All Questions

Tagged with
533 questions with no upvoted or accepted answers
Filter by
Sorted by
Tagged with
11votes
0answers
321views

What is the right way to validate a client TLS cert using the tls library in Haskell?

I have a working Yesod/Warp server. I would like to equip this server with the ability to allow admin users to authenticate themselves using client-side certificates. Additionally, I would like to ...
user avatar
9votes
2answers
6kviews

How to verify (and require) self-signed certificate in iOS

I'd like to create an SSL connection to my server using self-signed certificates that are shipped with the code in iOS. That way I don't have to worry about more sophisticated man-in-the-middle ...
user avatar
  • 2,646
7votes
1answer
4kviews

Microsoft EDGE - Security certificate required to access this resource is invalid

We are getting following error in Microsoft EDGE in our Dev environment when we run our ASP.NET Application Hosted in IIS 8 in Windows 2012 R2 Server. Error: XMLHttpRequest: Network Error 0x800c0019, ...
user avatar
7votes
2answers
1kviews

Is it possible to do a TLS handshake event in Tomcat?

I'm running an application (web service) in tomcat with TLS enabled (with certificates both for the client and the server). I want that my application will be able to send audit message (logging) ...
user avatar
6votes
0answers
1kviews

HTTPS TSL Certificate Chain Validation Using Python Requests

I'm running a windows service using python 2.7.9. As part of it i'm trying to connect to a server using HTTPS. I'm using requests model (2.7.0) to do it. I'm also using wincertstore (0.2) model to ...
user avatar
  • 854
6votes
0answers
2kviews

X509Chain seems to be ignoring RevocationMode and VerificationFlags

I'm having issues using a client certificate to authenticate an HttpWebRequest. (The client certificate isn't being sent). After some investigation, this seems to be because the certificate isn't ...
user avatar
  • 25.7k
5votes
0answers
788views

Could not establish secure channel for SSL/TLS with authority 'server name" -ramdomly occuring

We are getting an intermittent error “Could not establish secure channel for SSL/TLS with authority 'server name’” while calling one of our services. Not all the requests are failing but some of the ...
user avatar
  • 51
5votes
1answer
3kviews

Universal way to authenticate clients and secure a RESTful api

I've been digging through stackoverflow / security.stackexchange threads and getting no definite answers on providing a universal way for clients to securely consume RESTful services I'm am building ...
user avatar
  • 494
5votes
1answer
2kviews

Connect to web server via Phonegap with SSL and Certificate

That's all about Phonegap Android and iOS application build on JS. We have a server with method: - Authorize(login,pass) which return certificate.p12 file (PKCS#12). Also server has methods, which ...
user avatar
5votes
2answers
2kviews

Mutual SSL - how much authentication is sufficient?

Suppose you have a mutual SSL service, which in addition to the SSL, has application authentication. Thus, clients provide certificates (as well as servers), but the client request (e.g., REST ...
user avatar
  • 4,992
4votes
0answers
297views

How to setup a secure communication between desktop app with websocket server and a web page?

I am developing a desktop application that starts a websocket server, so that web pages/clients served by other web servers can call the desktop app to perform some actions requiring OS APIs not ...
user avatar
  • 101
4votes
0answers
1kviews

Assistance with Audit Failure 4625 messages caused by WCF netTcpBinding with clientCredentialType Certificate

We are having a considerable number of Audit Failure Events (4652) coming through to the Windows Event Log, caused by our WCF services. Question Does anyone know why we could be receiving these ...
user avatar
  • 176
4votes
0answers
4kviews

Path does not chain with any of the trust anchors, when working with custom jks file

2016-11-05T18:34:42.381+0530|Severe: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Path does not chain with any of the ...
user avatar
  • 632
4votes
0answers
307views

Standalone DartVM: Self-Signed Certificates and SSL

I've been struggling recently with using the standalone DartVM and SSL as a client. I'm of the understanding that Dart uses Mozilla NSS to manage the certificates. What I'm having a problem wit, is ...
user avatar
  • 275
4votes
0answers
2kviews

request.GetClientCertificate Returns null on Specific Server

I'm using client certificate authentication in an ASP.NET Web API 2 application. I attach the cert to the client like so: private HttpClient GetHttpClient() { HttpClient client = new ...
user avatar
  • 41
4votes
0answers
84views

How to build the Apple's library with the SSL bug intact?

How can I build the library with the now-famous SSL bug that came to light in February 2014? I've seen this article, which has a link to the vulnerable version of sslKeyExchange.c source file, but it'...
user avatar
  • 6,030
4votes
1answer
172views

Verifying that message came from a specific app/end point

I'm trying to build a secure system for transmitting data from a client Android app to a web server running PHP. What I want to do is ensure that the system is cryptographically secure in such a way ...
user avatar
4votes
0answers
1kviews

WCF + Client Authentication by Certificate

i'm running a WCF service which should only accept clients which are able to authenticate theirself by a ssl client certificate. As security mode i'm using transport security. It is required that the ...
user avatar
4votes
2answers
268views

Does the certificate a SSL connection/state "points" to change if I load a new certificate in OpenSSL?

I am building an application that will enable users to connect to the same server. Rather than the application/device using its own certificate/private key, it is important to ensure that each user ...
user avatar
  • 775
3votes
0answers
2kviews

TLS 1.3 support for .Net 4.0

I have an application compiled to in .Net 4.0(require this to support backward compatibility) and it does support TLS 1.2 when we install a higher .Net version(4.5.2) on the workstation. Does this ...
user avatar
3votes
1answer
33views

Can a application built with server certificate inserted in it?

I have a client a application which is distributed to multiple clients. Sometimes this application acts as server for some processes.I want the communication to be over ssl. I want to insert the ...
user avatar
3votes
0answers
318views

Connecting to neo4j from ruby

Currently I'm having problems connecting to a local neo4j instance with Ruby. I have the mac version of neo4j desktop running. My ruby version is 2.6.5 and gem versions: neo4j (9.6.0) neo4j-core (9.0....
user avatar
3votes
0answers
578views

How to bypass SSL Pinning of an Android App

I want to bypass the SSL pinning of an Android app using the Frida Server method. I have followed the whole process described in this (https://blog.it-securityguard.com/the-stony-path-of-android-%F0%...
user avatar
  • 653
3votes
1answer
101views

How to handle web apps requiring secure context in intranets?

I have a web application that will be used by customers in intranets. It uses features that require a secure context, such as getUserMedia. What is the best practice for this these days? Customers ...
user avatar
  • 726
3votes
1answer
2kviews

Java: Determine type of KeyStore from Keystore file

So I have an application in which I'm allowing the user to configure the server with HTTPS. The server uses Undertow. To add a HTTPS handler to Undertow, I need to make a call to Keystore.getInstance("...
user avatar
3votes
0answers
2kviews

Integrating Security to Kafka 1.0 with SSL Enabled

I am unable to integrate security to Kafka 1.0 with ssl enabled. Here are changes to my server.properties security.inter.broker.protocol=SSL listeners=PLAINTEXT://localhost:9092,SSL://localhost:9094 ...
user avatar
  • 699
3votes
0answers
245views

Is that safe to send sensitive data via RabbitMQ messages?

I need to send sensitive data via RabbitMQ. How messages are stored in queue, when ssl is used? Is it guaranteed that noone can get access messages without certificate or i need to somehow encrypt ...
user avatar
3votes
0answers
54views

SSL between web apps on same machine

I have two java web applications installed on the same machine communicating over HTTP, security is a big concern because application A validates the license of application B. I believe that it doesn'...
user avatar
  • 115
3votes
0answers
1kviews

How to configure WCF client with certificate to use the 'anonymous' authentication scheme?

I have a pair of client and server apps who use wcf in order to pass data one way from the client to the server and it has to happen in custom binding with https and X509 certificate authentication ...
user avatar
3votes
0answers
2kviews

Host name verification in Spring Web Services

I'd like to inquire on the origins of the difference in host verification behavior I'm observing with Spring Web Services, 2.2.2.RELEASE (under Spring Boot 1.3.0.M4) on Java 1.7. When configuring the ...
user avatar
3votes
0answers
205views

Logjam determine if site is vulnerable

Recently one more TLS attack was published: Logjam. The issue has a really clear description and demonstrated that sites that use 512 key size are vulnarable and it takes up to 10 mins to "decrypt ...
user avatar
  • 4,128
3votes
0answers
536views

Diffie-Hellman min key size for different browsers

I am interested in whether there is somewhere described what is the min size of Diffie-Hellman key that is supported for each browser. As I know modern browsers don't allow this key to be downgraded ...
user avatar
  • 4,128
3votes
0answers
4kviews

SOAP client over SSL: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I am working with remoted SOAP service through the HTTPS (HTTP over SSL) and I've generated my client classes with axis WSDL2java tool. So, I use Axis2 client, i have tried Axis too, here wasn't ...
user avatar
3votes
1answer
8kviews

Debug Java SSL Handshake using -Djavax.net.debug=all

My Node.js client is connecting to a Java server with SSL. It seems to work up until the CertificateVerify where then I get a cache session, and my client prints SSL Couldn't Authorize. Here is a ...
user avatar
3votes
1answer
570views

java.security.InvalidKeyException: PBES2 AlgorithmParameters not available

Trying to do a TLS handshake between a client and server. However it is failing the change cipher specification step. Also on the client end am receiving a exception as outlined below: I am not able ...
user avatar
  • 31
3votes
0answers
9kviews

PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors

I have a certificate(signed by a ca) added to my truststore, but when I try to access it via the following code, I get the exception, PKIX path validation failed: java.security.cert....
user avatar
  • 1,924
3votes
2answers
10kviews

SSL certificate error for IE users only

I recently migrated to a new server (CentOS with plesk 11.0) and installed a new SSL certificate for my domain. Problem now is that any IE user has the error "there is a problem with this website's ...
user avatar
3votes
0answers
9kviews

javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

I want to establish a secure channel between a client and server using Java SSL session. I followed the following link http://www.herongyang.com/JDK/ssl_https.html to establish the connection after I ...
user avatar
  • 53
3votes
0answers
540views

Why don't I get hostname mismatch error on localhost?

If I have a valid signed SSL cert, I can see the CN (common name) attribute does not have localhost or the LAN IP - but I do not see an SSL error "ssl_error_bad_cert_domain" when I connect to https://...
user avatar
  • 10.6k
3votes
0answers
1kviews

Secure licensing system for iOS app

A few similar questions have been asked before on SO, but I've yet to find one that pinpoints exactly what I'm trying to do. I have an iOS app that I'm trying to build a reasonably secure licensing ...
user avatar
3votes
2answers
2kviews

how to switch between Http and Https in asp.net

i want to apply SSL security on few pages of my website. Do you have any idea for it? Can you tell me how i can switch between Https and Https? Actually the matter is i have big web application and i ...
user avatar
  • 6,269
2votes
0answers
65views

Certificate Transparency check failing in Charles Proxy

I tried sniffing packets on my iOS app using Charles proxy. I added the Charles Proxy certificate on my iPhone trusted certificate store. I have the certificate transparency flag for my app turned on, ...
user avatar
  • 1,644
2votes
0answers
561views

NGINX SSL has an error ERR_SSL_VERSION_OR_CIPHER_MISMATCH for specific domain only

unfortunately got ERR_SSL_VERSION_OR_CIPHER_MISMATCH using cloudflare It’s show something like below : Unsupported protocol The client and server don't support a common SSL protocol version or cipher ...
user avatar
2votes
0answers
234views

Java SSLSocket/ServerSocket: Handshake failed when forcing TLSv1.2 on Android

Basically I am using SSLSocket to connect from an Android device to a SSLServerSocket for transmitting application data. I got myself a cert from LetsEncrypt and combined fullchain.pem with privkey....
user avatar
  • 21
2votes
0answers
52views

Can I use free proxies with curl safely

Can I be sure my communication won't be readable connecting to https websites through free proxies using curl like that: $curl=curl_init(); curl_setopt($curl, CURLOPT_CAPATH, $mycapath); curl_setopt(...
user avatar
  • 2,013
2votes
0answers
132views

How to secure thrift php client with ssl

I'd like to secure my thrift traffic. I read this article which provides step by step guide to secure with ssl: https://dzone.com/articles/how-secure-and-apache-thrift I'm managing with a php client. ...
user avatar
2votes
0answers
117views

Secure cookies flag always getting lost in first session after resetting IIS

Looking for solution for ASP.NET_SessionId should always be secure flag true when request is from secure connection. Below Steps are done to achieve - 1) Created MVC Project 2) Added below code ...
user avatar
2votes
0answers
1kviews

How to send raw data in tls in scapy?

There were packets captured by Wireshark sent by a fuzzing tool, and I'd like to craft to resend the packets in tls by scapy. Here is the malformed packet captured. The pattern is \x18\x03\x01\x00\...
user avatar
  • 21
2votes
0answers
1kviews

System.Security.Authentication.AuthenticationException(A call to SSPI failed)

Found many such posts on StackOverflow, but none of solving this problem. We are getting this exception since last few months and struggling to fix it. Only a few of the requests(around 10) per hour ...
user avatar
  • 491
2votes
0answers
119views

Does WCF client support OCSP stapling?

I'm calling a SOAP service with a .Net WCF proxy client class. Is it possible to improve CRL checking performance by using OCSP stapling? I have looked at the X509ServiceCertificateAuthentication....
user avatar
  • 2,648

15 30 50 per page
1
2 3 4 5
11