Does case matter in HSTS header Strict-Transport-Security?
The HTTP specification RFC 7230 section 3.2 says header names are case-insensitive. So you can send them as lower case if you like. However it is traditional to send them using the specification documents casing. If only to make life easier for people troubleshooting the traffic....
Send http form post attributes via https
As EdgeCaseBerg stated above, the biggest thing would be if you had explicit links that have the "http://" in them, which you would need to change to "https://". You should be using relative links, and the browser will automatically form the right paths and query the server securely to fetch...
Instaling updated SSL Certificates breaks Java web integration?
The likely reason why Java clients are not handling the new server certificate well is simply that the Java version of these clients is out-of-date. Each installation of Java Runtime Environment (JRE) comes with a trust store file called cacerts (at <java-home>/lib/security/cacerts), which includes all the Certificate Authority (CA) and...
Error in android application: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
Indeed, the problem was that my Android SDK does not support SNI . It helped me:
How to log in to an HTTPS website with Jsoup?
The signing in is handled by ajax. I'm using chrome, so this is what I did. Try to login via the form from a browser. Press F12 and then press Console. You will see something like this XHR finished loading: POST "https://www.tickld.com/ajax/login.php". . When you make the POST request, you...
IE10 Page can't be displayed, other browsers can
web-services,internet-explorer,ssl,https,windows-server-2012
A combination of hardening for PCI DSS(securing servers) and the webservice provider not announcing protocols that were enabled was causing the issue. Moving the server out of PCIDSS policy made the webservice connection function normally. The changes were displayed only after restarting the server, because of registry modification. Thanks to...
Permission denied when implementing JavaScript within an iframe from the parent page
javascript,jquery,iframe,https,tinymce
fiddle.jshell.net (the parent document domain) is different to jsfiddle.net (your iframe domain). I've changed your code to point to the jshell.net url instead (You can get this by using the URL of the frame in the bottom right of jsfiddle rather than the address bar). https://jsfiddle.net/GarryPas/5f4ct5ph/7/ showIt() and hideIt() don't...
How to set up SSL (TLS) / HTTPS on Spring Boot using AES-256?
Got it. Solved it. Key algorithms have little to do with the cipher you want to use (AES 256, in my case). Got it to work with a regular RSA, PKCS12 key. Then, set the next properties in application.properties: server.ssl.ciphers=ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA server.ssl.protocol=TLS ...
Neo4J force HTTPS
No, I don't think there's a native neo4j way of doing this. And there are so many other methods, that it would probably be best not to get neo4j involved in that layer of an application's architecture. I think the best practice is to use something like an HTTPS reverse...
REST HTTPS login with Ruby - Connection Reset by peer
Turned out that I needed to set form data for this work. require 'net/http' require 'openssl' uri = URI.parse("https://.../login.jsp") https = Net::HTTP.new(uri.host,uri.port) https.use_ssl = true req = Net::HTTP::Post.new(uri) req.set_form_data('userid' => '[email protected]', 'passwd' => 'mypassword') res = https.request(req) puts res ...
Getting images from https with Java
There are two problems. You can use your browser to access the site, and see the errors. The server certificate is self-signed, not trusted by Java. you can add it to the trust store. The server certificate does not match the host name "ns6.host.md", and you need a HostnameVerifier that...
First authentification in order to get token
1 - it is not true that passwords don't have to be encrypted on HTTPS. The best approach would be your server encrypting the plain password just received and then try to authenticate the user, generating a token. This token should only last during this connection. 2 - yes, post...
Java client certificates and keystores
java,ssl,https,ssl-certificate
My understanding is that if you have to store a certificate with an alias matching the target domain name (in our case i.domain.io or r.domain.io) so java can provide the associated certificate as a client certificate when you are attempting a SSL connection to that domain e.g. https://r.domain.io That's...
Mixed Content Page: requested an insecure stylesheet error
javascript,php,css,.htaccess,https
Here's your problem: RewriteCond %{SERVER_PORT} ^443$ RewriteRule (.*) http://www.example.com/$1 You don't allow SSL requests (443 port number is used for HTTPS requests). Try removing these lines....
Not able to access Server-Sent-Events over Mobile 3g Network
nginx,https,proxy,server-sent-events
I suspect the mobile network is forcing use of an HTTP proxy that tries to buffer files before forwarding them to the browser. Buffering will make SSE messages wait in the buffer. With SSE there are a few tricks to work around such proxies: Close the connection on the server...
HTTPS request in twisted that checks the certificate
python,ssl,https,twisted,twisted.web
I'm using Twisted 15.1.0. Actually, the default init function of Agent will pass in BrowserLikePolicyForHTTPS as contextFactory and have the ablility to verify server certificate. Simply using this: agent = Agent( reactor ) will produce the following error: failure: [Failure instance: Traceback (failure with no frames): <class 'twisted.web._newclient.ResponseNeverReceived'>: [<twisted.python.failure.Failure <class...
Redirect domain.com/folder with www to non-www and at the same time http to https
.htaccess,redirect,https,subfolder,no-www
Inside /webapp/.htaccess use this rule: RewriteEngine On RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} ^www\. [NC] RewriteRule ^ https://domain.com/%{REQUEST_URI} [R=301,L,NE] ...
SSL certificate is not installing
You did not generate the certificate request via IIS Manager. Thus, you should not use IIS to complete the request. Instead, you need to use OpenSSL to generate a PFX file, create a pfx file from a .cer and a .pem file Then you can import it to IIS....
ServiceStack Soap 1.2 HTTPS Client
c#,soap,https,servicestack,soap1.2
The problem with config file is that it isn't always straightforward and sometimes plain unpractical. On top of this ServiceStack promotes config-less coding model. I managed to achieve the required functionality with the following SSL-neutral client: public class SoapServiceClient : Soap12ServiceClient { public SoapServiceClient(string uri) : base(uri) { if (uri.StartsWithIgnoreCase("https://"))...
Pattern matching in htaccess rewrite condition
apache,.htaccess,mod-rewrite,https
You need to tell the RewriteCond what to match !/go/ against. Change the second line to: RewriteCond %{REQUEST_URI} !/go/ [NC] ...
HTTP to HTTPS mapping using proxy servers
this should be easy with apache. in your virtual host add ProxyPass /myapp https://somehost.com/myapp ProxyPassReverse /myapp https://somehost.com/myapp then you can use yourinternalhost.company.com/myapp/ then watch your error log about SSLProxyCheck* messages (depends on the ssl certificate) see http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslproxycheckpeercn mod_proxy: httpd.apache.org/docs/2.4/mod/mod_proxy.html (see proxyremote for using another (corporate) proxy...
Redirect HTTP traffic from 443 port to SSL
.htaccess,redirect,ssl,https,virtualhost
What's the right way to redirect all traffic from http://www.example.com:443 (and derived pages) to https://www.example.com? There is no such way: http://www.example.com:443 means to establish a TCP connection to port 443 and then speak HTTP directly https://www.example.com:443 means to establish a TCP connection to port 443, do a TLS handshake...
Redirect to a 3rd party HTTP page from HTTPS without the certificate error
java,jsp,security,https,warnings
Even if you find a way to circumvent this it (hopefully) will be only a shortlived solution: you would undermine a security measure. Perhaps not implementing this in the foreground = browser but transferring this to the backend might help: have your JSP talk to some code on your server...
IBM MobileFirst adapter call ssl error
ssl,https,mobilefirst,mobilefirst-server
You did not configure SSL between the adapter and the backend. The keystore that you should be looking at is defined in the worklight.properties file of the project (by default located like this: workspace\CustomLoginModule\server\conf). Make sure to follow the instructions provided here: https://www-01.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.installconfig.doc/admin/t_configuring_SSL_WL_adapters_backend_servers_certificates.html...
Consume Web service over ssl using XFire
java,ssl,https,webservice-client,xfire
Managed to solve my own problem. This is how I did it. XFire use Apache Http client internally so setting Security certifect detail on this Api will do the job. We will use no-yet-common-ssl.jar for this purpose. First we will create org.apache.commons.ssl.TrustMaterial using commons and then set it in HttpSecureProtocol...
How to make a website work only with https [duplicate]
Sure, assuming you are using IIS to host your site, open IIS Manager and select your web site and then binding on the right: make sure you only have a binding for https not for http. This way IIS will only send https traffic to that web site. Edit: What...
PHP Fat-Free-Framework plus Node.js and Secure Websockets
php,node.js,https,websocket,fat-free-framework
Well, actually your question is how to enable CORS support on node.js?! A short google search gives you a hand full for resources for doing this in express.js. Once you send the right CORS headers in your node application, your browser will not shout for exceptions anymore. Nevertheless, if you...
Flask ssl. Always writes connection is unsecure
I'm assuming you server.crt and server.key yourself. In that case, the Firefox warning is correct. What you've done is created a "self-signed" certificate, and almost all browsers will warn when they encounter one of these certificates, as they aren't created by a trusted source (you). If you want to use...
Get client's IP address from an HTTPS hosted website using jquery
javascript,jquery,https,ip-address
Check out http://www.freegeoip.net/ They provide a service where you can look up the geolocation of an IP, If no IP or hostname is provided, then your own IP is looked up. Jquery : $.get('freegeoip.net/{format}/').success(function(response) { //code to retrieve ip var ip = response.ip; }); Note: Supported formats are: csv, xml,...
Reverse Tunnel over JSCH (SSH) and HTTPS
java,apache,ssh,https,http-tunneling
Unfortunatly no any one has tried to reply; I found the solution. The solution is based on the HTTP 1.1 CONNECT command and doesn't support direct tunnel. On the Java client // Install the all-trusting trust manager final SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); JSch jsch = new...
Loading Deezer Javascript SDK over https times out
In the docs, it is written that the url for https should be https://cdns-files.deezer.com/js/min/dz.js Note the s at the end of cdns. You can check this information here. Hope it helps....
Web Service Client - Construction Failing Due To Timeout (Proxy Issue)
java,web-services,soap,https,proxy
I was able to get this to work by adding the following code before the server instantiation: System.setProperty("proxyHost", "myproxy.com"); System.setProperty("proxyPort", "8080"); Strangely this worked when I tested it by setting the VM options -DproxyHost and -DproxyPort so then searched for how to set it programmatically....
Is there a command-line alternative to SOAP-UI for linux, for sending SOAP to HTTPS Service?
java,linux,web-services,soap,https
Found a guide for this here, which does load tests. For normal functional tests, the official documentation is here. A sample command for functional tests goes like: sh /opt/app/home/SOAP-UI/SoapUI-5.0.0/bin/testrunner.sh -a -s"Test_Suite2" -r -f/opt/app/home/SOAP-UI/test-project/reports/ /opt/app/home/SOAP-UI/test-project/test-soapui-project.xml ...
What is the best and current way to move to HTTPS on a large website?
SPDY is definitely dying, now that HTTP/2 is an official specification. Firefox and Chrome already support HTTP/2, and servers start to deploy it instead of SPDY - Google, Twitter, etc. Internet Explorer support will arrive soon with IE 11. HTTP/2 is definitely gaining momentum, and the future will be on...
https site not working on php upgrade
All the httpd configurations have been overwritten.Had to recopy the configurations and restart the service and everything was fine.
Encryption of message in client and server communication
php,encryption,https,client-server
There is little sense in applying two encryption layers on top of each other. If you use https that should be a) secure and b) sufficient, except for very special cases. Apart from that: there is no reliable way to implement a secure encryption between a web client and server...
Downloading website over HTTPS fails
If you look at the SSLLabs report for this domain you will see two possible certification path: The first (shorter) one ends expects that the "COMODO RSA Certification Authority" is trusted by the client. Although this CA is valid since 2010 it got only recently (about half year) ago included...
Get image with curl via https
I have solved it by installing curl ssl /scripts/easyapache option 7 on the menu select PHP scroll down and select CURL with SSL exit save Everything is working now...
Wordpress: Changed HTTP to HTTPS, now security certificate error
After several hours of trying to fix this problem, I found a great youtube video. "Fix WordPress Site URL: General Settings Change, Cant Login" I will say how to fix this though in case anyone ever does what I did. You login to you CPanel>Databases>phpMyAdmin. Go to the database for...
Replace IIS Express certificate with sha-256 certificate
In mmc's Certificate plug in, add your new certificate to local computer's Personal store. At command prompt, use netsh http to change certificate mapping from the old one to your new one. ...
Check if request comes over HTTP or HTTPS in socket listener
If I understood correctly, you have a single port where the client may use HTTP or HTTPS to connect and you want to immediately know how the request was made, before any data is transferred. There is no way of knowing this before you receive data from the client. HTTP...
Htaccess: HTTPS redirection on page + sub pages
apache,.htaccess,mod-rewrite,redirect,https
# HTTPS page Redirects RewriteEngine On # This will enable the Rewrite capabilities RewriteCond %{HTTPS} !=on # This checks to make sure the connection is not already HTTPS RewriteRule ^/?enrolments/(.*) https://%{SERVER_NAME}/enrolments/$1 [R,L] #END https redirects ...
mobile vs dektop authentication with client certificate HTTPS
c#,authentication,ssl,https,x509certificate
There's no difference in the protocols, but installation of the certificates on the devices and later access to them is much different. How did you install the device certificate on Windows, and how on the iPhone?
squid ssl-bump 3.5.4: error - Error negotiating SSL connection on FD 10: Success (0)
https,proxy,ssl-certificate,squid,man-in-the-middle
Response got on Squid mailing lists: http://squid-web-proxy-cache.1019090.n4.nabble.com/Error-negotiating-SSL-connection-on-FD-12-Success-td4671090.html Summary: use http_port for handling the requests from browsers, which have proxy information directly specified. Use https_port with ssl-bump and corresponding tag "intercept" or "tproxy" to use in transparent mode....
Excluding certain pages from being redirected to https
wordpress,.htaccess,redirect,https,http-redirect
Try using THE_REQUEST instead of REQUEST_URI: <IfModule mod_rewrite.c> RewriteEngine On # Go to https if not on careers RewriteCond %{SERVER_PORT} =80 RewriteCond %{THE_REQUEST} !/careers/[\s?] [NC] RewriteRule ^(.*)$ https://www.mywebsite.com/$1 [R,L] # Go to http if you are on careers RewriteCond %{SERVER_PORT} !=80 RewriteCond %{THE_REQUEST} /careers/[\s?] [NC] RewriteRule ^(.*)$ http://www.mywebsite.com/$1 [R,L] </IfModule>...
X.509 versus Whte Listing Authentication
security,ssl,amazon-web-services,https,x509
Ok, I figured out the answer. I found an excellent webpage by Maxim Porges that explained everything that I needed, http://www.maximporges.com/2009/11/18/configuring-tomcat-ssl-clientserver-authentication/ Yes, I can authenticate both the server and client. No code changes are needed on the server side. I just need to place the client certificate in the server...
Why use HTTPS for Azure Blob Storage
security,azure,ssl,https,azure-storage-blobs
With HTTPS the secure connection is done at the TCP layer before any HTTP traffic is transmitted. Only the host name and port number are submitted unsecured (since they are used to establish the TCP connection) and then once the secure connection is established then the remaining HTTP content (the...
https for main domain and http for subdomain
.htaccess,http,mod-rewrite,redirect,https
You can use: RewriteEngine On # maindomain -> https RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^(?:www\.)?(website\.com)$ [NC] RewriteRule ^ https://%1%{REQUEST_URI} [R,L] # subdomain -> http RewriteCond %{HTTPS} on RewriteCond %{HTTP_HOST} ^(?:www\.)?(sub\.website\.com)$ [NC] RewriteRule ^ http://%1%{REQUEST_URI} [R,L] ...
GET request throws error after app implemented SSL: Mixed Content: This request has been blocked; the content must be served over HTTPS"
angularjs,http,ssl,https,flask
It was a weird case that came down to removing a forward slash from the end of a URL fixing everything. Somehow, whenever we made a GET request using $http in Angular like baseurl + inventory.id + "/", it would make a http request but as soon as remove that...
Does an HTTP tunnel take place on the same socket than CONNECT?
When a client connects to an HTTP proxy, CONNECT is used to have the proxy establish a persistent TCP connection with the target TCP server. Then the proxy blindly passes data as-is back and forth between the two TCP connections until either the client or server disconnects, then the proxy...
Front-end development with conditional HTTP and HTTPs routes
There are a few things to consider here. First of all, yes, when money is involved you should always use HTTPS. The S here stands for secure, so as you can imagine this means that regular HTTP is not secure. With regular HTTP things are sent in plain text, so...
2 way SSL authentication not working using Apache httpclient: JAVA
java,apache,ssl,https,apache-httpclient-4.x
By default HttpClient does not take system properties into account Try replacing CloseableHttpClient httpclient = HttpClients.createDefault(); with CloseableHttpClient httpclient = HttpClients.createSystem(); ...
Problems connecting via HTTPS/SSL through own Java client
java,ssl,https,sslhandshakeexception
According to https://www.ssllabs.com, the server supports cipher suites TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA They are listed as "unavailable cipher suite" as you can see in the debug messages. In the JRE/lib/security/local_policy.jar, we see // Some countries have import limits on crypto strength. This policy file // is worldwide importable....
How can I send this XML request to my server and have it send to and get a response from another server
Try this... First, save the packet. <cfsavecontent variable="theXMLPacket"> <cspinput appID="asdfasdf" appPassword="asdf1234" > <account userid="johndoe" action="authenticate"> <password>mypasswd1234</password> </account> </cspinput> </cfsavecontent> Then we use cfhttp to post it to the processing server. <cfhttp method="post" url="https://someurl.com/endpoint" result="xmlResult"> <cfhttpparam type="xml" value="#XMLParse(theXMLPacket)#" /> </cfhttp> Then process the...
Is this a secure connection?
The "text/html" part of the argument is the content-type, it has nothing to do with the transport protocol http or https. However, what you are doing is simply displaying the results of the POST in a new window, you are not performing a new request to the server. So, you...
SSL certificate multiple domain. Reuse certificate
Each certificate can be used just by one domain, despite, you can use it for all your subdomains. https://ssl.comodo.com/wildcard-ssl-certificates.php...
.htaccess - rewrite with https and trailing / in one step has unintended conseqences
apache,.htaccess,mod-rewrite,redirect,https
The following worked. I separated into 2 cases - one where the trailing slash was absent and needed to be rewritten in, and on where it was present and so an extra slash was unwanted. RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteCond %{HTTP_HOST} ^markfisher.photo$ [OR] RewriteCond %{HTTP_HOST} ^www.markfisher.photo$ RewriteCond %{REQUEST_URI} !^/$...
set the OpenSSL_HOME variable
amazon-web-services,https,path,openssl,command-prompt
My openSSL is installed in c:\OpenSSL, so would I write set OpenSSL_HOME=C:\ OpenSSL? Yes, but without the space after C:\: set OpenSSL_HOME=C:\OpenSSL Do I enter such command in Command Prompt? You can. Do note, however, that with this approach, you would be modifying the OpenSSL_HOME environment variable for that...
Tomcat SSL Cert Renewal Issue (SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure)
Oh my god I feel a fool, I thought when creating the keystore when it asks for a password for tomcat it wanted my tomcat manager password, nope just keep it the same as your keystore. Also, gdroot-g2.crt is the correct crt needed for the root alias, you can get...
Load images from “HTTPS” type of url and display in UIImageview
ios,objective-c,https,uiimageview,xcode6
Issue resolved by modifying some parameters into the framework for webservice calling created by me. All those changes were as per the server which I was calling to. Thanks...
https post request using httpClient and cert.em
As per the documentation on SSL properties javax.net.ssl.trustStoreType - (Optional) For Java keystore file format, this property has the value jks (or JKS). You do not normally specify this property, because its default value is already jks. Try setting javax.net.ssl.trustStoreType The exception you are getting is often thrown due to...
htaccess force https on specific query param and remove www generally
regex,apache,.htaccess,mod-rewrite,https
Try using THE_REQUEST in first 2 rules: RewriteCond %{THE_REQUEST} !/index\.php\?param=foo[&\s] RewriteCond %{HTTPS} on RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R] RewriteCond %{THE_REQUEST} /index\.php\?param=foo[&\s] RewriteCond %{HTTPS} off RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R] RewriteCond %{HTTP_HOST} ^www\. RewriteCond %{HTTPS}s ^on(s)|off RewriteCond http%1://%{HTTP_HOST} ^(https?://)(www\.)?(.+)$ RewriteRule ^ %1%3%{REQUEST_URI} [R=301,L] Make sure to clear your browser cache for testing this...
Ruby OpenSSL Errors - Missing CA Certs (Who is Justin?)
ruby,windows,ssl,https,openssl
RubyInstaller issue #153 OpenSSL::X509::DEFAULT_CERT_FILE with personal hardcoded path The problem is OpenSSL that has hardcoded values. Search to closed issues and also RubyInstaller group and will see this happens from time to time. OpenSSL needs to be fixed, but no patch to solve this issue has proposed to OpenSSL itself....
Wildcard SSL - Which to chose and what is the key differences?
ssl,https,certificate,ssl-certificate
The main things to consider when purchasing a wildcard certificate are: If you want the certificate to support the domain itself (e.g., domain.com) in addition to subdomains (*.domain.com), then make sure that the wildcard vendor you choose supports Subject Alternative Name extension. Before you buy, make sure you know who...
How To Improve Security For Simple File Download From A Web Server?
Yes, that is insecure. You should insist on using TLS. For this they need to install a certificate from a Certification Authority to verify that they own the domain OurFlavorOfTheirSite.com. This will enable the URL to use HTTPS which means communication is encrypted, and authenticated (i.e. another website cannot spoof...
Chrome under Windows 7 and 8 cannot connect to embedded Jetty 9.2.x over HTTPS
google-chrome,https,operating-system,restlet,embedded-jetty
It has been identified that the originally used certificate was at fault. More specifically, its Common Name contained a value, which was not recognised as a suitable domain name. Generating a new certificate, signed with a self-established CA, but providing a suitable (albeit not registered) domain name in property Common...
Check if URL is HTTPS or HTTP protocol?
I think this works, at least it seems to be working, what do you guys think? I place this if statement just before the httpsYes = True and httpYes = True. It seems that when the HTTPS protocol is selected it wants to redirect using response code 302, but for...
How does DNS server know the IP address of an SSL's URL?
When you enter an URL in your browser the DNS server is asked for the URL's IP first by your system, before even connecting to the server. So SSL is not even in the game at this point. SSL encrypts between the client (e.g. your browser) and the server, but...
How to connect to a Tor bridge from node.js?
A Tor-Bridge is used for people who are not able to connect to the normal Tor-Network because their ISP is blocking the publicly known Tor-Servers. If the first connection is done through a Bridge you wont have problems afterwards because usually these Bridges are not known to everyone so they...
Automate HTTPS Login
I figured it out. In the Authentication section there are 3 "input names", but I was only sending 2. I added the "btlog" item (see below), and it came back with a set-cookie and a link to the page I needed to go to. QUrlQuery urlQuery; urlQuery.addQueryItem("btlog", "Connection"); urlQuery.addQueryItem("user_sys", username);...
How to set up a meteor server on https connection?
Deploy the app using Meteor Up which have built in SSL support. Or use common web server like Nginx or Apache, setup SSL and reverse proxy back to meteor app. Example: Nginx configuration server { listen 80; server_name www.example.com; rewrite ^ https://$server_name$request_uri? permanent; } server { listen 443 ssl ;...
Getting SSLHandshakeException in java
java,eclipse,ssl,https,digital-certificate
If importing to keystore not resolving your issue.. as i was not able to resolve it. Then add following line of code. It worked for me. System.setProperty( "javax.net.ssl.keyStore", "D:\\G2B.p12" ); // The path to the .p12 file System.setProperty( "javax.net.ssl.keyStorePassword", "****" ); // The password of the p12 file System.setProperty( "javax.net.ssl.keyStoreType",...
Redirecting http to https
apache,.htaccess,redirect,ssl,https
You can use this in your .htaccess file. Just replace example.com with your domain and all bases should be covered. IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTP_HOST} !^www\. [NC,OR] RewriteCond %{HTTPS} !^on RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L] </IfModule> ...
Jquery load https url
A mixed content error happens when: you try to load secure content SSL(https) on a page served insecurely (http) served Or the opposite you try to load insecure content (http) on a page served securely SSL(https) served Your error message is warning that your calling page has been loaded in...
Unable to Resolve PKIX Path Building Failed
https,certificate,mobilefirst,mobilefirst-adapters
The instructions you've followed are incorrect when using MobileFirst Platform. Follow the steps described in this user documentation topic (for Worklight 6.2, but valid for MFPF 6.3 and above as well). Do not export the certificate from a browser because this action adds browser metadata and other artifacts which shouldn't...
some of my https requests in Jmeter arbitrarlily switches to plain http but keeps the port on 443
I solved it by removing a HTTP Request Defaults config element. That config must have confused the rest of the script. I also got the same tips from Blazemeter on Twitter, after I had solved it....
Apache blocking (not simply rewriting or redirecting) standard http request
The problem was as I suspected in my comment above. Because there was an explicit VirtualHost being defined for port 80 only, any thing that made it though the redirect filter (which had previously been filtering everything) was then falling on deaf ears because there was not a host set...
Tomcat support for HTTP/2.0?
tomcat,https,tomcat7,tomcat8,http2
I'm the HTTP/2 implementer in Jetty, and I watch out other projects implementing HTTP/2. Tomcat's Mark Thomas has outlined support for HTTP/2 for Tomcat 9. Considering that Servlet 4.0 is going to have as a target HTTP/2 support, and that HTTP/2 support requires ALPN support in the JDK (which also...
Camel http4 download file using Basic authentication over Https
https,apache-camel,basic-authentication
You cannot start from http4 as the exception tells you, you need a timer or something to trigger the route from("timer:foo?period=5000") .to("http4://ebc.cybersource.com/ebc/DownloadReport/xxx.csv?authMethod=Basic&authUsername=scott&authPassword=tiger") .to("file:target/messages/download"); In this example the timer triggers every 5th second....
Https upload MultipartForm returns 401 unauthorized
c#,forms,file-upload,https,http-status-code-401
Something possibly changed on Coverity's end, since this was working two weeks ago. Based on this other question here How to upload files to Asp.Net MVC 4.0 action running in IIS Express with HttpClient class included in .Net 4.0 I've found what I think is the solution. You need to...
iOS9 ATS: what about HTML5 based apps?
cordova,https,sencha-touch,ios9
If you are not sure of which URL your application will connect or if you connect to many URLs, you can bypass the ATS by adding following keys in info.plist file. <key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict> ...
Nodejs https request UNABLE_TO_GET_ISSUER_CERT_LOCALLY
There is a reason for SSL. Besides other features, it authenticates that you are really communicating with the server identified by private.service.com hostname. Otherwise your client software can be cheated by a Man-in-the-Middle attack. First when anyone encounters this issue, they should update system root SSL certificates. In Debian they...
Openshift trustwave intermediate ssl cert issue
ssl,https,ssl-certificate,openshift
Ok solve it after lots of searching, and Trustwave still reports it as wrong but all browsers seem to accept it. So I got the main cert file (I was using my-domain.com.pem) copy and paste the contents into a new file (something like combined.pem) then open your intermediate file (chain.cer...
Certificate chain valid in Chrome, not Firefox or Android
google-chrome,firefox,ssl,https,certificate
This is typically the case when the server does not send all necessary intermediate certificates. Chrome on Desktop will go and fetch them. Firefox will use any intermediate certificates cached from previous connections to other sites but will not fetch missing certificates, thus some Firefox instances might work while others...
Require https with Spring Security behind a reverse proxy
java,https,spring-security,reverse-proxy
If your site is HTTPS and you're running Apache Tomcat behind another system that's handling TLS termination, you can tell Tomcat to "pretend" that it's handling the TLS termination. This makes request.isSecure() return true; To do so, you need to add secure="true" to your Connector config in server.xml. https://tomcat.apache.org/tomcat-7.0-doc/config/http.html See...
Client certificate authentication
authentication,ssl,https,ssl-certificate,x509
I've to break down your question into two parts. Part one: Let's say a hacker X sends a CA issued certified to the server as part of handshake. Then server would automatically trust it and grant access. If X aquires the client certificate of an authentic client then that's ok....
forcing silex framework to generate https links
php,symfony2,https,routing,silex
For that specific case, I solved the problem declaring a base url like so in app.php: $app['customBaseUrl'] = 'https://mybaseurl'; then prefixed all my links with this custom baseUrl. Those links aren't generated by the url() twig function anymore. Not the prettiest way to do it though. I would recommend Artamiel's...
How do I accept a self-signed SSL certificate using iOS 7's NSURLSession
ios,swift,ssl,https,self-signed
Both connection:canAuthenticateAgainstProtectionSpace: and connection:didReceiveAuthenticationChallenge: are deprecated in iOS 8 anyway so you should use other methods. What I am using in my projects is a delegate method of NSURLSessionDelegate. Adhere to that protocol then add this method: func URLSession(session: NSURLSession, didReceiveChallenge challenge: NSURLAuthenticationChallenge, completionHandler: (NSURLSessionAuthChallengeDisposition, NSURLCredential!) -> Void) {...
How to change a connection to Github from SSH to HTTPS?
git,github,ssh,https,git-remote
Assuming your remote is called origin, run git remote set-url origin https://... git remote set-url --push origin https://... You can view the configured remotes with git remote -v, which should now show your updated URLs. See the documentation for git-remote for more details....
Copied ssl cert to a test site, how do I remove it?
http,ssl,drupal,https,softlayer
https://www.drupal.org/https-information has some information on how to use SSL certs in drupal specifically. Since you didn't provide the actual error your browser is giving you, I'm going to guess its a domain name mismatch error (like this https://www.digicert.com/ssl-support/certificate-name-mismatch-error.htm ). Basically you will either need to access your site via the...
Clojure: wrap-ssl-redirect on heroku?
Long live lib-noir and its wrap-force-ssl fn. I just needed to change it a bit to fit my needs (I have a SSL cert. for one subdomain even if my clojure app handles more then one domain) Here's my fn: (defn wrap-force-ssl "Almost like in lib-noir. If the request's scheme...
How to configure SSL / HTTPS on Spring?
Problem seems to be the specified encryption algorithm. I was generating the key using keytool, with -keyalg AES. Changed it to use RSA with -keyalg RSA and it works now.