Questions tagged [ssl]

17871 questions
1

votes
1

answer
3.8k

Views

SSL Handshake exception - RESTEASY004655

I am trying to figure out why am having this type of exception all over the log file!!!! Looking on some internet posts, apparently they talk about network interruption !!! javax.ws.rs.ProcessingException: RESTEASY004655: Unable to invoke request at org.jboss.resteasy.client.jaxrs.engines.ApacheHttp...
Bill
1

votes
3

answer
1.7k

Views

Unable to `openssl verify' letsencrypt certificate

I gererate a certificate with Letsencrypt using the Certbot container: $ mkdir /home/$USER/letsencrypt $ docker run -it --rm -p 80:80 -p 443:443 -v /home/$USER/letsencrypt:/etc/letsencrypt certbot/certbot certonly --standalone --email [email protected] --agree-tos -d example.com I navigate to the gen...
David Carboni
1

votes
0

answer
6

Views

How to redirect HTTP traffic to HTTPS while using Virtual Hosting in Tomcat

I need to configure my Tomcat 9 server to redirect http to https traffic. I have tried: Using a connector for the http port and having a redirectPort attribute pointing to the secure connector. Including a security-constraint link at the bottom of the web.xml, which works for other Tomcat servers t...
scanlex
0

votes
0

answer
4

Views

IoT hub certificate validation

We have the following certificate chain: RootCA -> IntermProduction -> [leaf certificates] RootCA -> IntermTest -> [leaf test certificates] Does it make a difference if I: a) Upload to IoT hub RootCA b) Upload to IoT hub both IntermProduction and IntermTest (without RootCA) Will there be any differ...
1

votes
0

answer
17

Views

How can I read certificate to verify signature with openssl?

I have generated a private key and corresponding certificate with openssl on linux, with these commands: openssl req -x509 -newkey rsa:1024 -keyout key.pem -out certificate.pem -days 730 -nodes This has generated to me two files: key.pem and certificate.pem Using key.pem, with C++ (PEM_read_PrivateK...
Mert Mertce
0

votes
1

answer
15

Views

Is SSL appropriate for sending secure contents?

I am using mailR to send emails through R. This is my code send.mail(from = [from], to = [to], subject = 'msg', body = 'contents', html = FALSE, inline = FALSE, authenticate = TRUE, smtp = list(host.name = 'smtp.gmail.com', port = 465, user.name = [username], passwd = [password], ssl = TRUE),...
goollan
1

votes
1

answer
1.2k

Views

You are not an authorized owner of the domain for this certificate (Google App Engine)

For the past 3 years I have been doing the following to generate my SSL certificates for Google App Engine. Convert certificate to PEM format openssl x509 -in domain.crt -out domain.pem -outform PEM Convert Private CSR Key to PEM format openssl rsa -in private.key -out private.pem For some reason I...
bryan
1

votes
2

answer
1.1k

Views

Charles Proxy for Mobile apps that use SSL Pinning

Charles Proxy website comments that: Note that some apps implement SSL certificate pinning which means they specifically validate the root certificate. Because the app is itself verifying the root certificate it will not accept Charles's certificate and will fail the connection. If you have successf...
Stanford Wong
1

votes
3

answer
900

Views

Kafka SSL handshake failed issue

I am trying to enable SSL Authentication on my Kafka server. I am following 7.2 section in below documentation(link). http://kafka.apache.org/documentation.html#security_ssl Followed all steps, but while calling the producer.bat file to send data in to the topic i get below error. ERROR [Producer cl...
Osman Jabri
1

votes
1

answer
74

Views

TIdSSLIOHandlerSocketOpenSSL and TLS protocol

I have a Windows desktop application developed in XE2 that pulls data from a remote server in JSON format. I use Indy 10 to manage this. The application was working fine until I received an email from the server provider people: '...the only protocol for securing the communication will be TLS 1.2. O...
pio pio
0

votes
0

answer
5

Views

Can't authenticate to Identity server SSL handshake error

Background. I need to get my site to authenticate through IdentityServer (IDS). 'example.com' I'm building all of my sites with DotNetCore Hosting them on a proxy server using apache let's call the private ip 12.3.4.5. How they should work. I go to site example.com I should be able to talk to ids.e...
Larry
1

votes
2

answer
45

Views

Java can not load “BEGIN TRUSTED CERTIFICATE” format certificate

I have a CA certificate which is generate by openssl with 'trustout', so the it begins with '-----BEGIN TRUSTED CERTIFICATE-----', when I tried to read it with Java, exception throws. Does Java supports this format of certificate? If so, how to read it? public class TestReadCerts { public static voi...
qibobo
1

votes
1

answer
41

Views

Jetty - ipaccess per connector?

Let's say I am enabling the ipaccess module on jetty: jetty-ipaccess.xml 127.0.0.1 192.168.1.168 false Then I enable it with jetty/home/start.jar --add-to-start=ipaccess But I want this filter to only apply to the http connector. I do not want it to apply to my https connector. How do I configur...
Nicholas DiPiazza
0

votes
0

answer
3

Views

Get TLS-Unique from SSL stream and process HTTP

After long investigation I still didn't find way to get TLS-unique value (https://tools.ietf.org/html/rfc5929) from SSL connection stream using WCF (whole communication using HTTPS protocol though). We are not strictly tied to WCF, so I know there is a TcpListener that allows that via SslStream cla...
irium
4

votes
1

answer
64

Views

Java Applet “ClassNotFoundException” on Firefox 52.4.1 - works on IE

We need to run an old web application which using Java 8 Applet (sick), on Firefox 52.4.1 (last version compatible with Java Applet) and Internet Explorer 11. The applet is based on Java 8 and distributed by an Apache Tomcat server. It is signed and obfuscated (Proguard). The user connect to the web...
cactuschibre
1

votes
1

answer
314

Views

Google Cloud Storage Client API fails in Certificate validation if we pass javax ssl params

I have successfully builded and ran a code snippet to upload the document to google cloud storage using the Java API. While integration of Google Sql to our project we have introduced the keystore and truststore params. After the introduction of the store params the upload document API's are failing...
ted
1

votes
1

answer
227

Views

Returning an image from a Django view using django-sslserver

I'm trying to return an image from a Django 1.11 view while using django-sslserver and Pillow. Here's a minimal view I made for testing. def get_image(request): img = Image.open('oh_noes_cat.png', mode='r') response = HttpResponse(content_type='image/png') img.save(response, 'png') return response I...
clairempr
1

votes
0

answer
306

Views

Connecting to Azure database for PostgreSQL from R

I created a PostgreSQL server on Azure, but I am not able to connect to it from R. I am able to connect to it using pgadmin though drv
let_there_be_light
1

votes
0

answer
149

Views

JAVA SSLSocket keyStore and trustStore, bad certificat error

I’m currently writing a JAVA app that receive AJAX requests from a PHP server. I use sockets for this and it works fine with HTTP requests. But now I would like to do the same thing with HTTPs requests. So I created a keyStore using cert and RSA key of the website : openssl pkcs12 -export -in -in...
Florent Guibert
1

votes
1

answer
464

Views

Magento 2 - 502 Bad Gateway after ssl configuration

I am using a ssl certificate provided by comodo that seems to me to be propely configured because my website is showing the https correctly. However, I am getting 502 Bad Gateway when I access my store with ssl. I am using nginx server and this is how I am doing this. server { root /var/www/html/pub...
Rafael Padovani
1

votes
1

answer
150

Views

Can Jetty be configured to serve AWS Certificate Manager certs?

Running a Java web service with embedded Jetty web container. Would like to serve my RESTful API endpoints over HTTPS with a root CA-signed SSL cert (no OpenSSL). Can I configure my embedded Jetty container to use a 'free' AWS Certificate Manager cert cert or are those certs only for use by AWS infr...
smeeb
1

votes
0

answer
418

Views

unwillingToPerform ldap3 useAccountControl change

I am using ldap3 module in python to create and disable users in AD in python. When I create a user using the following code, from ldap3 import * import ssl tls_configuration = Tls(validate=ssl.CERT_REQUIRED, version=ssl.PROTOCOL_TLSv1) tls_configuration.validate = ssl.CERT_NONE s...
asd
1

votes
0

answer
29

Views

Getting https HTML Content Using Java

So I'm currently trying to read through my own https html page that uses a Comodo RSA Domain Validation certificate using TLS 1.2, ECDHE_RSA with P-256, and AES_128_GCM, using Java. I've narrowed down my problem to simply being that the certificate isn't being accepted by Java Security because other...
arkdevelopment
1

votes
0

answer
17

Views

SSL connection fails when often stalled by ~5s

I have a Perl streaming application that GET some file through HTTPS. The TCP flow is often paused for a few seconds because the player has buffered a lot. As a result, the connection very often breaks/ends early. I've taken various TCP logs and wireshark seems to be all confused and whines about C...
philippe_44
1

votes
2

answer
102

Views

Force site to HTTPS except for some pages and Facebook crawler

There are a few similar questions to this, but none really covered everything I need to do and I'm a bit over my head! I have an existing wordpress site. I want to force the home page and any new subpages to HTTPS but force existing subpages (about 20 of them) to HTTP. Reason being these subpages ha...
AustIm
1

votes
1

answer
2.3k

Views

My website is getting Corrupted Content Error in firefox on login

I have a website that is getting corrupted content error when logging into a user account. This error occurs in Firefox. It only occurs when you log into with a clean cache. After you log in once, you get that error, but you get skip past it. Then if you log out, and log back in again, you won't get...
user904542
1

votes
1

answer
961

Views

SSL Handshake Failure on Oreo

I am trying to interact with a server using a self signed certificate. It works fine for Nougat but has an exception for Oreo: javax.net.ssl.SSLHandshakeException: Handshake failed at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:444) Based off Android O's changel...
Allan W
1

votes
1

answer
307

Views

How to get ClientHello information during SSL handshake in JAVA

I want to get something like client compression_methods or client supported cipher Suites from ssl handshake I have tried using public static void main(String[] args) throws Exception { String serverKeyStoreFile = 'D:\\tomcat.keystore'; String serverKeyStorePwd = 'logiscn'; String catServerKeyPwd =...
kyrotiko
1

votes
1

answer
134

Views

Adding extension in CSR for generating an intermediate certificate

I am generating a Certificate Signing Request for an intermediate certificate. I want to make the certificate a certificate authority (CA), so I want to add the basic constraints extension in CSR. I am currently using the following code exts = sk_X509_EXTENSION_new_null(); add_ext(exts, x509_req, NI...
shery6405
1

votes
0

answer
59

Views

Getting SSLHandshakeException error after several hours of successful API calls

I have created web-service to make payments via PayPal payment provider. The *.war file is deployed on Test environment, where it is running on WildFly (8.2.1.Final) server. After each deploy, I can make successful calls to PayPal side. But after several hours I'm starting to get javax.net.ssl.SSL...
I. Domshchikov
1

votes
0

answer
43

Views

ssllab generate tons of handshake exception

I'm using SSL Labs to test the certificate for the website and it will generate tons of handshake exceptions in my debug log. The exception is showing below: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl...
Elton
1

votes
2

answer
595

Views

How to use verified certificate to set telegram bot Webhook?

I have verified ssl certificate (got it when bought hosting). It consist of four parts: 1. private key, 2. certificate, 3. root sertificate, 4. intermediate certificate. I made two files .key(private), .crt(certificate, intermediate, root) and confugure nginx. Everything good, my domain shows https...
Alexander Ostapenko
1

votes
0

answer
537

Views

NGINX SSL Too Many Redirects?

Environment Ubuntu 16.04 NGINX Light WordPress Configuration Domain name has been changed to example.com for this question. If I bypass port 443, I get the default NGINX landing page and not my WordPress site. # SSL configuration server { # Ports to listen on, uncomment one. listen 443 ssl http2; li...
DevByMike
1

votes
1

answer
194

Views

Xamarin iOS overriding TLS chain validation for self-signed certificates

I'm looking for help with performing self-signed certificate validation with Xamarin.iOS. My custom stream event handler isn't being called. I've been working on implementing self-signed certificate validation code in C# using Xamarin.iOS and CFStream. I've been following along with the process laid...
salomon90
1

votes
0

answer
538

Views

Chrome not trusting Fiddler certificates

Similar to this question: Chrome Doesn't Trust Fiddler Root Certificate But the upvoted answer (https://stackoverflow.com/a/33818661/1250301) doesn't seem to be working for me in fiddler v 5.0. If I load a site with https in chrome I get NET::ERR_CERT_AUTHORITY_INVALID message. If I 'reset all certi...
Matt Burland
1

votes
0

answer
43

Views

(OpenBuildings/Spiderling) Curl “session” throws exception Failed to connect to localhost port 4581: Connection refused

I am trying to make a crawl project using OpenBuildings/Spiderling. I want to create a Phantomjs driver like this: $phantomjs_driver = new Driver_Phantomjs(); $page = new Page($phantomjs_driver); $page->visit($url); But it throw an error: Curl 'session' throws exception Failed to connect to localho...
Ngo Tuan
1

votes
1

answer
86

Views

Different nginx config for different environments

I have a Rails app hosted in two different servers (both with dokku) for production and staging environments. The first one is hosted in www.mywebsite.com.br and the second one in www.staging.mywebsite.com.br. We use a SSL certificate in production so I wrote return 301 https://www.mywebsite.com.br...
ianobraczka
1

votes
0

answer
314

Views

Using Spring Eureka Discovery Client with SSL

I have a problem using a spring eureka discovery client (Service A) in combination with an non spring eureka client (Service B). When i try to get Service B from Service A i get an empty list. Both clients register themself successfully to eureka server. I have configured ssl and therefore disabled...
Benjamin Schüller
1

votes
0

answer
283

Views

SSL traffic decryption - iOS

I'm looking for a way to perform a network trace between an iOS app I'm developing, and a server I own, using my mac to intercept traffic. Traffic is encrypted via SSL ; I own the domain, and the PKCS12 certificate used to encrypt the traffic. I've been able to perform the trace itself following App...
Jeremie Vincke
1

votes
0

answer
245

Views

Keep Alive Timer called close() error between jersey servers, using TLS

I have a multimodule Jersey project, where at some point in serving a request a Gateway module will talk to another Gateway module (this is the 'service discovery' part of the communication) on another PC. This communication works well, but when the code execution gets to the next request where thes...
Zoltán Umlauf

View additional questions