Search Results

Search found 3358 results on 135 pages for 'ssl'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 61/135 | < Previous Page | 57 58 59 60 61 62 63 64 65 66 67 68  | Next Page >

  • One user sometimes gets an unknown certificate error opening Outlook

    - by Chris
    Let me clarify a little. This isn't an unknown certificate error it's an unknown certificate error in so much as I can't figure out where the certificate comes from. This happens on a Win 7 Enterprise machine connecting to Exchange 2010 with Outlook 2010. The error he gets is that the root is not trusted because it's a self-signed cert. Take a look at this screenshot because even if I had generated this myself I wouldn't have put "SomeOrganizationalUnit" or "SomeCity" or "SomeState", etc. (Red block covers our domain name.) I'm a little concerned this is a symptom of a security breach. Exchange 2010 has three certificates installed but none of them are this certificate. They all have different expiration dates (one is expired) and different meta-data. edit: There are two scenarios that I see the certificate warning and one of them I can reliably repeat. When the user leaves his computer on over night Outlook pops the Security Warning window. I don't know what time this happens. Using Outlook Anywhere if I connect to Exchange externally via a cellular USB modem the Security Warning window will appear every time I close and reopen Outlook. Whether I say Yes or No does not make a difference on whether or not I can connect to Exchange and send/receive email. In other words, I can always connect to Exchange. I've checked my two Exchange servers and my Cisco router for a certificate that matches this one and I can't find it. edit 2: Here is a screenshot of the Security Alert window. (I've been calling it Security Warning... My mistake.) edit 3: I stopped seeing this error several weeks ago but I can't tie it to any single event (because I just sort of realized that warning had stopped showing up) but I think I found the source of the certificate. Last week I found out that the certificate on our website DomainA.com was invalid. I knew that our web admin had installed a valid certificate so when I look into the problem I found out I was being presented with the invalid certificate that this posting is in regards to. The Exchange server's domain is mail.DomainA.com so I can only guess that Outlook was passing this invalid certificate through as it did some kind of check on DomainA.com. This issue is still a mystery because the certificate warning stopped appearing several weeks ago whereas the invalid certificate issue on the website was only fixed last week. It ended up being a problem with the website control panel. The valid certificate was installed but not being served for some reason and instead the self-signed cert was being served.

    Read the article

  • Our company claims that the DLP system can even monitor the contents of HTTPS traffic, how is this possible?

    - by Ryan
    There is software installed on all client machines for DLP (Data Loss Prevention) and HIPAA compliance. Supposedly it can read HTTPS data clearly. I always thought that between the browser and the server, this was encrypted entirely. How can software sneak in and grab this data from the browser prior to it is encrypted or after it is decrypted? I am just curious as to how this could be possible. I would think that a browser wouldn't be considered very secure if this was possible.

    Read the article

  • Port-forwarding HTTPS web server

    - by James Moore
    I have port forwarded our front-facing IP to an internal HTTPS server. The browser does not connect. A wget command determines that the certificate is self-signed for the internal IP. Hence why the browser is refusing to display the page properly. What is the best-practice scenario for this sort of stuff? Thanks

    Read the article

  • certificate error while subdomain forwarding

    - by rahulchandran
    I have a website, call it http://sub.example.com, hosted on, say, 72.xx.xx.x. There is a certificate for https://sub.example.com. Now I go into the DNS management tool in my hosting provider, and I set up the standard subdomain forwarding wherein https://sub.example.com forwards to 72.xx.xx.x. Now when I try to browse to https://sub.example.com, I get a certificate error saying it is for the wrong website. I have also tried forwarding http://sub.example.com to 72.xx.xx.x, and tried it with domain masking in both cases. I am still getting the certificate error no matter what. Additional wrinkle: if someone types in https://sub.example.com then the domain forwarding does not seem to work and IE just spins endlesssly and finally fails. How can I domain forward the https://sub.example.com to 72.xx.xx.x?

    Read the article

  • Google Chrome custom search engine for secure Wikipedia

    - by gdejohn
    I have this custom search engine set up in Google Chrome: https://encrypted.google.com/search?q=site%3Aen.wikipedia.org+%s&btnI=745 It searches Google for site:en.wikipedia.org {query}, and the btnI=745 is for I'm Feeling Lucky, so it automatically redirects to the first result. I like this better than using Wikipedia's search function directly because it gives me very effective approximate string matching, so I can misspell my search, or leave a word out, or just search for some keywords, and I still get what I'm looking for right away. What I'd like is for it to use Wikipedia's secure gateway: https://secure.wikimedia.org/wikipedia/en/wiki/ It's easy enough to set up a custom search engine that uses the secure version of Wikipedia's search function directly, but I can't figure out how to correctly incorporate it into my version going through Google. Nothing I've tried works.

    Read the article

  • Host couldn't be reached by domain name, only by IP: Apache's fault?

    - by MaxArt
    I have this Windows Server 2003 R2 32 bit machine running Apache 2.4.2 with OpenSSL 1.0.1c and PHP 5.4.5 via mod_fcgid 2.3.7. This config worked just fine for some hours, but then the site couldn't be reached with its domain name, say www.example.com, but it could be still reached by its IP address. In particular, while https://www.example.com/ yielded a connection error, http://123.1.2.3/ worked just fine. Yes, first https then http. Error and access logs were clean, i.e. they showed no signs of problems. Just the usual messages, that were interrupted while the site couldn't be reached. After some investigation, a simple restart of Apache solved the problem. Unfortunately, I didn't have the chance to test if https://123.1.2.3/ worked as well, or if http://www.example.com/ was still redirected to https as usual. So, has anyone have any idea of what happened? Before I get tired of Apache and ditch it in favor of Nginx? Edit: Some log informations. The last line of sslerror.log is from 90 minutes before the problem occurred, so I guess it's not important. ssl_request.log shows nothing interesting, too: these are the last two lines before the problem: [28/Aug/2012:17:47:54 +0200] x.x.x.x TLSv1.1 ECDHE-RSA-AES256-SHA "GET /login HTTP/1.1" 1183 [28/Aug/2012:17:47:45 +0200] y.y.y.y TLSv1 ECDHE-RSA-AES256-SHA "POST /upf HTTP/1.1" 73 The previous lines are all the same and don't seem interesting, except 4 lines like these 30-40 seconds before the problem: [28/Aug/2012:17:47:14 +0200] z.z.z.z TLSv1 ECDHE-RSA-AES256-SHA "-" - These are the corrisponding lines from sslaccess.log: z.z.z.z - - [28/Aug/2012:17:47:14 +0200] "-" 408 - ... x.x.x.x - - [28/Aug/2012:17:47:54 +0200] "GET /login HTTP/1.1" 200 1183 y.y.y.y - - [28/Aug/2012:17:47:45 +0200] "POST /upf HTTP/1.1" 200 73

    Read the article

  • certutil -ping fails with 30 seconds timeout - what to do?

    - by mark
    Dear ladies and sirs. The certificate store on my Win7 box is constantly hanging. Observe: C:\1.cmd C:\certutil -? | findstr /i ping -ping -- Ping Active Directory Certificate Services Request interface -pingadmin -- Ping Active Directory Certificate Services Admin interface C:\set PROMPT=$P($t)$G C:\(13:04:28.57)certutil -ping CertUtil: -ping command FAILED: 0x80070002 (WIN32: 2) CertUtil: The system cannot find the file specified. C:\(13:04:58.68)certutil -pingadmin CertUtil: -pingadmin command FAILED: 0x80070002 (WIN32: 2) CertUtil: The system cannot find the file specified. C:\(13:05:28.79)set PROMPT=$P$G C:\ Explanations: The first command shows you that there are –ping and –pingadmin parameters to certutil Trying any ping parameter fails with 30 seconds timeout (the current time is seen in the prompt) This is a serious problem. It screws all the secure communication in my app. If anyone knows how this can be fixed - please share. Thanks. P.S. 1.cmd is simply a batch of these commands: certutil -? | findstr /i ping set PROMPT=$P($t)$G certutil -ping certutil -pingadmin set PROMPT=$P$G

    Read the article

  • How would you change a home wireless router with a self-signed admin site certificate to be more secure?

    - by jldugger
    littleblackbox is publishing "private keys" that are accessible on publicly available firmwares. Debian calls these "snake-oil" certs. Most of these routers are securing their HTTPS certs with these, and as I think about it, I've never seen one of these internal admin websites with certs that wasn't self signed. Given a webserver on IP 192.168.1.1, how do you secure it to the point that Firefox doesn't offer warnings (and is still secured)?

    Read the article

  • IIS FTP 7.5 Data Channel Problem (SSL)

    - by user59050
    Hey there I wonder if anyone can get me in the right direction. I am setting up both a FTPS Client and Server, FTPS Server using Microsoft’s iis FTP 7.5. On the client side it will be running on Linux and I am using M2crypto for the openssl wrapping (python). I am worried the problem is on the server side (iis7.5) due to the following discovery : If I host using Filezilla with BOTH the control and data channel being forced to be encrypted it works 100% (100% file transmission), if i use iis as the server everything works up to the point when the data channel takes over... i.e. all data of the retrieved file is already received correctly in my basket! The ftp server just won't send the final '226 Transfer complete.' on the cmd socket. Why? If i force the client or server to close the connection the file is 100% intact....If i use iis 7.5 with forced encryption on control channel all works 100% as long as i don’t force data channel... Here are some screenshots to demo this... Client View after Kill Client : pics @ http://forums.iis.net/p/1172936/1960994.aspx#1960994 Summary : We can establish the connection, do directory listings, start the upload, see the file (0bytes) created on the server but then the client hangs. If we terminate the client, the uploaded file on the server suddenly jumps up to full size.

    Read the article

  • Exchange - inbound email only works from some servers

    - by Kryptonite
    I am having a problem where inbound mail from outside only works when sent from certain hosts. For example, when I send myself an email from my personal gmail account all is well, as the logs show: 2012-09-05 18:14:16 209.85.223.175 mail-ie0-f175.google.com SMTPSVC1 MAILSVR 192.168.1.79 0 EHLO 250 - - 2012-09-05 18:14:16 209.85.223.175 mail-ie0-f175.google.com SMTPSVC1 MAILSVR 192.168.1.79 0 STARTTLS 220 - - 2012-09-05 18:14:16 209.85.223.175 mail-ie0-f175.google.com SMTPSVC1 MAILSVR 192.168.1.79 0 STARTTLS 220 - - 2012-09-05 18:14:16 209.85.223.175 mail-ie0-f175.google.com SMTPSVC1 MAILSVR 192.168.1.79 0 EHLO 250 - - 2012-09-05 18:14:16 209.85.223.175 mail-ie0-f175.google.com SMTPSVC1 MAILSVR 192.168.1.79 0 MAIL 250 - - 2012-09-05 18:14:16 209.85.223.175 mail-ie0-f175.google.com SMTPSVC1 MAILSVR 192.168.1.79 0 RCPT 250 - - 2012-09-05 18:14:48 209.85.223.175 mail-ie0-f175.google.com SMTPSVC1 MAILSVR 192.168.1.79 0 QUIT 240 - - However, if I sent from my personal Yahoo account, I get this response: Sorry, we were unable to deliver your message to the following address. <[email protected]>: Remote host said: 530 5.7.0 Must issue a STARTTLS command first [MAIL_FROM] (NB: Nothing appeared in the smtp log for this message.) Any suggestions where to start looking? EDIT ---- I don't know if it matters, but the certificate I am using for TLS is self signed.

    Read the article

  • Buying a certificate - what to spend and where

    - by bergin
    Hi there My boss wants to buy a certificate for his SBS so external connection can be made. they access on an IP number. What should he spend on the certificate? Where should he buy from? Verisign seems like overkill as its not an ecommerce site, just needs some security. Ive seen some cheap ones at $20 / yr - are there any problems with getting cheap certificates?

    Read the article

  • Using nginx as a reverse proxy for tomcat results in new jsessionids for every ssl request

    - by user439407
    I am using nginx as a reverse proxy for a tomcat setup, and everything works fine for the MOST part, the only issue I am having is that every request to an http address results in a new JSESSION ID being created(this doesn't happen in http), here is the relevant part of the NGINX configuration: location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto https; proxy_redirect off; proxy_connect_timeout 240; proxy_send_timeout 240; proxy_read_timeout 240; proxy_pass http://localhost:8080; } Any idea why I am constantly genning new jsessionids?

    Read the article

  • How to generate new CSRs for TLS use in sendmail?

    - by Mikey B
    SendMail 8.13.8 | CentOS 5.x Hi Guys, I'm using ca-signed TLS certificates on my sendmail server and they are up for renewal soon. Our new CA doesn't like our old CSR so I need to generate a new CSR. Can someone point me to the procedure for doing this (without affecting the production certs that are already in use)? I'm paranoid of overwriting the old TLS certs in the process of generating a CSR. Most of the instructions I've found are for implementing self-signed TLS certs -- which isn't an option for me at this time. I'm thinking it would something like: openssl req -new -nodes -out new-tls.csr -keyout new-tls-private.key But I wasn't sure if I was missing some options there such as the -x509 option... -M

    Read the article

  • Encrypt client connection with squid forward proxy using SSL

    - by Twisted Whisper
    I'm setting up a Squid forward proxy and I'm wondering if I could configure Squid in such a way that the connection from my web browser to squid is https regardless of whether the connection from squid to the destination website is http or https. In other words, I want my connection from my web browser to my forward proxy to be encrypted even though I'm just surfing normal http website through that proxy. Can it be done?

    Read the article

  • Two virtual host one with Domain name one with internal ip#?

    - by Abhishek
    Is it possible to have two virtual host configurations for the same server - one with internal ip address and one with domain name? Something like <VirtualHost {{internal-ipaddress}}:80> ....... </VirtualHost> <VirtualHost {{domain-name}}:80> ....... </VirtualHost> Note that the internal IP address and the domain name belong to the same server or same server instance. I am asking this to restrict some URLs for external users, redirect to https all external access and allow everything for internal users(without https)..

    Read the article

  • Apache: serving SSL only

    - by elect
    I have a website that I want to be access only by https://myurl.com. A normal typing myurl.com should be forwarded to the https. I tried different things such as: RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://myurl.com/$1 [R,L] (rewrite mod ON) or NameVirtualHost *:80 <VirtualHost *:80> ServerName mysite.example.com DocumentRoot /usr/local/apache2/htdocs Redirect permanent /secure https://mysite.example.com/secure </VirtualHost> But they didnt work, which is the right way to do it? Debian & Apache 2

    Read the article

  • IIS 6.0 mitigating BEAST

    - by D3l_Gato
    Recently, my PCI assessor informed me that my servers are vulnerable to BEAST and failed me. I did my homework and I want to change our webservers to prefer RC4 ciphers over CBC. I followed every guide I could find... I changed my reg keys for my weaker than 128bit encryption to Enabled = 0. completely removed the reg keys for the weaker encryptions. I downloaded IISCrypto and unchecked everything but RC4 128 ciphers and triple DES 168. My webserver still prefers AES-256SHA. Is there a trick in IIS 6.0 to get your webservers to prefer RC4 ciphers that I am not figuring out? It seems like in IIS 7 they made this very easy to fix but that doesn't help me now!

    Read the article

  • Apache Key: Which is it using?

    - by quindraco
    I'm running an Apache server on Ubuntu. When I restart it, it asks me for a pass phrase; here's what the dialog looks like: Apache/2.2.16 mod_ssl/2.2.16 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server 127.0.0.1:443 (RSA) Enter pass phrase: I've already worked out how to remove the pass phrase from the key file in question, but I can't find any information anywhere on how to determine which key file Apache is complaining about in the above dialog. I have dozens of key files on the server in question, although I don't know which ones are in active use (all I did is 'locate .pem' and ignore the false positives). Does anyone know how to track down which pem file I need to remove the passphrase from?

    Read the article

  • Need advise on linking apache and tomcat

    - by hsnm
    I have been searching this for hours with no luck. I have a web server that uses https on Apache2. I also have installed tomcat7 on the same server to run some Java webapp on it. I need to keep my https port 443 on Apache but forward the requests to the Java webapp to tomcat. I tried to use mod_jk to redirect the requests to tomcat but I failed. Most tutorials talk about redirecting plain http requests not https. I also could not let tomcat use https on 8443. I'm following the steps here but facing errors. The question: Can I redirect https traffic to tomcat without installing https on tomcat? Is there a good tutorial you can recommend to me?

    Read the article

  • Really remove non-permanent certificate exception in firefox

    - by user1719315
    I visited japan.indymedia.org and firefox gave me the "Invalid certificate" screen. I added an exception, but did not click "Store this exception permanently." But now firefox still happily visits the same site without giving any warnings, even after a restart of the browser. I tried going to the Options-Advanced-Encryption-View Certificates-Servers to remove the certificate but I did not find it there. How to remove this exception and make firefox give me the warning when visiting the site?

    Read the article

  • How do you permanently disable the 'This Connection is Untrusted' page on Firefox

    - by TheIronChef9
    I'm going insane. Can someone please help me to COMPLETELY DISABLE the 'This Connection is Untrusted' page on Firefox. Facts: I am running Firefox 23.0 on an Ubuntu machine (downloaded and installed ubuntu today) It is a work computer and I have to use my employer's proxy While visiting Webpages/webapps like Gmail or Google brings up the 'This Connection is Untrusted' page and I have to go through the whole tedious task of selecting 'I understand the Risks' and add Exceptions, etc. etc. The fact is, I don't care about the risks. I would rather this computer melt into the ground than have to see that page ever again. I want to dance naked in untrusted pages and not give a damn about the consequences. I just never want to see that page again. Ever. For some sites (eg. wikipedia), the css doesn't load and I end up seeing them in plain text. As a result these sites are completely useless. Wasted hours trying to solve this for stackoverflow.com. These issues happen on the Firefox on my Windows XP machine as well (also using the same proxy). I don't want to export/import certificates or create exceptions for every site that shows this bloody page. I just want this page gone. I don't want Firefox to tell me what's safe and what's not. Also, my system time and date are correct. I've also tried the lies on this page too with no good results. Edit: I've also tried the whole going into the Advance-Certificates-validation setup page and unchecked 'Use the Online Certificate Status Protocol (OCSP) to confirm the current validity of certificates' checkbox. Nothing happened even after restarting firefox or rebooting. I need help. Thanks.

    Read the article

  • IIRF - Redirecting all traffic to the http equivalent

    - by GordonB
    I'm using IIRF and having some trouble getting it to redirect all traffic to the secure version of my sites. So... I have a website with about 20 apps in virtual directories in IIS6. The website takes 80 and 443 traffic. I want to use IIRF to redirect all port 80 traffic EG; http://myserver/app1/page1/param1 http://myserver/app2/ http://myserver To the secure equivalent (https). Here's my config so far; # Iirf.ini # # ini file for IIRF # RewriteLogLevel 1 RewriteLog D:\Websites\Apptemetry\IirfLogs RewriteEngine ON StatusInquiry ON IterationLimit 5 RewriteLogLevel 3 RewriteCond %{HTTPS} off RewriteCond %{SERVER_PORT} ^80$ RedirectRule ^http(.*)$ https$1 Can anyone advise the correct configuration to use, to redirect all traffic?

    Read the article

  • Conditional https redirect to http depending on URL? (Apache)

    - by Joel Marcey
    Right now I redirect 100% of the time if someone does https://mysite.com <VirtualHost *:443> ServerAdmin [email protected] ServerName mysite.com ServerAlias www.mysite.com RewriteEngine on RewriteRule (.*) http://%{HTTP_HOST} [L,R=permanent] <VirtualHost> However, now I want to conditionally redirect. If a user goes to https://mysite.com/abc/, then I want to use https; otherwise redirect. How do I do this? I tried reading the docs, but just couldn't find what I needed. I am using Apache on Ubuntu Linux.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 57 58 59 60 61 62 63 64 65 66 67 68  | Next Page >