SSL Forums / SSL Certificates / Community Support

taype of web site

mena — Wed, 27 Aug 2008 07:02:35 GMT

it used with html or php ?

SSL login authentication on single domain for multiple domains

HaranRas — Fri, 22 Aug 2008 05:21:07 GMT

Our site currently runs in 22 countries with 22 different country domains:

www.mysite.com

www.mysite.co.uk

www.mysite.fr

etc

We want to use SSL on our login pages but realise that the cost of certification for every domain is expensive. One solution would be to channel all login activity to a single domain, eg: www.mysite.com/login.cfm?site=fr which would then redirect to www.mysite.fr – this is how Google do it

But, currently we are using encrypted cookies for login authentication so we would have the problem of having to transfer the cookie info across domains securely. Is there any way of going about this?

Any other suggestions would be great, too. We do plan to move to session management for logins but this is a longer term project so we are hoping to sort out the SSL prior to that.

Restrict a CA to a certain domain

jsamper — Wed, 20 Aug 2008 09:50:23 GMT

Hi all
I have my own CA certificate. I use it to sign my server certificates, which are renewed every year.
I want to send my CA certificate to my clients,so they can be sure the my server certificates are authentic.
My question is: Can I make my CA restricted to a certain domain? That is: Is there a way to say "This CA will only sign certificates of mydomain.com and it will only be valid for this domain"?
I might have issues on clients that don't want to trust my CA certificate, which could currently sign ANY certificate...
Thanks!

opening 360share pro

mr coder moore — Fri, 29 Dec 2006 11:28:31 GMT

hi i cant open 360share pro

what shaw i do?

How to upgrade SSL 2.0 to SSL 3.0

LonnieMitchell — Mon, 11 Aug 2008 15:16:09 GMT

I am sure this is a simple question, but I've been tasked with trying to find out the best method of upgrading SSL 2.0 to SSL 3.0. Our company has a vendor that handles this for us, but they've mentioned they want to effect the upgrade by running some script they have which will remove certain components of 2.0 and effectively force an upgrade to 3.0. This sounds a bit out there to us so I just wanted to ask around and see if anybody can tell me how this "should" be done.

GOAL: My main site will not be SSL protected - but my store will be SSL protected.

notyetmod — Mon, 21 Jul 2008 21:43:48 GMT

GOAL: My main site will not be SSL protected - but my store will be SSL protected. On http://xxxx.com/index.html -I can place a link to- https://www.store.xxxx.com

I have a working OSC store at: xxxx.com/catalog/

the ftp path is: /xx/catalog/

As part of the OSC configuration- an .htaccess file resides inside the catalog folder.

I then had my host (1and1) install an SSL certificate.

But I don't want my whole site secure, only the "Store".

So I created a sub-domain "store.xxxx.com"

I created a ftp folder for store.xxxx.com at: /xx/catalog/

I had 1and1 assign the SSL Cert to the existing OS COMM "catalog" folder at /xx/catalog/

I created an .htaccess file that has this code:

RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://store.xxxx.com /$1 [R]

Results:

If I place the .htaccess file on the top level: /xx/ (not in the catalog folder) I get: 500 Internal Server Error trying to access http://xxxx.com/index.html. As well trying to access , https://www.store.xxxx.com yields: Data Transfer Interrupted.

If I place the .htaccess file in /xx/catalog/ it would of overwrite the OSC .htaccess file.

I was told I had to include:

RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://store.xxxx.com /$1 [R]

in the OSC .htaccess file- but I added it > uploaded it to /xx/catalog/ and could not access My Site or My Store.

Bottom line is, I’m not sure my setup is correct and don’t know if I can Mod_Rewrite my way out of this mess or if I need to start over with OSC or move some thing around or all of the above….any tips welcome

Intermediate Certificate

wallz — Tue, 15 Jul 2008 17:40:31 GMT

Hello,

I'm pretty new to SSL but do have an overall understanding of how it's used. So far I'm able to configure my test machine by using SelfSSL(iis60rkt.exe) and am able to visit my site via https and it's working.

However, I need to test and incorporate an Intermediate certificate, in this case from Verisign since they offer a free trial period.

https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR212&actp=LIST

I've tried to follow their Kbase article (https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR233) but I don't see the same screenshots they have in step#6.

I guess my questions would be

- what am I missing?

- Do I have all the requirements to set this up?

- Should I move away from SelfSSL and get a cert from a CA?

Thanks,

Wallie

A couple of SSL Questions

ademc — Tue, 01 Jul 2008 22:27:45 GMT

Hi guys,

I've got some questions on SSL and this forum as the first result in Google for 'SSL Forum' so I thought I'd ask here.

If I enable ssl on a site which allows people the option of uploading files to the server, are these uploads secured. (does the encryption also cover the file being transferred?)

Also, after a file is uploaded, an email is sent out using a PHP script. is the sending of this email also secured when using SSL?

Thanyou in advance.

Setting up SSL on a site

testgopher — Wed, 18 Jun 2008 16:45:40 GMT

I'm a complete newbie when it comes to SSL (https://) connections. I have a client who's trying to setup a secure connection to his website. When I type in http://www.websitename.com I get his home page. When I try using SSL, https://www.websitename.com, I get a placeholder page. I don't know where this page is coming from. I contacted the hosting company and they told me I need to contact the registrar for the domain name. I'm lost at this point. I'm assuming this placeholder page would be somewhere on the hosting server, but where is this page located? I thought using SSL would be as simple as uploading a page to the "SSL" area of the hosted account (where I thought this placeholder page was coming from), but I don't see any type of directory like this.

On the placeholder page, I see the following paragraph:

"If you can see this page, then the people who manage this server have installed cPanel and WebHost Manager (WHM) which use the Apache Web server software and the Apache Interface to OpenSSL (mod_ssl) successfully. They now have to add content to this directory and replace this placeholder page, or else point the server at their real content."

It seems like my client has SSL installed on the account, but I don't know where to go from here to setup a secure page. What directory is this paragraph referring to?

Can someone point me in the right direction or at least educate me a little more on setting up and using SSL pages? I'm just trying to make a simple link from the unsecure area of the website to the secured area so users can fill in personal information to submit.

Thanks in advance.

General SSL question

csc — Wed, 28 May 2008 11:50:54 GMT

Is it possible to use SSL even though the website you are connecting to does not have the correct certificate? For example, I have a server that has a certificate installed (not sure exactly which kind) - when connecting to the server you get the usual 3 options (I connect anyway). Since the site requires an SSL connection does this mean anything sent/received to/from the website is encrypted? Does SSL need the correct type of certificate on the server and/or anything else to make the SSL transmissions successful?

Much thanks for any help/replies!!

POS Developer

johnnyaction314 — Thu, 22 May 2008 21:50:36 GMT

Hello everyone, this isnt exactly a technical question but Im just looking for general information on SSL. I have read a lot about it lately, but I want to get some ideas from experienced users. I am developing POS software for restaurant/bar settings and I am in the process of setting up the SSL. I have no experience in this area whatsoever so I am looking for advice on what the best route for me to go is. As of right now, I have a free test certificate that I am using and I have it figured out from a coding standpoint. What I need advice on is what type of certificate should I look into? How do I go about getting different certificates for each merchant? Is there services to simply this so that I can purchase them in bulk and resell them to my customers (the owners/managers of the restaurants)? My software will have most likely somewhere between 1 and 10 computers networked together.Do I just use one certificate on the designated server or should each computer have its own certificate? Thanks in advance for your help. -- Mark Adler

ssl not working properly

ndjustin20 — Mon, 14 Apr 2008 17:36:06 GMT

Greetings!

I have a problem whereas if a person goes to www.usmenu.net they reach an unsecured site but if a person goes to https:usmenu.net then they reach the secured site. This is true for sub domains also. I had it setup so on my last server if a customer were to go to www.usmenu.net they were actually going to https://www.usmenu.net without redirecting them to another page. Can anyone tell me how to do this in cpanel as I have been trying to fix this issue all day with tech support.

SSL/TCP Connection termination results in RST

Chandler Bing — Thu, 05 Jun 2008 13:25:00 GMT

My company is working with VeriFone and TSys to isolate issues we've seen with SSL transactions. We're being told that once one side sends a FIN, that terminates the entire conversation and indeed the other side still has data to send and when it performs a PSH, it's ignored and ultimately the connection is RST. I'm being told by both sides that this is normal. I don't believe it is.

I have packet captures, but I'm not sure how to post them or share them out.

how to use ssl for sending mail

ashkumar1981 — Fri, 09 May 2008 09:37:08 GMT

how i can access other's username and password of ssl digital certificate?
what is the hardware and software requirements for the ssl installation?
how i can send the e-mail over the internet with ssl and tell me process in detail?

SSL Handshake Error : unable to find valid certification path to requested target

tsenthil — Tue, 29 Apr 2008 08:55:49 GMT

Hi,

I am developing some server to server applications and SSLHandshakeException occured when i try to send https request from one server to another server.

Here is my situation ,
1. Client C1(any web browser) accesses the Server S1.
2. In order to complete the request, S1 needs to communicate Server S2 where S2 requires SSL Client authentication.
3. When S1 sends the https servlet request to S2, SSLHandshakeException occured in S1.
And what i need is to make the communication between S1 and S2. My question is whether i want to keep any cert in S1 in order to communicate with S2 ?
P.S: Both S1 and S2 are running Apache 1.3. C1 could be either IE or firefox.

Any quick help will be appreciated.

Exception follows ,

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
12:41:30:129 PM at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
12:41:30:129 PM at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
12:41:30:129 PM at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
12:41:30:129 PM at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
12:41:30:129 PM at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
12:41:30:130 PM at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
12:41:30:130 PM at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
12:41:30:130 PM at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
12:41:30:130 PM at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
12:41:30:130 PM at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
12:41:30:130 PM at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
12:41:30:130 PM at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
12:41:30:130 PM at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
12:41:30:130 PM at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
12:41:30:130 PM at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
12:41:30:131 PM at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
12:41:30:131 PM at com.adventnet.mesolutions.util.CommonUtil.requestFromServer(CommonUtil.java:85)
12:41:30:131 PM at com.adventnet.me.opmanager.webclient.admin.users.AddUserAction.execute(AddUserAction.java:365)
12:41:30:132 PM at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
12:41:30:132 PM at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
12:41:30:132 PM at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
12:41:30:133 PM at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
12:41:30:133 PM at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
12:41:30:134 PM at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
12:41:30:134 PM at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
12:41:30:134 PM at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
12:41:30:134 PM at com.adventnet.nms.webclient.login.AuthenticationFilter.doFilter(AuthenticationFilter.java:139)
12:41:30:134 PM at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
12:41:30:134 PM at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
12:41:30:134 PM at com.adventnet.nms.webclient.i18n.EncodingFilter.doFilter(EncodingFilter.java:70)
12:41:30:134 PM at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
12:41:30:134 PM at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
12:41:30:134 PM at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
12:41:30:135 PM at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
12:41:30:135 PM at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
12:41:30:135 PM at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
12:41:30:135 PM at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
12:41:30:135 PM at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
12:41:30:135 PM at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
12:41:30:135 PM at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
12:41:30:135 PM at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2416)
12:41:30:135 PM at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
12:41:30:136 PM at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
12:41:30:136 PM at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
12:41:30:136 PM at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
12:41:30:136 PM at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
12:41:30:136 PM at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
12:41:30:136 PM at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577)
12:41:30:136 PM at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
12:41:30:136 PM at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
12:41:30:136 PM at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
12:41:30:137 PM at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
12:41:30:137 PM at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
12:41:30:137 PM at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
12:41:30:137 PM at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
12:41:30:137 PM at org.apache.ajp.tomcat4.Ajp13Processor.process(Ajp13Processor.java:466)
12:41:30:137 PM at org.apache.ajp.tomcat4.Ajp13Processor.run(Ajp13Processor.java:585)
12:41:30:137 PM at java.lang.Thread.run(Unknown Source)
12:41:30:138 PM Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
12:41:30:138 PM at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
12:41:30:139 PM at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
12:41:30:139 PM at sun.security.validator.Validator.validate(Unknown Source)
12:41:30:139 PM at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
12:41:30:139 PM at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
12:41:30:139 PM ... 54 more
12:41:30:140 PM Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
12:41:30:140 PM at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
12:41:30:140 PM at java.security.cert.CertPathBuilder.build(Unknown Source)
12:41:30:140 PM ... 59 more

No lock icon on browser at 'secure' sites

pzman — Fri, 28 Dec 2007 20:44:04 GMT

There is no lock icon online when I go to a secure website. I became concerned when I did not see the icon when ordering with my credit card. (I did not proceed with the transaction and did it at work where I received the lock icon at the same site). I tried it at ssl site login and still did not receive a lock icon.

I use IEexplore version 7.05730.11 on
Microsoft Windows XP Professional
Version 5.1.2600 Service Pack 2 Build 2600

If my connection is not secure, what do I do now. Is my computer compromised?
If the connection is secure, why don't I see the lock icon and how do I check the certificate at the site if I can't click it.

Secure Site But Bad Owner?

SomeoneSomewhere — Thu, 14 Feb 2008 13:55:09 GMT

Even though a website is secured, are the people behind the website able to decrypt or read my private information? (Because I have sent credit card information to purchase merchandise at a secure site, but the site didn't send me the merchandise, didn't charge me either, and the whole site went down after about 2 weeks after my initial purchase.)

The site was overstockclearancegifts.com

So were they able to get my credit card information?

SSL Icon Pop Up

Atech — Fri, 07 Mar 2008 07:13:36 GMT

Hi there people, just wondering if anyone can help me. Just helping a web designer out at the moment with a SSL certificates and was wondering if there was anyway in which I could have a small SSL logo image on the page so when you click or rollover the image you get the same certificate object info that comes up from the SSL padlock in the browser.

Any ideas would be great,

cheers,

Atech

Send SSL Handshake in PHP

ratcateme — Fri, 28 Mar 2008 02:35:22 GMT

I am trying to listen to a SSL encrypted socket in php i can do it unencrypted but i want make it SSL secure. i think i can use OpenSSL to generate the keys and encrypt all my data but i need to setup the SSL socket first at the moment i can get a CLIENTHELLO message (i think?) i have been reading this http://byerley.cs.waikato.ac.nz/~tonym/articles/ssl/node3.html.
this is what i think is a CLIENTHELLO message
22 3 1 0 92 1 0 0 88 3 1 71 236 172 216 51 252 244 143 175 89 178 23 107 66 116 16 107 65 11 184 6 74 98 11 167 16 79 241 21 148 25 235 0 0 48 0 57 0 56 0 53 0 22 0 19
I got this by connecting to my PHP script using the TLS protocol.
if someone could help me to understand how to get all the info from my CLIENTHELLO and how i should respond with a SERVERHELLO.

Scott.

Converting MS PK12 Certifcate File to Netscape Cert7 & key3 files

disturbed — Fri, 14 Mar 2008 08:29:16 GMT

In the company I work for I can only be issued with an MS PK12 certificate file. However, to get the application I am working with on Solaris to talk to our AD, I need to use Netscape cert7 and key3 files.

I know I can create these files with the Netscape browser, and certificate services/web server on our AD server, but our company policy forbids certificate services and web server to be run on an AD server.

I am searching for a utility to convert a PK12 file to cert7 and key3 files - has anyone else done this, and can you advise me which utility may help?

Many thanks.

openSSL certificates can be used in wireless environment?

thulasi — Thu, 13 Mar 2008 03:22:37 GMT

Hello friends ,
i want to use some Digital certificates in WAVE (wireless Access in vehicular Environment) system. Can openSSL digital certificates is suitable for this wireless environment?

reason for ssl error?

thulasi — Tue, 04 Mar 2008 06:02:06 GMT

Hello Sir ,
i am trying the "openSSL examples 20020110" client server program. when i trying to connect the client and server , server terminal showing the error "SSL read problem", client terminal showing the errors "Certificate doesnot verify" or "SSL connect error" . I try the programs with different " command line flag" options given in the program document, but the error remains the same . From the following link i download the programs
"http://www.rtfm.com/openssl-examples/"
Regards
Thulasiram

Why doesn't everybody have SSL?

ricnut — Sun, 23 Dec 2007 09:03:08 GMT

I don't get it. If it's so wonderful and secure, then why doesn't everybody just have it installed on their computer by default.

Also I just finished getting it to work, so what can I do with it now? I have my virtual host using the same directory, htdocs. Can you give me an example of some html code that would start a session. I'm thinking of regular site and the shopping cart will start the session.

Sorry I know I sound like I"m on dope, I 've been up all night trying to get it too work.

SSL Validation

dreamer_0244 — Mon, 10 Dec 2007 19:49:00 GMT

Hi! Good day! I would like to inquire if there is anyway to test or validate whether data transmitted through a browser to web server and vice versa were really encrypted.

Is there any means of validating (tools,software,etc.) if the SSL is working properly?

Thanks in advance!

Is SSL for all websites

adam — Wed, 11 Jul 2007 08:27:48 GMT

I was wondering if there were any reasons why an entire website shouldn't have SSL. If so, why? Are there tools to help make the decision?

Thanks,
Adam

ssl and style sheets

dylanreid — Fri, 11 May 2007 17:59:53 GMT

Hello All!

I recently inherited maintenance on a website using SSL (which i'm fairly new to).. my question is how to also ensure that the style sheets associated with my webpages are compatible with the ssl..

When I go to a page under the https protocol on my website, I get the familiar error "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?" Clicking "Yes" displays the page properly (though obviously not totally secure) and clicking "No" displays a working version of the page without the style sheets taking effect.

So my question is how to get these two working together.. I haven't had much success with google searches so I decided to come to the community! :]

Thanks for your help!

Dylan

SSL pages break on refresh

flamingvan — Tue, 13 Nov 2007 09:07:14 GMT

I'm running a LAMP server. At my company we use SSL for authentication, and I'm trying to access the environmental variable 'SSL_CLIENT_S_DN_Email' from my PHP scripts. I added the following lines to ssl.conf and I can access those variables:

<Directory "/var/www/html">
SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate +FakeBasicAuth
SSLVerifyClient optional_no_ca
SSLVerifyDepth 1
SSLRequireSSL
</Directory>

The problem is that the page loads normally in the browser once, but then it breaks until I clear SSL state. What could be causing that?

Thanks,

Moses

New SSL screwed up old site's SSL

scottmotte — Mon, 29 Oct 2007 11:34:34 GMT

Hi. I'm brand new to ssl & signed up for a temporary free SSL with instantssl.com.

I installed it on our new site (currently in test phase) at http://209.62.127.236 which will eventually be moved via DNS record changes to allprotools.com.

The next day, we had trouble accepting orders on our current site - allprotools.com. It seems to be an SSL issue.

Thoughts? I'm a bit confused.

Thanks in advance.

how do i get the pro, program off one pc to a new one

monika — Fri, 19 Oct 2007 00:56:28 GMT

am i at the right place? i have no clue. i need to move this music program to a new pc

Mobile phones certificates

besbello — Wed, 03 Oct 2007 02:44:31 GMT

Hi all,
I'm planning to purchase a CA server certificate to use with a J2ME aplication. But I've realized that each different mobile phone model (more if we talk about different companies) comes with a list of default CA certificates. We want our aplication compatible with as different phone models as possible, and we would also want to know which of them will connect to our server (https) and recognize the certificate. So...does anybody know where could we find a list of mobile phones telling which certificates each of them has installed by default? I've searching in the web, even at differente mobile phones companies webs, but I haven´t found it.
Thanks a lot

Changing WebServer - do I need new certificates?

kev1983 — Fri, 14 Sep 2007 03:28:02 GMT

I currently use Verisign certificates on an iPlanet webserver. I want to change to Apache. Can I use the same certificates? Has anybody done this? Any info would be much appreciated.

SSL Implementation in Java

Radhika — Fri, 03 Nov 2006 00:52:36 GMT

Hi to all
I am new to SSL topic and i am trying to implement SSL,so,please help me in this regard.
I am implementing SSL in JSSE(Java).We are developing our Application through self-signed certificate.

The client is implementing SSL on C Language and server on Java language.
How to communicate between these client and server .First i want to know how to generate keys,Certificates and how to exchange the certificates between client and server.

Give me one example in this regard.

Thank you

SSL/Exchange/Mobile sync problem

cataldo — Sat, 01 Sep 2007 00:24:27 GMT

Hi guys,

I just stumbled upon this site and I have a problem.

I have an exchange server which runs Outlook on the web fine. I am using SSL with a self signed cert.

I have a WM5 PDA which I want to sync with the server. If I take off SSL on the server it syncs fine but if I keep it on it simply returns

"Syncronization could not be completed. try again later."

I don't know much about SSL or certificates but I've followed a few forums and I've done what's been contained in the following article:

http://blogs.msdn.com/windowsmobile/archive/2006/02/27/ssl-certificates-201.aspx

I don't know how to fix this. am I dumb or is there something vital I'm missing. I'm sure you'll need more answers about mysetup..

Thanks

Cataldo

SSL Implementation for a Web Service in Java

naumanbasheer — Wed, 29 Aug 2007 00:25:32 GMT

hi im new to java programming.
I have to connect to a webservice that uses ssl security.
im using AXIS 2 to make a client of the webservice and i have the PKCS #7 file of the certificates of that website..

i installed the certificates, exported them to .cer files and used keytool and then used the following code:

System.setProperty("javax.net.ssl.trustStore","C:\\.keystore");

System.setProperty("javax.net.ssl.trustStorePassword", "123456");

and i encounter the following error:

Unable to sendViaPost to url[https://wrrs.comtrust.ae/ftpwebservice/upload.asmx]
org.apache.axis2.AxisFault: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed

what i need is to know how will i generate server ssl certificates in java

how to use 2 certificates on 2 servers to send secure information from 1 to other

lmedia — Thu, 23 Aug 2007 13:42:58 GMT

Hello,

I am involved in a project where we need to send personal info from one server to another. I have talked with godaddy about their cert. they said that it can be done and that each server would need a certificate. The sending server is running php and the receiving is asp. I need to contact the company that has the php server but am trying to learn how we will approach this. What will be involved in this? Any help is appreciated.

Lmedia

How do I get help from 360Share Pro?

jennifer38901 — Tue, 12 Dec 2006 13:22:33 GMT

I paid the $25 to become a member of 360Share Pro and it worked great for a while, but now every time I try to do anything it gives me a message that I'm not connected to the network. But when I try to go to the customer support tab, it tells me that I'm either not a member or my membership has expired. Does any one know how to contact these people?

Validation of remote server to client ?

BobM — Mon, 30 Jul 2007 17:04:46 GMT

Let us say I have a client side program that sends a file to a specific remote host via SSL. When the program connects via SSL, the clinet side SSL process says, "I want to connect to the specific host whose URL I have used to make this connection. But I require being sure I am connected to the remote host to which I expect to be connected. So I require the remote host to present to me a certificate that I can compare to the trusted certificates I have available in my keystore. If I find a match among my trusted certificates I will proceed with the connection, otherwise I will abort and report 'unable to find a valid path to the requested target'."

Now, ... what I want to confirm is that if I get a certificate from one of the trust authorities (verisign, thaught, geotrust, godaddy, etc) that If I import that certificate into my keystore (in my case, into jssecacerts in JAVA_HOME/jre/lib/security) that the client can validate that I am a trusted site by tracking through the "trust chain" established back to one of the base trusted certs already establishing in his cacerts file.

Is that the way it works? ... or not?

Thanks.

Why the hell hasn't SSL.com contacted me back?

oatez — Wed, 20 Jun 2007 16:37:52 GMT

It has been two weeks since I put in a request to reprocess a certificate and it says "domain pending validation." I have called last week, twice this week and sent an email without hearing any word. I am absolutely furious at SSL.com's lack of professional customer service, and their answering service when you call 1-877-373-2869 is as useless as a chocolate fireguard.

Domain Validation

aegis — Fri, 13 Jul 2007 05:39:35 GMT

I recently purchased an SSL certificate and configured it. Under Certificate Management it says: Pending Approval of Domain Validation. It has been over 24 hours. How long does it typically take for it to be validated? I contacted support yesterday and they have not gotten back to me.

Any help would be greatly appreciated.

How do I configure SSL without certification?

nanuganga — Wed, 14 Feb 2007 00:43:30 GMT

Hello,

I’m using tomcat web server. I have enabled SSL on port 8443.
My requirement is SSL encryption only. I don’t need server certification or client certification.

please let me know is it possible to have SSL without certificate. it's urgent please help me with this

thanks in advanced