pushed to their respective virtual machines? Louis

Read the article
Where did this incorrect cached DNS lookup come from?

- by Stephen Jennings

Somehow, I've been having a chronic issue where my computer will get an invalid DNS lookup in its cache for either of the two Exchange servers I use from Mail.app. My workplace runs one of the Exchange servers and I run the other (they are totally unrelated, hosted by different companies, etc.). The problem manifests as a certificate domain error. When it happens, I can run nslookup mail.mydomain.com and I see the incorrect IP address (usually owned by either Apple or Akamai), but if I run nslookup mail.mydomain.com 8.8.8.8, I get the correct address. My real quest is to find out why this keeps happening, and to do that, I'd like to know which server is supplying me this bad DNS entry. Is there a way to check my DNS cache to see where this bad lookup came from?

Read the article
apache tomcat loadbalancing clustering on ubuntu

- by user740010

i am facing a problem in clustering the tomcat with apache as a loadbalancer using mod_jk on ubuntu. i have install apache2 on my ubuntu 11.04 and i have downloaded tomcat7 created two copies and kept them at two different location. 1st one is at /home/net4u/vishal/test/tomcatA 2nd one is at /home/net4u/vishal/test1/tomcatB i have made following changes to server.xml file in /conf folder 1. <Server port="8205" shutdown="SHUTDOWN"> 2. <Connector port="8280" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> 3.<Connector port="8209" protocol="AJP/1.3" redirectPort="8443" /> <Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcatB"> 4. <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> similarly i have modified other tomcat i.e tomcatA server.xml content of the server.xml is as follow: --    <Connector port="8280" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8109" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcatB">   <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>  <Realm className="org.apache.catalina.realm.LockOutRealm">  <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> </Realm> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%h %l %u %t "%r" %s %b" resolveHosts="false"/> </Host> </Engine> i have install libapache2-mod-jk step 1. i have Created jk.load file in /etc/apache2/mods-enabled/jk.load content is as follows: LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so Create /etc/apache2/mods-enabled/jk.conf: JkWorkersFile /etc/apache2/workers.properties JkLogFile /var/log/apache2/jk.log JkMount /ecommerce/* worker1 JkMount /images/* worker1 JkMount /content/* worker1 step 2. Created workers.properties file in /etc/apache2/workers.properties content is as follows: workers.tomcat_home=/home/vishal/Desktop/test/tomcatA workers.java_home=/usr/lib/jvm/default-java ps=/ worker.list=tomcatA,tomcatB,loadbalancer worker.tomcatA.port=8109 worker.tomcatA.host=localhost worker.tomcatA.type=ajp13 worker.tomcatA.lbfactor=1 worker.tomcatB.port=8209 worker.tomcatB.host=localhost worker.tomcatB.type=ajp13 worker.tomcatB.lbfactor=1 worker.loadbalancer.type=lb worker.loadbalancer.balanced_workers=tomcatA,tomcatB worker.loadbalancer.sticky_session=1 i tried the same thing on the windows machine it is working.

Read the article
Automating and deploying new linux servers

- by luckytaxi

I'm in the process of developing a method to automate new virtual machines into my environment. 90% of our machines are virtual but the process is similar for both physical and vmware based images. What I do now is I use cobbler to install the base OS. The kickstart script has post hooks to modify the yum repo and installs puppet and func. Once the servers are running, I manually add them into nagios and sign the certificate via the puppetmaster. I've since migrated most of the resources to use mysql as the backend. I wanted to see what others are doing and my goal for 2011 is to have puppet inventory the hardware into mysql, and somehow i'll script a python script to have nagios grab the info and automatically add it for monitoring purposes. It's kind of tedious to have to add each new server into nagios, puppet's dashboard, munin, etc...

Read the article
libvirt + ESX (HTTP response code 400 for call to 'Login')

- by Coops

I'm trying to connect to a vSphere cluster using the information from the libvirt documentation. $ virsh -c "vpx://[email protected]/dc1/dc1-cluster-e01/dc1-vsphere-e04/?no_verify=1" Enter root's password for 10.51.4.11: error: internal error HTTP response code 400 for call to 'Login' error: failed to connect to the hypervisor I seem to be able to establish a connection, but it fails with a "HTTP code 400". If I provide the incorrect password it fails with a 'login credentials' error, so it looks like I am getting a connection, but it's failing for another reason. Wireshark is no help as it's all done over SSL/TLS. Any thoughts folks? UPDATE: 15:21 28/02/11 FYI - I'm running libvirt-0.8.3 (the Ubuntu package recompiled with the ESX flag enabled). When I put virsh into debug mode it returns this: [snip] Enter root's password for 10.51.4.11: 15:19:09.011: debug : do_open:1249 : driver 3 ESX returned ERROR 15:19:09.011: debug : virUnrefConnect:294 : unref connection 0x98aa8f8 1 15:19:09.011: debug : virReleaseConnect:249 : release connection 0x98aa8f8 error: internal error HTTP response code 400 for call to 'Login' error: failed to connect to the hypervisor

Read the article
CentOS 6.5 SVN https - Unknown DAV provider: svn

- by Programster

I am trying to setup a CentOS 6.5 64bit server with SVN over HTTPS. Unfortunately after configuring the /etc/httpd/conf.d/subversion.conf file as follows (changed paths): <Location /repos> DAV svn SVNParentPath /path/to/svn/repos # Limit write permission to list of valid users <LimitExcept GET PROPFIND OPTIONS REPORT> # Require SSL connection for password protection SSLRequireSSL AuthType Basic AuthName "Authorization Realm" AuthUserFile /path/to/passwdfile Require valid-user </LimitExcept> </Location> I get the following error message when restarting http: Starting httpd: Syntax error on line 3 of /etc/httpd/conf.d/subversion.conf: Unknown DAV provider: svn I have triple checked that I have the mod_dav_svn package already installed: Package mod_dav_svn-1.6.11-10.el6_5.x86_64 already installed and latest version Is my config wrong or are there other packages I need to set up?

Read the article
Chat client/server that offers certain options.

- by MrStatic

A few friends of mine and including me for the past few years have hosted an irc server on one of our dedicated servers. We use it for just personal reasons. We like the aspect of it that it allows private messages and chat rooms. Plus the ability to send/receive files and is cross platform (Linux/Mac/Windows/Mobile). Our domain is about to expire and we are looking to move onto something new. So we are looking for a chat client / server that offers the following: Chatroom (multiple people chatting together in the same box) File transfers Private messages Cross Platform (especially mobile ie: Blackberry and Android) We don't have to host it but that isn't out of the question Logging on the client side (we say a lot of crap and like to go back and quote said crap) SSL/TLS Some sort of encryption some of the stuff said/sent is of a sensitive nature ie: business nature

Read the article
HTTP/1.1 503 Service Unavailable Exchange 2003 OWA

- by toups

Receiving HTTP/1.1 503 Service Unavailable when trying to access exchange web access. Server 2003 & Exchange 2003 Have tried: Deleting virtual directories and rebuilding them in IIS Restarting Dismounting & mounting the public folder store & mailbox store It's not AppPoolQueueLength Restarting all services (all proper ones are running) Making it use ssl or not (regular http) -- same thing for both Installing IIS & exchange 2003 on a new 2003 box as a new FE server, OWA on that gets same error. Not sure why it's getting a 503... was working without an issue and randomly is stuck at this no matter what; ll users can still successfully connect and use via outlook, only the web access is having issues. Any suggestions would be appreciated.

Read the article
Installing PHP APC in Fedora - Unable to initialize module ?

- by sri

I have been trying to install APC on my Fedora Apache Server for showing progress bar while uploading files. But I am getting the following PHP Warning while starting XAMPP. Starting XAMPP for Linux 1.7.1... PHP Warning: PHP Startup: apc: Unable to initialize module Module compiled with module API=20090626, debug=0, thread-safety=0 PHP compiled with module API=20060613, debug=0, thread-safety=0 These options need to matchin Unknown on line 0 XAMPP: Starting Apache with SSL (and PHP5)... XAMPP: Starting MySQL... XAMPP: Another FTP daemon is already running. XAMPP for Linux started. My Server Details : OS : Fedora-12 XAMPP version : 1.7.1 PHP Version : 5.2.9 APC Version : 3.1.9 I have tried the process as is mentioned in here : 1)http://2bits.com/articles/installing-php-apc-gnulinux-centos-5.html 2)http://stevejenkins.com/blog/2011/08/how-to-install-apc-alternative-php-cache-on-centos-5-6/

Read the article
Is there a simple Load Balancer app for development environment on Windows?

- by djangofan

Does there exist a simple Load Balancer app for development on Windows? I am running a pair of JBoss 5.x instances in a cluster on a single machine. Normally , this configuration is load balanced by a nice hardware load balancer but I am wondering if there is a simple piece of software to enable load balancing in my Eclipse dev environment. Basically, for example, I want a load balancer running on port 11111 that round-robins between the 2 clustered JBoss instances on ssl ports 8443 and 8543 . (or http port if thats not possible) I know that Glassfish has a built-in load balancer but I can't use Glassfish. One idea I have is to try to setup a separate instance of Tomcat with the "balancer" web app. Im trying that now... not sure if it will work... and its a complicated setup and I wish there was something really easy.

Read the article
PKI Issuing CA on Domain Controllers

- by dunxd

I am setting up a PKI which will initially be used internally. As we may grow our use of this I have opted for a three tier hierarchy - Offline Root and Policy CAs (one Policy CA at the moment for internal use), and online issuing CAs. We had initially discussed using our Domain Controllers as the Issuing CAs rather than setting up dedicated ones. I am now starting to have doubts about whether it is a good idea to have our DCs do certificate issuing. We have less than 1000 users, so our DCs aren't hugely taxed. Does anyone have any suggestions for or against doing this? We are currently running Windows 2003 Active Directory, but will be upgrading to Windows 2008 in the coming year. I'm setting up Windows 2008 PKI.

Read the article
Redirecting subsite on same domain to other IIS using HTTPS

- by Alberto

I've seen many similar questions (and answers) on this subject, but none seem to be on exactly the same situation I am facing. Which is weird since I don't think it is that special, so forgive me if I haven't searched enough. Anyway. I have two websites which are on two IIS7, one facing WAN and one in the LAN. The WAN facing is already HTTPS-only. I want to add the second website, but on the same HTTPS domain and SSL certificate, so that it becomes a subsite like: https://www.domain.com/subsite How can I do a redirect or rewrite on the first IIS to the second one to make this work? I don't think there is a standard IIS feature that can do this. ISA server is not an option currently. But maybe another extension to IIS exists? Done this numerous times on Apache, and am about to ditch IIS for Apache.

Read the article
What ports do I need open for IMAP connections

- by iamjonesy

I'm developing a web application that connects to an IMAP mailbox and fetches emails as part of it's functionality. The application is PHP and I'm connecting like this: public function connect() { /* connect to gmail */ $hostname = '{imap.gmail.com:993/imap/ssl}INBOX'; $username = $this->username; $password = $this->password; /* try to connect */ $this->inbox = imap_open($hostname,$username,$password) or die('Cannot connect to Gmail: ' . imap_last_error()); } Developing locally on my mac this was fine, I was able to connect and get emails. However now that I've put the app on my web hosts server I'm getting the following error: Cannot connect to Gmail: Can't connect to gmail-imap.l.google.com,993: Connection timed out After checking with my hosting provider they told me outgoing connections on port 993 are blocked. Is there anyway around this? Otherwise I need to upgrade to a dedicated server :S

Read the article
Using mod_wsgi with mpm_itk: socket permission issue

- by djechelon

I'm using mod_itk as MPM for increased security in shared environment. I also have a Firefox Sync Server within one of the VHosts I host. That vhost is restricted to a certain user via AssignUserId user group. The problem is that the socket /var/run/wsgi...whatever.sock is chmodded srwx------ and owned by Apache's wwwrun. While I configured the vhost with WSGIProcessGroup sync WSGIDaemonProcess sync user=djechelon group=djechelon processes=1 threads=5 I still get the error that Apache wants to access a socket that is not accessible and because of this gets an error. Is it possible to configure mod_wsgi in order to create different sockets with different owners for different applications or to chmod its socket in a different way (less secure)? Currently, I'm running Firefox Sync as the only WSGI application. Moving it to a vhost that doesn't AssignUserId could solve this problem but will force me to change URL (and buy an additional SSL certificate), so I wouldn't consider this

Read the article
Can a malicious hacker share Linux distributions which trust bad root certificates?

- by iamrohitbanga

Suppose a hacker launches a new Linux distro with firefox provided with it. Now a browser contains the certificates of the root certification authorities of PKI. Because firefox is a free browser anyone can package it with fake root certificates. Thus a fake root certificate would contain a the certification authority that is not actually certified. Can this be used to authenticate some websites. How? Many existing linux distros are mirrored by people. They can easily package software containing certificates that can lead to such attacks. Is the above possible? Has such an attack taken place before?

Read the article
vsftpd: refusing to run with writable root inside chroot

- by MrROY

I want to setup a anonymous only ftp server (able to upload files). Here is my config file: listen=YES anonymous_enable=YES anon_root=/var/www/ftp local_enable=YES write_enable=YESr. anon_upload_enable=YES anon_mkdir_write_enable=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES dirmessage_enable=YES use_localtime=YES secure_chroot_dir=/var/run/vsftpd/empty rsa_cert_file=/etc/ssl/private/vsftpd.pem pam_service_name=vsftpd But when i try to connect it: kan@kan:~$ ftp yxxxng.bej Connected to yxxx. 220 (vsFTPd 2.3.5) Name (yxxxg.bej:kan): anonymous 331 Please specify the password. Password: 500 OOPS: vsftpd: refusing to run with writable root inside chroot() Login failed Can anyone help ?

Read the article
How to automatically enter username and password for network location in batch file?

- by Phoenix Logan

I have a batch file that copies files to a network location on WebDAV. The address looks something like this: \\xxxxxxxxx.net@SSL@2078\DavWWWRoot When I restart my computer, the batch file doesn't work and says "Access denied". Before a restart, it works, but it doesn't after the computer restarts. The problem is that it requires me to put in the username and password used to access the server. I have to browse to the server in File Explorer and sign in first. Even if I select the "Remember password" check box, it doesn't work. How can I get it to automatically sign in? I don't want to have to do this every time.

Read the article
OpenSSL missing during ./configure. How to fix?

- by P K

I was trying to install node.js and found OpenSSL support missing during ./configure. How can I fix it? Is it a mandatory step? # ./configure Checking for gcc : ok Checking for library dl : not found Checking for openssl : not found Checking for function SSL_library_init : not found Checking for header openssl/crypto.h : not found /home/ec2-user/node-v0.6.6/wscript:374: error: Could not autodetect OpenSSL support. Make sure OpenSSL development packages are installed. Use configure --without-ssl to disable this message.

Read the article
racoon-tool doesn't generate full racoon.conf file in /var/lib/racoon/racoon.conf

- by robthewolf

I am using ipsec-tools/racoon to create my VPN. I am using racoon-tool to configure racoon.conf but when I run racoon-tool reload it only generates the first section - Global items. When I run racoon-tool I get: # racoon-tool reload Loading SAD and SPD... SAD and SPD loaded. Configuring racoon...done. This is the entire file /var/lib/racoon/racoon.conf # # Racoon configuration for Samuel # Generated on Wed Jan 5 21:31:49 2011 by racoon-tool # # # Global items # path pre_shared_key "/etc/racoon/psk.txt"; path certificate "/etc/racoon/certs"; log debug; I cannot find anywhere a solution as to why this is happening. Please help

Read the article
Why would you use EAP-TTLS instead of PEAP?

- by Ivan Macek

As I understood EAP-TTLS and PEAP share same level of security when implemented in wireless networks. Both only provide server side authentication via certificate. The drawback of EAP-TTLS can be non native support in Microsoft Windows so every user has to install additional software. The benefit of EAP-TTLS can be support for less secure authentication mechanisms (PAP, CHAP, MS-CHAP) but why would you need them in modern and properly secure wireless system? What are you opinions? Why should I implement EAP-TTLS instead of PEAP? Let's say that I have most Windows users, medium Linux users and least iOS, OSX users.

Read the article

< Previous Page | 124 125 126 127 128 129 130 131 132 133 134 135 | Next Page >