Access a SSL-enabled server
Hi,
I'd appreciate it if somebody gives me a response or a hint. I want to send a request to a remote SSL-enable server from my application deployed in Tomcat. Is there any way to do it (like configure Tomcat) other than developing SSL java codes? I know that my question does not make much sense but it is nice to know if there would be some settings that allow 2 servers communicate each other on SSL level. Thank you
Hi cjmose,
Thank you for your response.
I'm not really sure I understand your question. I assume you mean that you have a j2ee app deployed in one container, and the business logic in that app needs to communicate with another container on a separate server via ssl?
Yes
In that case I imagine you need to use jsse and use either an https or sslsocket to connect to the other server and do what you need to do...
I'm developing new codes using jsse1.0.3_04 and HTTPClient (this package claims that it supports https). However, I got an exception HTTPClient.ProtocolNotSuppException when I call
new HTTPConnection("https", "someserver", -1);Do you know how to fix this problem? Thanks
Similar Messages
-
Problems in accessing an SSL enabled site through Weblogic 6.1
Hi,
We want to connect to an SSL enabled site (https://test.SalesForce.com) through Weblogic 6.1. We are using JDK1.3.1_08 and Apache axis.
We have followed the appropriate steps explained in the URL -
http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html
As mentioned in the above link, we made the configurations in JDK 1.3.1_08 to put the jsse.jar and other important JARs in jre\lib\ext folder and also updated the java security file to add the proper "Provider".
After that we tried to execute the test application to connect to an SSL site specified in it. It is a stand alone Java application and connects to the site and reads the bytes of the home page and displays them on the console.
When we tried to connect the SalesForce test site, we figured out that we were able to connect to the site and were able to read entire stream of bytes.
Then we copied the same code in a sample JSP, set the JDK1.3.1_06 as the JAVA_HOME for Weblogic6.1 and tried to connect to our test site through that JSP.
We observed that it is connecting to the site but reading just a few initial bytes and not the entire stream.
When we tried the same steps with Weblogic8.1 and JDK1.4.2_X, it works fine and reads the entire page with Weblogic8.1 as client.
So, we observed that the standalone application works fine with JDK1.3.1_08, it also works fine on the the Weblogic 8.1 and JDK1.4.2_x combination, but when we use Weblogic6.1 and JDK1.3.1_08, it does not work properly.
Is there any setup issue in Weblogic 6.1 regarding connecting to a SSL enabled site?
Our actual problem scenario is a bit different than this, but we are sure that it is related to this situation and a solution to this problem can resolve the actual problem.
Another question we have is do we need to configure SSL in Weblogic 6.1 and also care for installing certificates evenif Weblogic 6.1 in this case is a mere client?
We have tried to connect to the same site using Weblogic 8.1 and JDK1.4.2_X. We did not require any kind of certicates in that case. Hence I want to clear my doubt.
Please help.Hello,
Just wondering if you ever found a solution to this problem. We are suffering just about the exact same issue, where our environment with WebLogic 6.1 SP4 cannot access an SSL enabled site, but our WebLogic 8.1 SP2 upgrade environment can. The only difference we've been able to pinpoint is that our 6.1 server connects via TLS1.0 (SSL3.1) and our 8.1 server connects via SSLv3 (SSL3.0). Does anyone know how to control which version of SSL WebLogic 6.1 uses? -
10.6.2 - Unable to access Wildcard SSL websites as Regular User, Admin OK
Hello,
I ran into a weird problem with Snow Leopard 10.6.2 after some of the recent updates on Snow Leopard 10.6.2:
*If using a standard user account (one that cannot administer the machine), I am unable to access any SSL enabled website that uses a wildcard certificate*
If I switch to the main account (or any account that can administer the computer) then all is OK and the wildcard SSL website comes right up!
Here is a website to test on: https://vsi.powerschool.com (it uses a *.powerschool.com wildcard certificate)
This behavior started just recently, as apple must have done some changes, but I cannot seem to find a fix, can anyone PLEASE help?
Thanks in advance!
Stefan.I did get a "stock" response from Apple support, and I am pasting it below.
While it may help some of you, for me it is NOT a solution. It is as if Apple does not even want to acknowledge this major bug.
I temporarily got around the problem by identifying that the parental controls are actually blocking DNS resolution, and not access to the sites themselves!
Therefore, I added the wildcard SSL website to the /etc/hosts file with it's corresponding IP address as to bypass DNS lookups for it. As long as the IP address does not change all will be OK, so I still do not consider this a fix.
=========== Apple Response ==========
+Secure (HTTPS) websites need to be added to the list of allowed sites (white list). For each site that needs to be added, use the "host" command in Terminal with the domain name to obtain its IP address, then use the host command with the IP address to obtain the reverse domain name. For example:+
+$ host gmail.com+
+gmail.com has address 74.125.127.83+
+gmail.com has address 209.85.225.83+
+gmail.com has address 74.125.79.83+
+gmail.com mail is handled by 30 alt3.gmail-smtp-in.l.google.com.+
+gmail.com mail is handled by 5 gmail-smtp-in.l.google.com.+
+gmail.com mail is handled by 10 alt1.gmail-smtp-in.l.google.com.+
+gmail.com mail is handled by 20 alt2.gmail-smtp-in.l.google.com.+
+gmail.com mail is handled by 40 alt4.gmail-smtp-in.l.google.com.+
+$ host 74.125.127.83+
+83.127.125.74.in-addr.arpa domain name pointer pz-in-f83.1e100.net.+
+In this case, the result is "1e100.net" (ignoring subdomains), which is different than the domain we started with. Therefore, add both "gmail.com" and "1e100.net" to the white list.+
+Repeat these steps for each secure site that needs to be accessed in Parental Controls.+
====================================== -
To support certficate based client authentication using 2-way SSL from a standalone java application which uses JNDI and JSSE1.0.2 to connect to an SSL enabled LDAP Server how do we configure the certmap.conf?Is there any additional setup required at the LDAP Server side apart from enablinf SSL with the option"Required Client Authentication" enabled.The 2 way SSL handshake goes through but the access log file (After configuring the certmap.conf for the issuer DN of the client certficate etc..)shows SSL failed to LDAP DN?But inspite of this access log error the Java client does get an SSL Connection object with which it is able to connect to the LDAP.IS the certmap.conf file being looked up by the LDAP Server at all?
have you out.flush() and out.close() before you call connection.getInputStream()?
-
Starting Server with SSL Enabled
I want to start iplanet directory server 5.1 with SSL Enabled, but It always ask me PIN Token.
I write slapd-test-pin.txt file as following :
slapd-test-pin.txt
-------begin-----------
Token:test123456
-------end ------------
I put the slapd-test-pin.txt into /usr/iplanet/server/alias
then, I restart directory server from command line.
/usr/iplanet/servers/slapd-test/stop-slapd
/usr/iplanet/servers/slapd-test/start-slapd
What's wrong ?
Thank you !!!!I have a similar problem. I actually do set the correct format of certidcate db password file but the server stll does not start but reports the following:
[26/Sep/2003:17:21:11 -0400] - Sun-ONE-Directory/5.2 B2003.143.0014 (32-bit) starting up
[26/Sep/2003:17:21:11 -0400] - ERROR<12362> - Connection - conn=-1 op=-1 msgId=-1 - PR_Bind() on address <all interfaces> port <636> failed : error -5966 (Access Denied.).
I installed the certificate correctly. It was obtained from VeriSign with a ds 5.2 generated request.
Any ideas?
Thanks in advance! -
I am trying to allow guests on windows to connect to shares on my Lion server but it keeps asking for a password for guest. I have allow guest users to access this share enabled but it still does not work.
Ditto. Guest accounts shouldn't have a password. No way to enter one in System Prefs...
-
Can port 25 be used for SSL-enable SMTP server ?
Hi,
Our customer is using port 25 for a SSL-enabled SMTP server without certificate. When our email client tried to connect to it, the following exception thrown:
DEBUG SMTP: exception reading response: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
Since we don't want to ask our customer to change their port configuration unless absolutely necessary, we did some tests with our own SSL-enabled SMTP server that uses certificate. Here is what I got:
1) with port 25, got the same exception as above;
2) with port 465, worked fine;
3) with any other randomly pick up valid port, worked fine.
This made me wonder if 25 is for non SSL SMTP server ONLY. By the way, I'm using Javamail 1.3.4 and JSDK 1.4.2_02. My question is whether we can configure javamail so that port 25 can be used by SSL-enabled SMTP server?
Your help will be appreciated.Yes, port 25 is intended for non-SSL servers only, although that doesn't
prevent a client from making a plain text connection and then using the
STARTTLS command to switch the connection to SSL/TLS. JavaMail 1.4
supports that usage.
You can configure JavaMail to use port 25 for SSL connections if you
really want to. JavaMail 1.3.x requires you configure an appropriate
socket factory to get SSL connections; you can configure whatever port
you want for use with that socket factory. -
Hi,
We develop a server-side application which receives incoming https connections using self-signed certificate. It was all ok while we were using Windows 7 or Windows 2008 as OS, but when our clients started installing Windows 8 as server OS they encountered
big problem: application got unavailable in few hours after start.
In event logs we have following:
A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
After restart, application recreates certificate and all works normal few hours till next fatal error.
This
article did not help us. And I repeat that this error appears only on Windows 8 (we tested on Windows 8.1). Windows 2012 Server we did not test yet.
How we can solve this problem?
Best regards.Hi,
Since this article released in 2008,I suspect the code mentioned in this article doesn't supprot Windows 8.
And since the certificate was written by C#,I suggest you submit a new case on MSDN Forum as they will be more professional on your issue:
https://social.msdn.microsoft.com/Forums/en-US/home
Regards,
Kelvin hsu
TechNet Community Support -
IHat : connecting to an SSL-enabled opmn notifcation server
I'm having trouble connecting iHat to an app server
instance, where the opmn.xml file contains
<notification-server>
<port local="6100" remote="6200" request="6003"/>
<log-file path="$ORACLE_HOME/opmn/logs/ons.log" level="4" rotation-size="1500000"/>
<ssl enabled="true" wallet-file="$ORACLE_HOME/opmn/conf/ssl.wlt/default"/>
</notification-server>
In the ons.log I get errors
... :6200 SSL handshake failed
Has anyone had any success working around this problem?
Thanks
- Charles PoulsenClear the cache and the cookies from sites that cause problems.
"Clear the Cache":
* Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now"
"Remove Cookies" from sites causing problems:
* Tools > Options > Privacy > Cookies: "Show Cookies" -
EPMA Dimension server won't start using SSL enabled Database
Has anyone had any luck configuring EPMA 11.1.2.2 or 11.1.2.1 EPMA Dimension server with a JDBC SSL connection? I am using the following url to configure my SSL-enabled database:
jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=slc00qox)(PORT=1529))(CONNECT_DATA=(SERVICE_NAME=slc00qox.us.oracle.com)))
and the Dimension server won't start. Other Foundation, Essbase and Reporting repository connections work with same URL. Getting an error in Event Log:
Service cannot be started. Hyperion.DimensionServer.Interface.Exceptions.EPMAServiceException: Cannot initialize the Session Manager. ---> Hyperion.CommonServices.Exceptions.SessionManagerException: Session Manager could not start because database connectivity could not be established. ---> Oracle.DataAccess.Client.OracleException ORA-12537: TNS:connection closed at Hyperion.DimensionServer.SessionManager.SessionManager.InitializeSqlConnectionString()
--- End of inner exception stack trace ---
at Hyperion.DimensionServer.SessionManager.SessionManager.InitializeSqlConnectionString()
at Hyperion.DimensionServer.SessionManager.SessionManager.Initialize(String configFileName, Boolean restorePastInstanceSessions, Boolean enableCaching)
--- End of inner exception stack trace ---
at Hyperion.DimensionServer.Service.Main.InitializeSessionManager()
at Hyperion.DimensionServer.Service.Main.Start()
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
AND
[EPMA Server Startup] ERROR SVR_ERR_PROCESSMGR_CANT_INIT_SESSIONMGR:Cannot initialize the Session Manager.Hyperion.DimensionServer.Interface.Exceptions.EPMAServiceException: Cannot initialize the Session Manager. ---> Hyperion.CommonServices.Exceptions.SessionManagerException: Session Manager could not start because database connectivity could not be established. ---> Oracle.DataAccess.Client.OracleException ORA-12537: TNS:connection closed at Hyperion.DimensionServer.SessionManager.SessionManager.InitializeSqlConnectionString()
--- End of inner exception stack trace ---
at Hyperion.DimensionServer.SessionManager.SessionManager.InitializeSqlConnectionString()
at Hyperion.DimensionServer.SessionManager.SessionManager.Initialize(String configFileName, Boolean restorePastInstanceSessions, Boolean enableCaching)
--- End of inner exception stack trace ---
at Hyperion.DimensionServer.Service.Main.InitializeSessionManager()
at Hyperion.DimensionServer.Service.Main.Start()As you have backup you can try this:
Restore your master database backup to another instance of SQL Server and in the "To
database:" section of the Restore Database dialog box, use an alternate database name such as "recover_master" to avoid conflict with the master database on this instance of SQL Server. This will cause the mdf/ldf to be named "recover_master.mdf"
and "recover_master_1.ldf". Then detach the
recover_master database, go into the file system, copy the recover_master.mdf and recover_master_1.ldf to the instance of SQL Server with the corrupt master database. Delete the corrupt master.mdf and mastlog.ldf files, rename recover_master.mdf to master.mdf,
and rename recover_master_1.ldf to mastlog.ldf. Now you're ready to try starting the SQL Server service again!
http://blogs.technet.com/b/fort_sql/archive/2011/02/01/the-easiest-way-to-rebuild-the-sql-server-master-database.aspx
Once master is online you can restore other database. -
Running ISA Scripts from SSL enabled IOP server?
When attempting to run a script from an SSL enabled IOP server, scripts no longer run.
Is there a setting to enable the script to utilize the appropriate SSL port?
Thank you.Can you please elaborate some more information on the above post.
-
I need helping configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.
I have attempted to configure rdp access but it does not seem to be working for me Could I please ask someone to help me modify my current configuration to allow this? Please do step by step as I could use all the help I could get.
I need to allow the following IP addresses to have RDP access to my server:
66.237.238.193-66.237.238.222
69.195.249.177-69.195.249.190
69.65.80.240-69.65.80.249
My external WAN server info is - 99.89.69.333
The internal IP address of my server is - 192.168.6.2
The other server shows up as 99.89.69.334 but is working fine.
I already added one server for Static route and RDP but when I try to put in same commands it doesnt allow me to for this new one. Please take a look at my configuration file and give me the commands i need in order to put this through. Also please tell me if there are any bad/conflicting entries.
THE FOLLOWING IS MY CONFIGURATION FILE
Also I have modified IP information so that its not the ACTUAL ip info for my server/network etc... lol for security reasons of course
Also the bolded lines are the modifications I made but that arent working.
ASA Version 7.2(4)
hostname ciscoasa
domain-name default.domain.invalid
enable password DowJbZ7jrm5Nkm5B encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Vlan1
nameif inside
security-level 100
ip address 192.168.6.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 99.89.69.233 255.255.255.248
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
dns server-group DefaultDNS
domain-name default.domain.invalid
object-group network EMRMC
network-object 10.1.2.0 255.255.255.0
network-object 192.168.10.0 255.255.255.0
network-object 192.168.11.0 255.255.255.0
network-object 172.16.0.0 255.255.0.0
network-object 192.168.9.0 255.255.255.0
object-group service RDP tcp
description RDP
port-object eq 3389
object-group service GMED tcp
description GMED
port-object eq 3390
object-group service MarsAccess tcp
description MarsAccess
port-object range pcanywhere-data 5632
object-group service MarsFTP tcp
description MarsFTP
port-object range ftp-data ftp
object-group service MarsSupportAppls tcp
description MarsSupportAppls
port-object eq 1972
object-group service MarsUpdatePort tcp
description MarsUpdatePort
port-object eq 7835
object-group service NM1503 tcp
description NM1503
port-object eq 1503
object-group service NM1720 tcp
description NM1720
port-object eq h323
object-group service NM1731 tcp
description NM1731
port-object eq 1731
object-group service NM389 tcp
description NM389
port-object eq ldap
object-group service NM522 tcp
description NM522
port-object eq 522
object-group service SSL tcp
description SSL
port-object eq https
object-group service rdp tcp
port-object eq 3389
access-list outside_1_cryptomap extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 192.168.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-data
access-list outside_access_in extended permit udp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-status
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group RDP
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ftp
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ldap
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq h323
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq telnet
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq www
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group SSL
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM522
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM1731
access-list outside_access_in extended permit tcp 173.197.144.48 255.255.255.248 host 99.89.69.334 object-group RDP
access-list outside_access_in extended permit tcp any interface outside eq 3389
access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333
access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333 object-group rdp
access-list outside_access_in extended permit tcp any host 99.89.69.333 object-group rdp
access-list out_in extended permit tcp any host 192.168.6.2 eq 3389
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp 99.89.69.334 3389 192.168.6.1 3389 netmask 255.255.255.255
static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 99.89.69.338 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 192.168.6.0 255.255.255.0 inside
http 0.0.0.0 0.0.0.0 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set peer 68.156.148.5
crypto map outside_map 1 set transform-set ESP-3DES-MD5
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 1
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
tunnel-group 68.156.148.5 type ipsec-l2l
tunnel-group 68.156.148.5 ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
prompt hostname context
Cryptochecksum:f47dfb2cf91833f0366ff572eafefb1d
: end
ciscoasa(config-network)#Unclear what did not work. In your original post you include said some commands were added but don't work:
static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
and later you state you add another command that gets an error:
static (inside,outside) tcp 99.89.69.333 3389 192.168.6.2 3389 netmask 255.255.255.255
You also stated that 99.89.69.333 (actually 99.89.69.233, guessing from the rest of your config and other posts) is your WAN IP address.
The first static statement matches Cisco's documentation, which states that a static statement must use the 'interface' directive when you are trying to do static PAT utilizing the IP address of the interface. Since 99.89.69.333 is the assigned IP address of your WAN interface, that may explain why the second statement fails.
Any reason why you are using static PAT (including the port number 3389) instead of just skipping that directive? Static PAT usually makes sense when you need to change the TCP port number. In your example, you are not changing the TCP port 3389. -
Intermittent errors when logging to the Workspace - 9.3.1 - SSL Enabled
Hi,
We are on 9.3.1 and everything is SSL enabled except Shared Services.
Several times a day, when users log on to the Workspace, they get an "Invalid username or password" error message. They finally get in after 2 or 3 attempts.
Likewise, occasionally, when opening a Financial Report in the workspace users get "BR - Access is denied". After logging back in a couple of times the problem goes away.
All users are affected but randomly.
I have a feeling it could be related to the SSL congifuration.
Has anyone come across this? we are using an F5 http server.
An Oracle consultant suggested making sure that sticky sessions are enabled but we are not sure how to do that.
BI+ has been configured with Tomcat and IIS.
Thanks for your help.It depends how you use Weblogic. If it runs as a windows service then I think you should be able to increase the heap size in the Windows registry. Try looking under HKEY_LOCAL_MACHINE -> Software -> Hyperion Solutions -> Hyperion Reports ->HRWebSRV and look for an Xms (Minimum heap size) and Xmx (Max heap size values)
If you start your services via the weblogic console then you will need to log on to the Admin console under the Java section.
The heap size values depend on each environment but as long as you have at least 4GB RAM on your server you should be able to set
-Xms512m
-Xmx1024m
Additionally check your SSL config as this was causing us a lot of problems too.
Hope this helps.
Seb
www.taysols.com.au -
WCF service fronted with SSL enabled NGINX load balancer shows HTTP based WSDL url instead of HTTPS
Hi,
I have WCF service hosted using IIS 8.5 on application server. And application servers are fronted with NGINX load balancer with SSL enabled. Backend communication protocol between NGINX to application server is http.
When customer visits public domain url (https://xxx.com/service.svc), they can see the WSDL url with http://xxx.com/service.svc?wsdl.
What change should I make so that WSDL url will have https instead of http ?
This is service side configuration.
<system.serviceModel>
<services>
<service name="Service.IService">
<endpoint address="" binding="basicHttpBinding" bindingNamespace="http://xyz.com/Service" name="Service_Endpoint" contract="Service.IService" />
</service>
</services>
<bindings>
<basicHttpBinding />
</bindings>
<client />
<behaviors>
<serviceBehaviors>
<behavior>
<serviceThrottling maxConcurrentCalls="5000" maxConcurrentInstances="2147483647" maxConcurrentSessions="5000" />
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Thanks in advance !!Hi,
For this scenario, you could just enable SSL in IIS to get HTTPS endpoints. If your service is exposed at https then you configure the same using “httpsGetEnabled”:
<behaviors>
<serviceBehaviors>
<behavior
name="MyServiceTypeBehaviors"
>
<serviceMetadata
httpGetEnabled="true"
/>
</behavior>
</serviceBehaviors>
</behaviors>
For more information, you could refer to:
http://www.codeproject.com/Articles/327260/What-s-new-in-WCF-Automatic-HTTPS-endpoint-for
http://blogs.msdn.com/b/brajens/archive/2007/04/26/accessing-description-metadata-wsdl-of-wcf-web-service.aspx
Regards -
Steps to make iPlanet SSL enabled-URGENT
Hi
I want to know how to make iPlanet server SSL enabled . I have already installed the server certificate on the iplanet . Is there anything else i need to do to access a servlet on iplanet thru Https .Basically what are the next steps involved after installing certifictae in iPlanet ?
I tried accessing the servlet thru a sample java client ...it gives me Malformed URL Exception .
As far as i know there wouldnt be any code change inside the servlet to make it Https Enabled..
Can someone help me ....Pls let me know....This is URGENT ..
Thanks
varahanAfter you successfully installed the server certificate you only need to set encryption to "on" in the preferences tab (iPlanet 4.1 or earlier). No other changes are necessary.
Did your sample Java client also talk "https"?
Maybe you are looking for
-
I can no longer see the address bar, the back button, etc. What can I do to restore them?
I cannot enter a URL, or move back to the previous page. This started just this morning.Yesterday it worked normally.
-
Why is the strain on my laptop so much larger using CS6
Hello I have a HP Laptop i7 with an upgrade to 16GB of Ram. The CPU always ran between 5 and 10 percent The Ram upgrad made CS 5.5 preview window go back in sync. Hooray! But since I liked CS 5.5 I thought why not go to CS6. Now my CPU hits 100
-
How to reinstall bootable system 9 in a iBook G3/900 900 MHz PowerPC 750fx
Hi all, I have two machines bootable with OSX and OS9 PowerPC G4/1.25 DP (Mirrored Drive Doors) dual 1.25 GHz PowerPC 7455 (G4) and iBook G3/900 900 MHz PowerPC 750fx (G3) I have some MACOS9 software which just doesn't work in classic mode with any O
-
Salutations! My College teacher was telling me about flash builder and how good it is for mobile applications. I've never done anything with actionscript before and had my first foray into such a few days ago. However I quickly ran into a problem. I'
-
Cannot use my Apple ID to log into Support Communities
I can't log into support communities using my Apple ID. I have to log in using an older e-mail address I used when Apple first started cloud-like services MANY YEARS ago. The e-mail address I have to use is obsolete and I'd just like to abandon its u