I could use some help finding how-tos and walkthroughs for generating and installing self-signed SSL server certificates, managing SSL client certificates, and setting up external WebDAV over SSL access on Windows Server 2012 + IIS 8 to a large existing Windows Server 2003 file server currently reachable only via the LAN, keeping existing user access rules. [more inside]
posted by flabdablet
on Feb 7, 2014 -
In some of the Edward Snowden articles they mentioned that the NSA put back doors into web standards like SSL. Is anyone trying to find them? What the latest news about it?
posted by cupcake1337
on Dec 21, 2013 -
I Have no https access. i have done all obvious things. I have run virus scans, cleaner, system restore and all procedures recommends by Microsoft to no avail. problem is.on both IE and Firefox so not a browser issue. I spent two hours with tech.support. nothing. I can bypass and access through some proxy servers. have run checkdisc etc. There was no change made to my hardware or new software but it did happen just after Windowsupdates were installed. I do not have a windows disk. I am using Vista. Excuse my mistakes, I am typing on my phone. any suggestions? I am thinking it has something to do with SSL Certificates.
posted by alltomorrowsparties
on Dec 30, 2012 -
Question for the hard-core commerce and security geeks: Always-on SSL, or AOSSL.
Last spring The Online Trust Alliance
, or OTA, started a PR campaign to convince folks who manage web sites to use SSL to secure the entirety of their web sites — not just forms and checkout pages. OTA points out that some large social sites (Twitter, Facebook, Google) — folks for whom the customer is the product — have implemented AOSSL, or are in the process of doing so.
Who I *don't* see coming on-board are large and highly trafficked e-commerce sites. By my survey, none of the top 100 eCommerce vendors (using Internet Retailer's list) have implemented AOSSL, and I'm wondering if there's a reason why... (more inside). [more inside]
posted by deCadmus
on Dec 13, 2012 -
SSL, licences, and migrating a website. Old server has an SSL certificate. New one has not. Not using HTTPS. Will visitors see any warnings or otherwise perceive the change? [more inside]
posted by alasdair
on Nov 15, 2012 -
What's the best way to handle an electronic signature on a website-hosted submission form? [more inside]
posted by fijiwriter
on Oct 20, 2011 -
I have a very odd problem and am not sure where to turn since I have run into silence on various tech forums. Here's my issue. I have a site Magento site that is a combination of Wordpress header and footer and Magento creamy center. When checking out you the customer see's that the site is unsecure. Not good. [more inside]
posted by misterpatrick
on Aug 31, 2011 -
An IIS web server won't respond to port forwarded requests from the world on 443, but will reply to port forwarded requests on port 80. The IIS web server will answer on 80 and 443 on the LAN. I tried a new router, as well. [more inside]
posted by Runcible Spoon
on Apr 30, 2011 -
VPN/SSL question - Expert Help Needed! I would like to connect to a Usenet provider through a VPN. The Usenet provider offers an SSL connection. The VPN will be an OpenVPN connection. My understanding is that, under this scenario: the usenet provider will know what files I download but not my IP address or who I am (setting aside billing information), while the VPN provider will know my IP address and what Usenet provider I connect to, but not what files I download. Is that correct? [more inside]
posted by trystero
on Mar 21, 2011 -
WordPressFilter: Is there a way to host the public site on one domain (bar.example.com) and the admin interface on another (foo.example.com/bar)? Some serious Apache/WP wizardry needed. [more inside]
posted by sbutler
on Nov 12, 2010 -
I'm putting together a publicly-available web service/application and have some security questions. [more inside]
posted by syzygy
on Sep 3, 2010 -
No browser can do https to Google (and only Google) for one user on a multi-user Mac. What's going on here? [more inside]
posted by eafarris
on Jul 31, 2010 -
I am looking for an email hosting provider that support IMAP, SSL, and webmail access. I have four (4) domains and each of them has two (2) email accounts associated with them. Some of the features I am looking for are as follows ...
posted by DerekTheGeek
on Jun 8, 2010 -
- SSL access (with properly signed certificate; i.e. no self signed)
- WebMail access
- IMAP IDLE (i.e. Push Email)
- Mobile friendly access
- Use my own domains
Anyone know of an RSS reader for iPhone that supports SSL and authentication, and does NOT use an online aggregator? [more inside]
posted by aberrant
on Aug 30, 2009 -
Iranian firewallfilter: How to make SSH traffic not resemble SSH traffic, when examined by a deep packet inspection device (Ellacoya, Narus, etc)? Other advice on specific types of VPN from within Iran also welcome. [more inside]
posted by thewalrus
on Jun 22, 2009 -
I need my customers to send me confidential data with a payment. I work for a regulatory agency that currently collects applications in paper based form with a physical signature including a check for payment. We would like to implement a industrial strength 'e-filing' solution. Where do I start? My Google-Fu and Delicious-Fu are failing me. I need to find information on 2009 best practices for capturing data ( e-forms, rest, edi ), identity management, security ( digital certs, etc ), and payment gateways ( direct debit, credit cards ). I also need to know what vendors are leading in these spaces. I am not really looking for a 'e-commerce' solution. I am looking for a 'secure electronic forms submission with payments and non-repudiation' solution. My company would need to host this in our data center. I would like to offer my customers multiple ways to submit and pay.
posted by kaizen
on Jan 15, 2009 -
I want to know what phone I should get to be able to use vpns and ssh to linux machines [more inside]
posted by alkupe
on Dec 18, 2008 -
Help Apache gurus! How do I setup a virtual host when SSL terminates before my Apache server? [more inside]
posted by vacapinta
on Oct 7, 2008 -
Apache and Tomcat strangeness... a page in my app throws a 404... but only when using SSL on a single server. [more inside]
posted by utsutsu
on Aug 1, 2008 -
I need a private, secure blog that will store my posts in an encrypted form. Does one exist? [more inside]
posted by perrce
on Jul 23, 2008 -
How do I tell firefox3 to stop checking ssl certs. I access many sites using self signed ssl certificates and up until now that was fine but now I have encounter two self signed certs that have the same serial number and firefox wont even let me add an exception. I cant even access the second site. How do i just tell firefox I don't care if a site is using a bad ssl cert.
posted by DJWeezy
on Jul 17, 2008 -
Can an ssl-encrypted page call data from another site/domain via an API without compromising its encryption? I want to add a cool feature, but I don't want customers to encounter a warning that the page asking for their credit card info "contains both secure and non-secure items."
posted by subpixel
on Jul 7, 2008 -
Is there a hosting service that will provide me a directory to put some simple https (SSL) content without a lot of $$$ and effort? [more inside]
posted by tinkertown
on Jun 5, 2008 -
Can someone help me understand the relationship between the bit size of an SSL certificate and the size of the session key used? (If any). [more inside]
posted by cayla
on May 14, 2008 -
Merchant account versus just paypal/google checkout, for a handcrafts site that will offer some high-end items (c. $20 to $180 range)?
posted by lorimer
on Mar 10, 2008 -
I'm having problems re-installing an SSL certificate. It keeps giving me the old certificate. [more inside]
posted by missmagenta
on Feb 2, 2008 -
I need a cheap, trustworthy, reliable certificate for a web application for a non-profit, and a walkthrough on how SSL is set up and used. [more inside]
posted by Tuwa
on Oct 20, 2007 -
What's acceptable and best practice when it comes to passing data in on websites securely and non-securely? I've always presumed finanical information should be passed securely, whilst names and address were OK non-securely? Am I right? [more inside]
posted by Ulleskelf
on Apr 11, 2007 -
How do I encrypt my http traffic so my company can't read it? Oh, did I mention SSL is no longer an option since they intend to decrypt all SSL traffic that passes through their proxies? [more inside]
posted by Spoonman
on May 11, 2006 -
What's the cheapest way to get an SSL certificate (for serving HTTPS connections)? Obviously I'd want the company selling these certs to be listed in most browsers as a trusted authority.
posted by LukeyBoy
on Dec 23, 2004 -
Firefox problem... Firefox has suddenly stopped allowing SSL pages. I've went into Tools/options/ and checked use SSL 2.0 and 3.0, and tried using just 2.0, but some sites that have always worked in the past have stopped working. Firefox 1.0 on a computer running XP.
posted by drezdn
on Sep 24, 2004 -
An acquaintance who travels overseas frequently would like to scan and store her important identification (passport and driver's license) along with her credit cards, and store the images securely online. We would like to make the documents easily accessible to her through a Web page, but otherwise secure. I have offered her some space on my shared server, and while I have some ideas about how to secure things, suggestions would be useful.
posted by tranquileye
on Apr 22, 2004 -
I'd like a signed ssl certificate, as signing it myself leads to warnings from both Internet Explorer and Safari.
signs 128 bit at $895, which seems ridiculous to me.
Does anyone have positive experience with other trust vendors
posted by the fire you left me
on Mar 2, 2004 -