Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.
Course Of The Month
4 days, 12 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
SSL / HTTPS
8K
Solutions
7
Articles & Videos
10K
Contributors
HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.
Share tech news, updates, or what's on your mind.
Hello,
The vendor who does our security audit express concern about SSL certificate we are using on our websites. They mention version 3 and TLS v1 are not secured.
I check the version of the cert we purchase is SHA-2.
I usually purchase the latest version cert and apply it to my IIS website. Are there additional things I need to do?
Please advise.
Thanks.
The vendor who does our security audit express concern about SSL certificate we are using on our websites. They mention version 3 and TLS v1 are not secured.
I check the version of the cert we purchase is SHA-2.
I usually purchase the latest version cert and apply it to my IIS website. Are there additional things I need to do?
Please advise.
Thanks.
1 Comment
Hi all,
We have recently upgraded our internal CA to SHA256. We have a number of internal webservers that have sha1 certificates that are still valid. We are looking to upgrade each other certificates through controlled process. My question is, if we are to renew the certificates on the servers with the new SHA256 if there any issues are we able to recreate a new cert using a SHA1 cert?
We have recently upgraded our internal CA to SHA256. We have a number of internal webservers that have sha1 certificates that are still valid. We are looking to upgrade each other certificates through controlled process. My question is, if we are to renew the certificates on the servers with the new SHA256 if there any issues are we able to recreate a new cert using a SHA1 cert?
When my site are in development I have always gotten the IP address from AWS, then accessed them from my browser. But here's an article I would read if there is a secret exposure...
https://www.imore.com/how-edit-your-macs-hosts-file-and-why-you-would-want
I do not take lightly to changing my Hosts file because I do not want to put myself into an unstable condition, if I missed something in the directions.
Is there risk to using an IP address to directly access my PC? I assume the biggest benefit is that the site can be kept private from public view, but is there any way in the world that someone cold guess that address?
Are the scrapers out there pinging billions of IP addresses?
As far as keeping it private, it is mainly that I can use my real domain name and keep that private? That's nt important to me since I can buy the SSL cert and do that before launch. AT the moment, I just need to look at the sire and test it, so by adding my IP into the browser, does that expose my IP to scrapers?
Thanks.
https://www.imore.com/how-edit-your-macs-hosts-file-and-why-you-would-want
I do not take lightly to changing my Hosts file because I do not want to put myself into an unstable condition, if I missed something in the directions.
Is there risk to using an IP address to directly access my PC? I assume the biggest benefit is that the site can be kept private from public view, but is there any way in the world that someone cold guess that address?
Are the scrapers out there pinging billions of IP addresses?
As far as keeping it private, it is mainly that I can use my real domain name and keep that private? That's nt important to me since I can buy the SSL cert and do that before launch. AT the moment, I just need to look at the sire and test it, so by adding my IP into the browser, does that expose my IP to scrapers?
Thanks.
Hi.
Have a SBS 2011 , with Exchange 2010.
Setting up new pc's with Office 2016 that only support autodiscover set-up.
Have a certificate mail.domainname.com.
Made a DNS cname record ; autodiscover.domainname.co
Autodiscover setup i Outlook now works but gives waring on every startup (of Outlook).
Stating that there is a missmatch between the certificate (mail.domainname.com) and the server it connects to (autodiscover.domainname.c
So, was hoping to get around this without buying a new multi-sub-domain certificate.
Found a workaround:
#
HKEY_CURRENT_USER\Software
4. Click the Edit menu, point to New, and then click String Value.
5. Type the name of the HTTPS server to which AutoDiscover can be connect without warning for the user, and then press ENTER. For example, to allow a connection to https://contoso.com, the first String Value (REG_SZ) name would be as follows:
contoso.com
#
here I added autodiscover.domainname.co
Outlook works (send and recive mail) even if I let the warning stay open, but would like to get rid of it.
- Only 3 pc's connected to domain.
Have a SBS 2011 , with Exchange 2010.
Setting up new pc's with Office 2016 that only support autodiscover set-up.
Have a certificate mail.domainname.com.
Made a DNS cname record ; autodiscover.domainname.co
Autodiscover setup i Outlook now works but gives waring on every startup (of Outlook).
Stating that there is a missmatch between the certificate (mail.domainname.com) and the server it connects to (autodiscover.domainname.c
So, was hoping to get around this without buying a new multi-sub-domain certificate.
Found a workaround:
#
HKEY_CURRENT_USER\Software
4. Click the Edit menu, point to New, and then click String Value.
5. Type the name of the HTTPS server to which AutoDiscover can be connect without warning for the user, and then press ENTER. For example, to allow a connection to https://contoso.com, the first String Value (REG_SZ) name would be as follows:
contoso.com
#
here I added autodiscover.domainname.co
Outlook works (send and recive mail) even if I let the warning stay open, but would like to get rid of it.
- Only 3 pc's connected to domain.
Hi all,
I have just installed a Thawte SSL certificate on my server for one of my websites. Its seems et up correctly, however, now the site does not work correctly. It is not a Joomla or WordPress site but does make use of some external assets such as fonts etc. Is this causing the issue?
http://www.jonbysoft.com/ << None secure
https://www.jonbysoft.com/ << Secure SSL
New to this. Any help of advice appreciated.
Kind regards
Abiel M de Groot Sanders
I have just installed a Thawte SSL certificate on my server for one of my websites. Its seems et up correctly, however, now the site does not work correctly. It is not a Joomla or WordPress site but does make use of some external assets such as fonts etc. Is this causing the issue?
http://www.jonbysoft.com/ << None secure
https://www.jonbysoft.com/ << Secure SSL
New to this. Any help of advice appreciated.
Kind regards
Abiel M de Groot Sanders
i have used
openssl pkcs7 -inform der -in YourFile.p7b -out YourFile.pem
and i have ,pem file, i tried using openssl pkcs7 -in Yourfile.p7b -text -out Yourfile.pem -print_certs
it is giving error.
i opened the ,pem file and i saw
----BEGIN PKCS7-----
MIIPnAYJKoZIhvcNAQcCoIIPjT
XXXXXXXXXXXXXXXXXX0SOBLcJP
-----END PKCS7-----
what more should i do.
thanks
openssl pkcs7 -inform der -in YourFile.p7b -out YourFile.pem
and i have ,pem file, i tried using openssl pkcs7 -in Yourfile.p7b -text -out Yourfile.pem -print_certs
it is giving error.
i opened the ,pem file and i saw
----BEGIN PKCS7-----
MIIPnAYJKoZIhvcNAQcCoIIPjT
XXXXXXXXXXXXXXXXXX0SOBLcJP
-----END PKCS7-----
what more should i do.
thanks
I have used 3 set of codes(where I used Indy10.6.2 component), which doesn't show any errors, but i can't able to send SMS through the code. Please help me to send me the Sms through Delphi code
The code which I used is...
const
URL = 'https://api.bulksmsgateway.in/send/?username=****&hash=****&sender=TXTLCL&numbers=9198........&message=HISUNDAR';
//URL = 'https://api.textlocal.in/send/?username=*****&hash=******&sender=TXTLCL&numbers=9198...&message=HISUNDAR';
ResponseSize = 1024;
var
hSession, hURL: HInternet;
Request: String;
ResponseLength: Cardinal;
begin
hSession := InternetOpen('TEST', INTERNET_OPEN_TYPE_PRECONF
try
Request := Format(URL,[Username,Passw
hURL := InternetOpenURL(hSession, PChar(Request), nil, 0,0,0);
try
SetLength(Result, ResponseSize);
InternetReadFile(hURL, PChar(Result), ResponseSize, ResponseLength);
SetLength(Result, ResponseLength);
finally
InternetCloseHandle(hURL)
end;
showmessage(result);
finally
InternetCloseHandle(hSessi
end
var
http : TIdHTTP;
IdSSL : TIdSSLIOHandlerSocketOpenS
begin
http := TIdHTTP.Create(nil);
IdSSL := TIdSSLIOHandlerSocketOpenS
try
Http.ReadTimeout := 30000;
Http.IOHandler := IdSSL;
IdSSL.SSLOptions.Method := sslvTLSv1;
Http.Request.BasicAuthenti
// IdSSL.SSLOptions.Method := sslvTLSv1;
…
The code which I used is...
const
URL = 'https://api.bulksmsgateway.in/send/?username=****&hash=****&sender=TXTLCL&numbers=9198........&message=HISUNDAR';
//URL = 'https://api.textlocal.in/send/?username=*****&hash=******&sender=TXTLCL&numbers=9198...&message=HISUNDAR';
ResponseSize = 1024;
var
hSession, hURL: HInternet;
Request: String;
ResponseLength: Cardinal;
begin
hSession := InternetOpen('TEST', INTERNET_OPEN_TYPE_PRECONF
try
Request := Format(URL,[Username,Passw
hURL := InternetOpenURL(hSession, PChar(Request), nil, 0,0,0);
try
SetLength(Result, ResponseSize);
InternetReadFile(hURL, PChar(Result), ResponseSize, ResponseLength);
SetLength(Result, ResponseLength);
finally
InternetCloseHandle(hURL)
end;
showmessage(result);
finally
InternetCloseHandle(hSessi
end
var
http : TIdHTTP;
IdSSL : TIdSSLIOHandlerSocketOpenS
begin
http := TIdHTTP.Create(nil);
IdSSL := TIdSSLIOHandlerSocketOpenS
try
Http.ReadTimeout := 30000;
Http.IOHandler := IdSSL;
IdSSL.SSLOptions.Method := sslvTLSv1;
Http.Request.BasicAuthenti
// IdSSL.SSLOptions.Method := sslvTLSv1;
…
Performing an Exchange 2003 o 2010 migration. I have switch mail flow from EX2003 to EX2010 in coexistence. Mail seems to be working correctly, but I am getting the following error now on the EX2010 server:
The following fatal alert was received: 46.
Event ID: 36887
I have only moved a few mailboxes over to EX2010. I am getting certificates errors on Outlook Web Access, but can still log on and get mail. The error searches I have found so far says it an issue with SSL. I have a SSL certifcate installed on EX2010 and exported it on to EX2003. I purchase this new certificate from the request I created on EX2010. Anyone have any solution ?
The following fatal alert was received: 46.
Event ID: 36887
I have only moved a few mailboxes over to EX2010. I am getting certificates errors on Outlook Web Access, but can still log on and get mail. The error searches I have found so far says it an issue with SSL. I have a SSL certifcate installed on EX2010 and exported it on to EX2003. I purchase this new certificate from the request I created on EX2010. Anyone have any solution ?
HI all,
Im currently workign on a project on tightening security on our webservers. First step on this is disabling weak Ciphers that are still currently enabled. Im aware of the list of known weak ciphers, but im wondering if Im to disable these, what the impact be on the browsers connecting in?
We will disable SSLv3.
TLS 1.1 - Not sure what impact this will have?
Weak SHA - RC4 MD5
Is anyone aware of a list browser versions that maybe impacted?
Im currently workign on a project on tightening security on our webservers. First step on this is disabling weak Ciphers that are still currently enabled. Im aware of the list of known weak ciphers, but im wondering if Im to disable these, what the impact be on the browsers connecting in?
We will disable SSLv3.
TLS 1.1 - Not sure what impact this will have?
Weak SHA - RC4 MD5
Is anyone aware of a list browser versions that maybe impacted?
Hey guys,
Please note Im not too savvy when it comes to exchange and ssl certs.
Having issues with a computer popping a security alert when opening outlook 2013. OS is windows 10.
It is an exchange 2010 mailbox that is linked with ad and the mail config automatically pulls. Accounts and everything work great. However on this computer i am getting a security alert that states the .local servername at the top and a red x next to "the name on the security certificate is invalid or does not match the name of the site."
this is a godaddy cert and the sans on the cert state the name for the owa website and autodiscover urls, and wont allow putting the .local server name. This cert should be for external use if i understand correctly.
There is a self signed cert on this same server that does have the .local san listed.
but its like for some reason outlook is still pulling the godaddy cert.
Can anyone lend a hand with this issue?
Im even down for just suppressing the popup if thats possible.
Please note Im not too savvy when it comes to exchange and ssl certs.
Having issues with a computer popping a security alert when opening outlook 2013. OS is windows 10.
It is an exchange 2010 mailbox that is linked with ad and the mail config automatically pulls. Accounts and everything work great. However on this computer i am getting a security alert that states the .local servername at the top and a red x next to "the name on the security certificate is invalid or does not match the name of the site."
this is a godaddy cert and the sans on the cert state the name for the owa website and autodiscover urls, and wont allow putting the .local server name. This cert should be for external use if i understand correctly.
There is a self signed cert on this same server that does have the .local san listed.
but its like for some reason outlook is still pulling the godaddy cert.
Can anyone lend a hand with this issue?
Im even down for just suppressing the popup if thats possible.
Announcing the Most Valuable Experts of 2016
MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.
We have a root CA that we keep turned off. We have an intermediate CA where we issue certs for internal use.
All certs I'm issuing refuse to issue out past Dec 20, 2017 at 2:20PM.
I'm sure this is due to me intermediate CA needing to update it's cert from the root CA, but I'm unsure how to do that.
Can someone point me in the right direction? <-------(isn't that the name of a boy band?)
Thanks
Cliff
PS: Windows 2012 R2 servers here.
All certs I'm issuing refuse to issue out past Dec 20, 2017 at 2:20PM.
I'm sure this is due to me intermediate CA needing to update it's cert from the root CA, but I'm unsure how to do that.
Can someone point me in the right direction? <-------(isn't that the name of a boy band?)
Thanks
Cliff
PS: Windows 2012 R2 servers here.
Hi all,
We have a internal CA and I im trying to sign a certificate using the the CA. I have used open ssl to create the CSR file, i would like to know now how I create the cert file.
We have a internal CA and I im trying to sign a certificate using the the CA. I have used open ssl to create the CSR file, i would like to know now how I create the cert file.
Hello all,
I have some Win 2012 3cx v15 phone systems and was having trouble with apple push notifications for calls to remote devices. I've determined it to be a TLS issue. I had used IIS Crypto to remove the less secure SSL 3.0, TLS 1.0 and 1.1, leaving just TLS 1.2 and more secure ciphers. This breaks apple push notifications from the 3cx server/software. I put back TLS 1.1, no luck. Put back TLS 1.0, now push notifications work. I find it odd that I should still need 1.0 enabled on the server.
Is apple push still using that protocol and not 1.1 or 1.2, or might there be something else going on here.
I'm by no means familiar with protocols/ciphers, just determined what fixes the problem.
I have some Win 2012 3cx v15 phone systems and was having trouble with apple push notifications for calls to remote devices. I've determined it to be a TLS issue. I had used IIS Crypto to remove the less secure SSL 3.0, TLS 1.0 and 1.1, leaving just TLS 1.2 and more secure ciphers. This breaks apple push notifications from the 3cx server/software. I put back TLS 1.1, no luck. Put back TLS 1.0, now push notifications work. I find it odd that I should still need 1.0 enabled on the server.
Is apple push still using that protocol and not 1.1 or 1.2, or might there be something else going on here.
I'm by no means familiar with protocols/ciphers, just determined what fixes the problem.
Hi,
I am migrating an Ex2010 server to Ex2016.
I've already introduced the Ex2016 server into the environment. I have not yet changed DNS or cut over namespaces.
I am at the SSL stage.
Obviously I have an SSL cert on the 2010 server (good for another year). From what I have been reading it says to export the Cert from the 2010 server and import it into the 2016 server. (Name spaces are the same for both servers so the current SSL will be fine.
My question is, when I export the SSL from the 2010 server, will that invalidate/cancel it on the 2010 server and stop it from working? If so, I was thinking of just buying another Cert and installing that on the 2016 server.
Thanks!
nacht
I am migrating an Ex2010 server to Ex2016.
I've already introduced the Ex2016 server into the environment. I have not yet changed DNS or cut over namespaces.
I am at the SSL stage.
Obviously I have an SSL cert on the 2010 server (good for another year). From what I have been reading it says to export the Cert from the 2010 server and import it into the 2016 server. (Name spaces are the same for both servers so the current SSL will be fine.
My question is, when I export the SSL from the 2010 server, will that invalidate/cancel it on the 2010 server and stop it from working? If so, I was thinking of just buying another Cert and installing that on the 2016 server.
Thanks!
nacht
Grrrr,
I'm having a hard time. I'm trying to renew an existing certificate on Exchange 2017.
Just renewed the SSL with GoDaddy.
Received the SSL certificates but no REQ, just .CRT
In ECP when renewing the SSL, I get this error:
"Please use a valid file name when you run the New-ExchangeCertificate cmdlet on server MAIL with the -RequestFile parameter. The file should not exist in target folder. Parameter name: RequestFile"
What am I doing wrong?
Please advise. Thanks
I'm having a hard time. I'm trying to renew an existing certificate on Exchange 2017.
Just renewed the SSL with GoDaddy.
Received the SSL certificates but no REQ, just .CRT
In ECP when renewing the SSL, I get this error:
"Please use a valid file name when you run the New-ExchangeCertificate cmdlet on server MAIL with the -RequestFile parameter. The file should not exist in target folder. Parameter name: RequestFile"
What am I doing wrong?
Please advise. Thanks
Hi Folks,
It seems some changes to my site have shocked the search engines: www.recoveryaudio.org Traffic today is down by probably 70%.
Last night a new Divi child theme was installed. A few weeks ago I switched to a secure (https) server, and also added Clouldflare CDN as well as Ezoic, which is a CDN ad proxy server.
I have read that switching from http to https can affect SEO (and i suspect there could be an issue with internal linking), and I suspect the page HTML code has changed significantly as well.
I'm seeking some guidance to identify obvious problems, and/or possibly hiring someone for guidance or "fixing" whatever issues may be going on.
Thanks!!
It seems some changes to my site have shocked the search engines: www.recoveryaudio.org Traffic today is down by probably 70%.
Last night a new Divi child theme was installed. A few weeks ago I switched to a secure (https) server, and also added Clouldflare CDN as well as Ezoic, which is a CDN ad proxy server.
I have read that switching from http to https can affect SEO (and i suspect there could be an issue with internal linking), and I suspect the page HTML code has changed significantly as well.
I'm seeking some guidance to identify obvious problems, and/or possibly hiring someone for guidance or "fixing" whatever issues may be going on.
Thanks!!
Any HTTPs site I attempt to reach I get a generic page not found error, while if I use a page's HTTP variant, I can reach the site normally.
I have already cleared any proxies in IE, installed and used Chrome and Firefox, checked for firewall rules that block port 443, registered a series of DLLs, and ran sfc /scannow to see if all of the system files were intact ( No errors found).
Are there any other fixes or troubleshooting methods I can look into for this?
I have already cleared any proxies in IE, installed and used Chrome and Firefox, checked for firewall rules that block port 443, registered a series of DLLs, and ran sfc /scannow to see if all of the system files were intact ( No errors found).
Are there any other fixes or troubleshooting methods I can look into for this?
Dear experts,
We have a HAProxy installation with SSL-Passthrough (we need the SSL to reach the apache itself for proper HTTP/2 handling so we can't use SSL termination on HAProxy)
However, I can't seem to configure the HAPrxoy to send the real IP to Apache, the logs always show the internal IP of the HAProxy.
This is my HAProxy Config:
We have a HAProxy installation with SSL-Passthrough (we need the SSL to reach the apache itself for proper HTTP/2 handling so we can't use SSL termination on HAProxy)
However, I can't seem to configure the HAPrxoy to send the real IP to Apache, the logs always show the internal IP of the HAProxy.
This is my HAProxy Config:
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local2 #Log configuration
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 30000
user haproxy #Haproxy running under user and group "haproxy"
group haproxy
daemon
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout
Dear Experts,
I'd like to cache my flash movie on my html page, I do not want to download it again and again from the server when the page is called. Because, I will not change it for two weeks and the file is proportionally large. As far as I know, the browsers cache flash files, but I need to be sure..
I use https ( secure connection )
I wrote my html page like this. What do you think about it?
I'd like to cache my flash movie on my html page, I do not want to download it again and again from the server when the page is called. Because, I will not change it for two weeks and the file is proportionally large. As far as I know, the browsers cache flash files, but I need to be sure..
I use https ( secure connection )
I wrote my html page like this. What do you think about it?
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="pragma" content="Cache">
<title>My Title</title>
</head>
<body>
<object width="1366" height="768">
<param name="movie" value="upt_video.swf">
<embed src="upt_video.swf" width="1366" height="768">
</embed>
</object>
</body>
</html>
Free Tool: Subnet Calculator
The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.
One of a set of tools we're offering as a way of saying thank you for being a part of the community.
Hello, I'm using this component to make my system and I came across a problem when sending a post to a certain form where I have to post a captcha code, simply by sending the post to that url, the html returned is like a one GET, because the error message does not come informing the wrong code, it simply does not post the information, I only have a problem on this page, all the others managed to work, get it and posts, I need help in this part!
Apple is no longer just for the tech-savvy millennial and professional crowd. Check out today's product release, where developers as young as 7 and as old as 84 are releasing new apps to the App Store. https://www.apple.com/apple-events/june-2017/
I have installed Exchange 2010 onto Server 2008R2. I have an SAN SSL certificate from Godaddy installed on Exchange (mail.domain.com and autodiscover.domain.com). I have a Cisco ASA acting as a firewall and a Sophos XG135 in bridged mode acting as the email filter. Email can be sent and received without a problem and the email is being filtered. OWA works from the outside without a problem, however, Outlook Anywhere will not work. I have poured over the available documentation from Sophos but cannot get a remote Outlook client to connect to the Exchange server using Outlook Anywhere.
Has anyone successfully configured the XG in bridged mode to work with Outlook Anywhere? What steps am I missing? Do I need to install the SSL cert on the XG instead of Exchange and make the XG an SSL Proxy? If so, is there any documentation on how to go about this with the Godaddy certificate?
Has anyone successfully configured the XG in bridged mode to work with Outlook Anywhere? What steps am I missing? Do I need to install the SSL cert on the XG instead of Exchange and make the XG an SSL Proxy? If so, is there any documentation on how to go about this with the Godaddy certificate?
I have Server 2003 R2 with Exchange 2007.
I am trying to create a public SSL certificate I can install on the server. I generate the certificate request from IIS and copied the crt file to godaddy. I generated the certificate by opening IIS Manager > expanding server name > expanded web sites > right click on "Default Web Site" > directory security > server certificates > next > create a new certificate > "Prepare the request now, but send it later > Name: "Default Web Site", bit length 2048, and left "select cryptographic service provider (CSP) for this certificate" unchecked > entered Org name and Org Unite > common name: mail.mydomain.com > Country, State, City > let it default file name c:\certreq.txt.
I downloaded the completed file from goDaddy and imported into mmc > certificates > and imported the crt file from GoDaddy. Went back to IIS Manager and deleted the pending certificate > Assign an existing certificate > and choose my certificate from GoDaddy. The problem is this does not contain a key to correspond with that certificate to secure my Outlook Web Access. How do i accomplish this?
I am trying to create a public SSL certificate I can install on the server. I generate the certificate request from IIS and copied the crt file to godaddy. I generated the certificate by opening IIS Manager > expanding server name > expanded web sites > right click on "Default Web Site" > directory security > server certificates > next > create a new certificate > "Prepare the request now, but send it later > Name: "Default Web Site", bit length 2048, and left "select cryptographic service provider (CSP) for this certificate" unchecked > entered Org name and Org Unite > common name: mail.mydomain.com > Country, State, City > let it default file name c:\certreq.txt.
I downloaded the completed file from goDaddy and imported into mmc > certificates > and imported the crt file from GoDaddy. Went back to IIS Manager and deleted the pending certificate > Assign an existing certificate > and choose my certificate from GoDaddy. The problem is this does not contain a key to correspond with that certificate to secure my Outlook Web Access. How do i accomplish this?
I have to write a Node.JS application that connects to a remote server. The remote server has a login manager that authenticates my session then spawns a separate process to handle the rest of my session. The way that works is that I have to make a non-SSL network connection to the login manager and do an initial unprotected handshake. The lets the client and server negotiate if they will be doing SSL or plain text communications. If SSL then I need to elevate my socket to an SSL socket, send my login and password along with some other initial information, then get a success of failure message back from the login manager. If success then I know the login manager is starting a new process and handing off my open socket connection to that new process. Since the server can't pass the SSL context it de-elevates the SSL connection and runs a program passing it the non-SSL open socket. Then the new program creates it's own SSL context on the open socket. So in my Node.JS code I need to close the SSL socket but leave the raw socket open. The new program will send me a success message when it is up and running at which time I need to re-elevate my open socket to SSL again.
My question is how can I close an SSL socket leaving the raw socket open so I can continue to use the raw socket and then re-elevate it to SSL again?
My question is how can I close an SSL socket leaving the raw socket open so I can continue to use the raw socket and then re-elevate it to SSL again?
is there any method of setting up simple proxy server
can it be linux or windows based, can some body share any documenation of setting up proxy server
also any difference between proxy server and network load balancer? if so like what I think SSL decryption happens in both
can it be linux or windows based, can some body share any documenation of setting up proxy server
also any difference between proxy server and network load balancer? if so like what I think SSL decryption happens in both
SSL / HTTPS
8K
Solutions
7
Articles & Videos
10K
Contributors
HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.
Top Experts In
SSL / HTTPS
-
1
David Favor7,000 points -
2
arnold4,600 points -
3
David Johnson, CD, MVP4,600 points -
4
Kumar K4,000 points -
5
btan3,000 points -
6
Adam Brown2,900 points -
7
Steve Bink2,800 points -
8
Jackie Man2,800 points -
9
masnrock2,500 points
-
10
Dave Baldwin2,000 points -
11
Andrew Hancock (VMware vExpert / EE MVE^2)2,000 points -
12
Cris Hanna2,000 points -
13
Paul MacDonald2,000 points -
14
Lucas Bishop2,000 points -
15
viktor grant2,000 points -
16
kevinhsieh1,300 points -
17
Ray Paseur1,109 points -
18
Phil Phillips1,000 points -
19
Radhakrishnan R1,000 points -
20
Brandon Dube500 points -
21
Naveen Devadiga400 points -
22
Martin Tarlink228 points -
23
Brian Murphy197 points -
24
Paranormastic64 points -
25
Shakshi Shivi48 points