Hi

We have Exchange 2007 server onsite and now planning to move to office 365 and I would like to go with the Hybrid Environment.

I ran the Exchange Deployment Assistant and on the document it says I need to configure Outlook Anywhere on our on- premises Exchange Server (because the email migration service uses RPC over HTTP)

Currently staff use OWA 2007 from outside through https://mail.myorg.co.uk. For this I procured the SSL from Trustico
The document says that I must use a certificate issued by a trusted certification authority (CA) with your Outlook Anywhere configuration.

So do I need to procure another SSL certificate to setup Outlook Anywhere. Bit confused here.
Please let me know how to go about.

Any help will be great.
Thanks

Hello,

I made an app in Delphi Seattle.
The app sends an email to the user.
For this I deploy libcrypto.so and libssl.so.

Interestingly so far it worked well under Android 5 and 6 too, but now I noticed that it works well only with 5 but not with 6 and 7,

The error message is:

Error!
[EldOSSLCouldNotLoadSSLLibrary]
Could not load SSL library.

I read that starting with Android 6 Marshmallow, Google no longer supports OpenSSL on Android.

The question is what should I do so as the Android 6 and 7 users would get my email.

Thank you very much.

This is the first time I'm setting up a domain that doesn't have a .local extension internally. The reason behind it is that I need SSL certificates for several internal applications to communicate to each other and they don't support self-signed certificates. Also I figured I would get with the times and stop using depreciated namespaces...


So here is what I did:

1) Purchased a regular .com TLD
2) Purchased a wildcard certificate from the provider so i can configure as many subdomains as I need
3) Set up the internal domain as subdomain.topleveldomain.com
4) Installed the certificate in IIS on one of the internal servers
5) Exported the certificate and imported it into the DC (https://technet.microsoft.com/en-us/library/dd941846(ws.10).aspx)
 5.1) I tried putting it in the local computer personal store and that didn't work
 5.2) Tried placing the certificate into the NTDS\Personal and that doesn't work

The way I'm testing is simply by launching LDP.EXE and trying to connect using ssl on port 636 just like this:
AD SSL Install

I'm testing on the same local domain controller and tried a fqdn, as well as just the name, and even tried localhost, but I always get this:

ld = ldap_sslinit("servername.topleveldomain.com", 636, 1);
Error 81 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION, 3);
Error 81 = ldap_connection(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to servername.topleveldomain.com

…

we are middle of the issue, i have installed Normal ssl certificate in adfs and its proxy servers after the old certificate got expired we cant acces the application..

receiving following error.. did all the basic trouble shooting steps but no luck can any one help

event id 381..

Windows 2008 R2
Tomcat 8.0.33

Trying to create SSL and install from a CA:
Step 1.
"%JAVA_HOME%\bin\keytool" -genkey -alias ecwinttomcat -keyalg RSA -keystore c:\ecwint.keystore
NO Password, hit enter.  
Step 2.
 
"%JAVA_HOME%\bin\keytool" -certreg -keyalg RSA -alias ecwinttomcat -file c:\ecwint.csr -keystore c:\ecwint.keystore

Get Error about -certreg illegal operation.
Cannot convert to a csr.

Hi, I'm doing an HOA site for a friend. (home owners association, for a condo).

I'm using wordpress so that they can update the site easily.  He wants a section where owners log in and can see content that others can't see. I have an SSL certificate, but I'm not sure how to go about this.

We don't need the whole site secured, We just want an Owners Only Login that leads to the secure pages. Thanks for your experience!

I am trying to access a website through proxy server.I am using httpclient.

This is the code which is working fine:

import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.HostConfiguration;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.GetMethod;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.ProxySelector;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Properties;

public class Working {
private static  String PROXY_HOST = "proxy.test.org";
private static  int PROXY_PORT = 80;

    public static void main(String[] args) {
    HttpClient client = new HttpClient();
    HttpMethod method = new GetMethod("https://www.example.org");
    HostConfiguration config = client.getHostConfiguration();
    config.setProxy(PROXY_HOST, PROXY_PORT);

    try {
          client.executeMethod(method);
            if (method.getStatusCode() == HttpStatus.SC_OK) {
           String response = method.getResponseBodyAsString();
           System.out.println("Response = " + response);
                        }
    } catch (IOException e) {
        e.printStackTrace();
    } finally {
  …

Hello, we are setting up a certificate for our mail server through goDaddy. We have gone through a name re-branding and I am setting up he new name.  I was wondering If activesync.mycompany.com is necessary. I was also wondering if I should match the old SAN;s with the new or if something was redundant or un-necessary and could be removed. Thanks

Current Certificate.........
mail.mycompany.com
www.mail.mycompany.com
autodiscover.mycompany.com
activesync.mycompany.com

New Certificate............
mail.mycompany.com
www.mail.mycompany.com
autodiscover.mycompany.com
mycompany.com

i am bit new to PKI certificates , is it  related to X 509 certifcate

All

We have a requirement where we need to build a WCF service which can make outbound calls (as client) to backend services which requires 2-way SSL (mutual-authentication).

We have been trying this with no luck. It works with 1-way SSL (WCF as client), but when we set the backend services to require 2-way SSL, the handshake failed at the point where WCF is supposed to send its certificate to the backend service, but it doesn't.

Any one has experience doing this? Any clues of what the problem could be will be much appreciated.

Best Regards
Charles

Hi

My website is setup to run over http or https, I assumed everything was working until recently.

On my mac in Safari and Firefox the following two URL's work fine
http://www.petenetlive.com
or
https://www.petenetlive.com

HOWEVER in IE it does not load the CSS and bleats about mixed content, Now I can view the source and see that the css is being loaded from http URLs so that's probably causing the problem, (why Firefox and Safari works I don't know?)

I've tried various Wordpress plugins that claim to fix SSL problems - none of them worked. I've set the site in Wordpress to use the https URL, I've also set this in the wp-config file.

HOW DO I FIX THIS?

Note: In running NGINX and don't have a .htaccess file

Pete

I'm trying to configure SSL(https) for tomcat 8 and have done below steps but still its not working

1) Create the keystore file using

keytool -genkey -alias myservername -keyalg RSA

Select all Open in new window

2) Generated CSR as below

keytool -certreq -alias myservername -file C:\tomcat_ssl\local_machine\test.csr -keystore C:\tomcat_ssl\local_machine\test.keystore

Select all Open in new window

3) Then we had Generated the Certificate and then imported the chain certificate and certificate as below

keytool -import -alias root -keystore C:\tomcat_ssl\local_machine\test.keystore -trustcacerts -file C:\tomcat_ssl\local_machine\srv_chain.cer

Select all Open in new window

keytool -import -alias myservername -keystore C:\tomcat_ssl\local_machine\test.keystore -file C:\tomcat_ssl\local_machine\srv_main.cer

Select all Open in new window

4) Finally Did the changes in tomcat server.xml as below

<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:\tomcat_ssl\local_machine\test.keystore" keystorePass="123" keystoreAlias="myservername"/>

Select all Open in new window

Restarted the tomcat and its not working and showing below screen


In tomcat logs it's not showing any errors and also i have tried other options like keeping cipher tag in connection, Enabled TLS 1,2,3 , changing https port etc no avail.

Also i have tested the https port 443 and it's showing as listening when i netstat. Any idea why this is not working

Hello,

I had tomcat configured to redirect any requests to HTTP to redirect to HTTPS. This was functioning well until we had to do a DR restore of the DEV application. Now, HTTP does not redirect, but HTTPS works fine. I have compared the web.xml and server.xml configurations between our DEV and PROD installations, and found no differences. Below are the sanitized versions of the config:

Server.XML

<Connector port="80"
                   maxThreads="150"
                   minSpareThreads="25"
                   connectionTimeout="20000"
                   enableLookups="false"
                   maxHttpHeaderSize="8192"
                   protocol="HTTP/1.1"
                   useBodyEncodingForURI="true"
                   redirectPort="443"
                   acceptCount="100"
                   disableUploadTimeout="true"
                   bindOnInit="false"/>


<Connector port="443"
				   maxHttpHeaderSize="8192"
				   maxThreads="150"
				   minSpareThreads="25"
				   maxSpareThreads="75"
				   enableLookups="false"
				   disableUploadTimeout="true"
				   acceptCount="100"
				   scheme="https"
				   secure="true"
				   SSLEnabled="true"
				   clientAuth="false"
				   sslProtocol="TLS"
				   keyAlias="DEV_ALIAS"
				   keystoreFile="L:\ocation\to\keystore.jks"
				   keystorePass="supersecretkey"/>

Select all Open in new window

Web.XML (this code is entered after all of the servlet-mapping, and before filter-mapping)

security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

Select all Open in new window

Any idea why this might be failing?