Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

Page 143/170 | < Previous Page | 139 140 141 142 143 144 145 146 147 148 149 150 | Next Page >

What to keep in mind when creating your own custom web services API?

- by John Conde

I have created a website which allows users to sign up for, and use, an online service. To help promote the website we will be have resellers who will be offering their own branded services through us. The initial plan is to allow resellers to place registration, login, and lost password forms on their own website and use an API created by us to handle these requests. I have begun outlining how I expect the API to work (and starting documenting it as well) and I want to make sure I get it right, or as close to right, as I can from the beginning as I know once you have declared a public API you want to avoid changing that API at all costs. So far I have decided: To have the user pass their account credentials with each request To require SSL for all requests What else should I be keeping in mind?

Read the article
Code Signing Identity does not match in my keychain, for mac app store developing?

- by larntin

hi, 1, I already download the "Apple Worldwide Developer Relations Certification Authority",and add it into my keychain. 2, My team leader already had created two Cers for Mac App store developing, I download and add it into my keychain. 3, I used two methods to sign my add, but failed all. First, add code sign section in my .xcodeproj(3.2.5). Second, I used script: productbuild --component ./bin/MAS_Release/MyApp.app /Applications --sign "3rd Party Mac Developer Application: My Company Co., Ltd." --product ./src/MyApp/MyApp-Info.plist MyApp.pkg But it failed with information: Code Signing Identity '3rd Party Mac Developer Application: My Company Co., Ltd.' does not match any valid, non-expired, code-signing certificate in your keychain. I observed that my certifications in keychain don't have small trangle. how make the small trangle absence?(when I'am importing the Cers from my Agent, it don't have the trangle absence)

Read the article
authentication of webapps when passwords are hashed with bcrypt

- by dubreakkk

I created a GWT project which requires authentication. Initially, the users' passwords were in plain text, but now I would like to hash them with BCrypt. I searched but I cannot find a place describing how to make Jetty authenticate against a BCrypt hashed password. I'm sending the password to the server using a FORM in plain text and over SSL. What do I need to do to make Jetty hash this password and compare it to the one in the database? Thank you;

Read the article
file_get_contents() returns "failed to open stream" when hitting HTTPS

- by TMC

file_get_contents() is returning "failed to open stream" when I call it on an HTTPS URL. Warning: file_get_contents(https://google.com) [function.file-get-contents]: failed to open stream: No error in E:\\htdocs\callback3.php on line 5 Same call will work with a non-SSL URL. At first, I thought it was a security issue with my webhoster, but I have verified with phpinfo() that allow url open is indeed allowed. I have also tried this code and verified it works: Anyone have any ideas why file_get_contents() is failing with an HTTPS URL? update: People correctly pointed out this was an HTTPS issue. My webhoster claims this should work, and has no idea how to resolve this. Anyone have specific directions I can give them for their IIS7 setup?

Read the article
will the desktop appstore icon be appear only after approval ?

- by hib

hello all , I am just going to submit my iphone application . But I just have a doubt . when I test my application with adhoc certificate the application icon come nicely in the device homescreen . but I haven't got it for desktop app store (i.e iTunes). I have read that I have to submit another 57 by 57 icon for the desktop icon . Question :So this 57 by 57 icon will come in my itunes after I will upload through iTunes Connect and my application is approved ? and will I have to include it in the binary or itunes connect uploading will make it work. thanks .

Read the article
SSL_CTX_set_cert_verify_callback vs. SSL_CTX_set_verify

- by BreakPoint

Hello, Can anyone tell me what is the difference between SSL_CTX_set_cert_verify_callback and SSL_CTX_set_verify? From OpenSSL docs: SSL_CTX_set_cert_verify_callback() sets the verification callback function for ctx. SSL objects that are created from ctx inherit the setting valid at the time when SSL_new(3) is called. and: SSL_CTX_set_verify() sets the verification flags for ctx to be mode and specifies the verify_callback function to be used. If no callback function shall be specified, the NULL pointer can be used for verify_callback. So I'm trying to understand which callback to send for each one (from client side). Thanks experts.

Read the article
Set form action dynamically in https-area

- by Beerweasle

Hi, heres the problem explanation: Im on the domain https://www.example.com - theres an Order-Form with the Action https://www.example-otherdomain.com with an other SSL Certificate. On some conditions i set the form action to https://www.example.com so that it will be posted on our domain, but if the user uses a CreditCart it should get posted to https://www.example-otherdomain.com. So far so good. But in some rare conditions, users with CreditCards still posts their form to https://www.example.com. So my idea is: Is there some Same-Domain-Policy for Javascript/HTTPS to protect the user from phishing? It seems that to set the FormAction to the same domain works, but not to reset it to the external one (with JS). I cant reproduce this error, so im asking here if someone knows if theres such a problem. It doesnt matter which UserAgent the user has (there are post datas from FF, Chrome, Webkit, IE7/8) Thx!

Read the article
.NET Web Service Proxy is adding special characters in XML

- by xkingpin

My web service proxy seems to be adding special characters like "*" and "#" etc. within the xml nodes. My proxy created lists using arrays of objects. I am trying to create a generic list and then doing list.ToArray() to set the proxy MyProxyObject[] object. Is this the cause of the problem I am having? I plan on running fiddler on the request later but it is over SSL and I do not have access to the URL at the moment. Here is an example of the XML that is generated: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> * <soap:Body> o I'm a little concerned because the special characters are even occuring before the array nodes

Read the article
Verify p2p node

- by mazzzzz

Hey guys, I have been working on a p2p namespace for some of my programs. I created a system to encrypt/decrypt the packets send/received with the class. I was using the basic public private key system: 1) encrypt the data with Symmetric encryption 2) encrypt the symmetric key with RSA. Then do the opposite when you decrypted.. I was wondering though, how would you verify if the packet was coming from where it said it was. I was going to use a basic certificate system (where you encrypt with your private RSA key, then they decrypt it with your public key), but I don't know how to do this with C#. I am using the RSACryptoServiceProvider class. Does anyone know how do this? Thanks, Max

Read the article
yum update fails

- by user1670818

i have RHEL 6.3 [root@RHEL6 yum.repos.d]# uname -a Linux RHEL6.3-64-BuildMac 2.6.32-279.el6.x86_64 #1 SMP Wed Jun 13 18:24:36 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux My /etc/yum.conf looks like [main] cachedir=/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=3 reposdir=/etc/yum.repos.d/rhel.repo The contents of my /etc.yum.repo.d/rhel.repo looks like [rhelrepo] name=my rhel repo baseurl=http://mirror.centos.org/centos/6.3/os/x86_64/ #gpgkey=http://mirror.centos.org/centos/6.3/os/x86_64/RPM-GPG-KEY-CentOS-6 enabled=1 gpgcheck=0 But my yum update fails with the following error [root@RHEL6 yum.repos.d]# yum update Loaded plugins: product-id, security, subscription-manager Updating certificate-based repositories. Unable to read consumer identity Setting up Update Process No Packages marked for Update please could somebody help

Read the article
Secure password transmission over unencrypted tcp/ip

- by academicRobot

I'm in the designing stages of a custom tcp/ip protocol for mobile client-server communication. When not required (data is not sensitive), I'd like to avoid using SSL for overhead reasons (both in handshake latency and conserving cycles). My question is, what is the best practices way of transmitting authentication information over an unencrypted connection? Currently, I'm liking SRP or J-PAKE (they generate secure session tokens, are hash/salt friendly, and allow kicking into TLS when necessary), which I believe are both implemented in OpenSSL. However, I am a bit wary since I don't see many people using these algorithms for this purpose. Would also appreciate pointers to any materials discussing this topic in general, since I had trouble finding any.

Read the article
Make Codeigniter ignore directory

- by Noah Goodrich

I have Codeigniter installed and working for my main site. But I am now trying to add an add-on domain to the same hosting account, so I can have two sites running on the same hosting. Add-on domains make a new folder in the main public_html folder to store the web files. How can I get Codeigniter to ignore this directory? The site doesn't load properly when I try and view it. I have an SSL on the main site too and redirection for www URLS. Here's my .htaccess file: RewriteEngine on Options +FollowSymLinks RewriteBase / RewriteCond %{HTTP_HOST} ^www\.mysite\.co.uk$ [NC] RewriteRule ^(.*)$ http://mysite.co.uk/$1 [L,R=301] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /index.php/$1 RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} (site|sections|here) RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L] RewriteCond %{HTTPS} onsite|sections|here) RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

Read the article
IEnumerable not null but calling Count() results in Exception

- by Draak

I have code that's working beautifully on my development machine, but when deployed to the server is throwing null reference exception. So, I can't step through the code, but I've pinned down the culprit. But now I am puzzled. Here's the code. The question is below. Dim certs = From p In persons _ Select New Certificate( _ p.Value, _ New CertificateData.Seminar(thisEvent.Seminar.Name, _ thisEvent.StartDate.Value, _ thisEvent.EndDate.Value, _ thisEvent.Venue.City, _ thisEvent.Venue.State, _ New CertificateData.Instructor( _ staffMember.Name, _ staffMember.Titles, _ instrSignatPath))) _ With {.CertificateId = p.Key} lblMessage.Text = CStr(certs Is Nothing) lblMessage.Text = lblMessage.Text + "<br />" + CStr(certs.Count()) In the code above persons is a dictionary of custom class, and certs is of IEnumerable type. Now here's the quandary.. The first line that sets the label returns False, so certs is not null. But the second line throws an null reference exception. How is this possible?

Read the article
jQuery code to track clicks on outgoing links (google analystics)

- by Tristan

Hello, I found this on the web: $('a[href^=http]:not("[href*=://' + document.domain + ']")').click(function() { pageTracker._trackPageview('/outgoing/' + $(this).attr('href')); }); But it's not working. In my Google Analytics account there are no /outgoing/ links showing (it's been 24+ hours since I implemented it). What's wrong with this code? I'm using jQuery of course ;) (PS : i already have : <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA MY CODE"); pageTracker._trackPageview(); } catch(err) {}</script>)

Read the article
Can phper give me some code snippet to consume the .net wcf service

- by Vincent

Hi, I can successfully make a call to wcf from php without WCF message security enabled. I search the whole forum and cannot find any clue. I'd like to know how can I pass the credential ? My WCF service use the basichttpbinding on SSL with Message security enabled. Here is my code snippet to call my wcf from .NET ServiceReference1.TestClient sc = new TestClient(); sc.ClientCredentials.UserName.UserName = "[email protected]"; sc.ClientCredentials.UserName.Password = "ABC123"; Console.WriteLine(sc.GetProfiledSchemas(412));

Read the article
SSL_accept hangs... sometimes ( C, linux, openssl )

- by zbigh

I'm currently working on an embedded linux system. There are two crucial client applications on the system that connect to an external server ( on another embedded system, all written in C ). The two apps use different certificates. The ssl connection works... At least usually, but from time to time an error occures: the server hangs on SSL_accept() when accepting connection from one of the applications - the one using older certificates. Restarting the server application does not help, nor does restarting the client - the only way is to reboot the server system, unless I create a symbilic link to the new certificates used by the other app - only then will restarting the server app work. Never does the error occur when both applications use the same, new certificate. Could this happen due to some strange openssl cache or something like that?

Read the article
Problem running VBScript from my UIAccess VB app using MSScriptControl

- by Ray

I'm trying to run some VBSCRIPT from within my application. This works fine when I run my program from within VB. But once I add "UIAccess=true" to my manifest and digitally sign my exe with my certificate, I am unable to run the code any more. It gives errors when I try to interface with any program saying "429: ActiveX component can't create object: 'myApp.Application'". Anyone have any idea why it would run fine in the IDE but not with an application with uses UIAccess? Here is the code: Dim scriptRunner As New MSScriptControl.ScriptControlClass scriptRunner.Language = "VBScript" scriptRunner.AllowUI = True scriptRunner.Timeout = 3000 scriptRunner.AddCode(scriptStr) scriptRunner = Nothing

Read the article
Android sending SOAP object over Https via ksoap2 2.5.8

- by Jack-V

My first time posting a question here so please do not mind my mistakes here. I'm currently making an android application fetching and sending information from a .asmx web service. Everything goes well with the ksoap2 library and am using HttpTransportSE to call the web service. So now what I'm trying to do is to use the HttpsTransportSE to call the web service over Https. I got java.security.cert.certpathvalidatorexception trustanchor for certpath not found exception. I have the server certificate in .pfx , .jks and .bks format. My questions is what do i do with it to make my HttpsTransportSE call to be success? I've read around with articles using custom SSLSocketFactory but am still not sure how to implement it in my application. Thanks in advance for any suggestion/advices

Read the article
SslStream.ReadByte() blocks thread?

- by alex

I'm trying to write an Imap4 client. For that I use a SslStream to Connect to the Server. Everything's fine until I send the "Login" command. When I try to get an Answer to it, SslStream.ReadByte() block the thread. The result is that my programm crashes always. Whats happening here?? Code: if (ssl) { s = stream; } int cc = 0; MessageBox.Show("entered"); while (true) { int xs = s.ReadByte(); MessageBox.Show(xs.ToString()); if (xs > 0) { buf.Add((byte)xs); cc++; if (xs == '\n') { break; } if (cc > 10) MessageBox.Show(en.GetString(buf.ToArray())); } else { break; } } MessageBox.Show("left");

Read the article
what factors should a fresher(for programmer job) consider and learn before saying yes to employer f

- by Senthil

what factors should a fresher(for programmer job) consider and learn before saying yes to employer for job offer? and to contract? and most importantly how should one get the details?how can I approach them? I know some employers dont want to give such details..right? I have shortlisted by a Software COmpany..that is parter with microsoft. and works on technology like VB ADO.DOTNET,and some other reporting stuffs.,sql servers etc.,Tell me about scope of that..because They are asking me to sign for 2 year certificate bond agreement..I want to be a great programmer and Project Leader after 5 years..advise me guys..Language/OS not problem for me,As I curious to learn more things. Most of the SO members are programmers..so yours advice is greatly appreciated

Read the article
WebService Security

- by LauzPT

Hello, I'm developing an project, which consists in a webservice and a client application. It's a fair simple scenario. The webservice is connected to a database server, and the client consumes from the webserver in order to get information retrieved from the database. The thing is: 1. The client application can only display data after a previous authentication; 2. All the data transferred between Web Service and clients must be confidential; 3. Data integrity shouldn’t be compromised; I'm wondering what is the best way to achieve these requirements. The first thing I thought about, was sending the server a digital signature containing a client certificate, to be stored in the server, and used as comparison for authentication. But I investigated a little about webservice security, and I'm no longer certain that this is the best option. Can anyone give me an opinion about this? TIA

Read the article
Windows XP Rejecting Digital Signature

- by ajs410

I don't want to see unsigned driver warnings while installing a driver, so I'm trying to digitally sign a driver using signtool, inf2cat, and a Software Publishing Certificate. Vista x64 requires the drivers to be digitally signed or it flat out rejects them, but I have managed to get Vista x64 to accept the driver, so I know I'm doing the process correctly. However, I repeat the process for the Windows XP x86 driver. inf2cat and signtool both return successful results, signtool verifies the digital signatures, right-click - properties on the file verifies the digital signature too. However, when I go to load the driver in Windows XP, it still prompts me with an unsigned driver warning. Why does XP consider the file unsigned, but Vista does not?

Read the article
grails mail connection refused

- by mkoryak

it seems i have tried the mail config in the way that its docs said, but still i get: Error 500: Executing action [x] of controller [x] caused exception: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not connect to SMTP I am using google apps for my email so [email protected] is using gmail. i cannot get grails to send out a test message on my dev box (win 7). my config is: host = "smtp.gmail.com" port = 465 username = "[email protected]" password = "x" props = ["mail.smtp.auth":"true", "mail.smtp.debug":"true", "mail.smtp.starttls.enable":"true", "mail.smtp.socketFactory.port":"465", "mail.smtp.socketFactory.class":"javax.net.ssl.SSLSocketFactory", "mail.smtp.socketFactory.fallback":"false"]

Read the article
PHP: How to check for response code?

- by Tom

Hi, I'm a relative PHP newbie implementing a PayPal IPN listener and all seems to be working fine, except I dont really know how to check for a response code. I've tried something ugly with cURL but it doesn't work at all (I'm not understanding cURL). I've tried this piece of code that I grabbed from somewhere on the net: $fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); $response_headers = get_headers($fp); $response_code = (int)substr($headers[0], 9, 3); ... but it's not working (returns $response_code = 0). So right now, I'm debugging my IPN code without checking for a Response 200. Can anyone more experienced advise me on what's the proper/simple way to check this? Thanks

Read the article
What difference does it make to use several script blocks on a web page?

- by Jan Aagaard

What difference does it make to use more than one script block on a web page? I have pasted in the standard code for including Google Analytics as an example, and I have seen the same pattern used in other places. Why is this code separated into two separate script blocks instead of just using a single one? <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try{ var pageTracker = _gat._getTracker("UA-xxxxxx-x"); pageTracker._trackPageview(); } catch(err) {} </script>

Read the article

< Previous Page | 139 140 141 142 143 144 145 146 147 148 149 150 | Next Page >