Can sockets do ssl?
the docs make no mention of it...but it would be real nice.
also, is there a better forum for socket questions?
Mike Cardeiro
So, in an effort to get ExtendScript to communicate to API endpoints over SSL, I came up with a working solution. Maybe it will be useful to other scripters out there? If AE is running on OSX, we can assume that we can call cURL from the command line via system.callSystem(). If the app is running on Windows, we don't have access to cURL by default, but we do have access to the cscript host that ships with Windows. So, here is a function that will call either cURL or a specific VBScript that handles a GET or POST request. The response returned is just a string:
* @method : either "POST" or "GET"
* @endpoint: a string representing an URI endpoint for any given API
* @query: a string to be sent with the request (i.e. 'firstName=Arie&lastName=Stavchansky').
function webRequest(method, endpoint, query)
var response = null,
wincurl = WORKING_DIR.fsName + '\\lib\\curl.vbs', //the path to the .vbs file
curlCmd = '';
try {
if ( os() == "Win" ) {
curlCmd = 'cscript "' + wincurl + '" /Method:' + method + ' /URL:' + endpoint + ' /Query:' + query + ' //nologo';
} else {
if (method === "POST") {
curlCmd = 'curl -s -d "' + query + '" ' + endpoint;
} else if (method === "GET") {
curlCmd = 'curl -s -G -d "' + query + '" ' + endpoint;
response = system.callSystem(curlCmd);
} catch (err) {
alert("Error\nUnable to make a `"+ method +"` request to the network endpoint. Please try again.");
return response;
function os()
var os = system.osName;
if (!os.length) { os = $.os; }
app_os = ( os.indexOf("Win") != -1 ) ? "Win" : "Mac";
return app_os;
Here is the VBScript that emulates cURL for GET and POST
set namedArgs = WScript.Arguments.Named
sMethod = namedArgs.Item("Method")
sUrl = namedArgs.Item("URL")
sRequest = namedArgs.Item("Query")
HTTPPost sMethod, sUrl, sRequest
Function HTTPPost(sMethod, sUrl, sRequest)
set oHTTP = CreateObject("Microsoft.XMLHTTP")
If sMethod = "POST" Then
oHTTP.open "POST", sUrl,false
ElseIf sMethod = "GET" Then
oHTTP.open "GET", sUrl,false
End If
oHTTP.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
oHTTP.setRequestHeader "Content-Length", Len(sRequest)
oHTTP.send sRequest
HTTPPost = oHTTP.responseText
WScript.Echo HTTPPost
End Function
The response returned from `webRequest` is just a string, so depending on the its contents you might have to parse the string to transform it into a useful XML or JSON object. For JSON, you can do that by using
eval( '(' + response + ')' );
Hope that helps somebody out there!
--Arie
Similar Messages
-
How can I use SSL in httpunit??
How can I use SSL in httpunit? I am using HTTPUNIT 1.5.4 and the
j2sdk1.4.1_04?
I want to activate a submit button that following an https-Url in the
html action method...
The SSL certificateis from Server,
i want to connect, is comming from Thawte. then it should be automatically
trusted by the "trust file" within the JVM (FAQ) but it does not. Can me
someone explain what to do?
Here is the throwing Exception:
java.net.SocketException: Network is unreachable: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
at java.net.Socket.connect(Socket.java:434)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(DashoA6275)
at
com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.doConnect(DashoA6275)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:386)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:602)
at sun.net.www.protocol.https.HttpsClient.<init>(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.a(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.a(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.a(DashoA6275)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.plainConnect(DashoA6275)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
at
sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:528)
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getOutputStream(DashoA6275)
at
com.meterware.httpunit.MessageBodyWebRequest.completeRequest(MessageBodyWebRequest.java:96)
at
com.meterware.httpunit.WebConversation.newResponse(WebConversation.java:60)
at com.meterware.httpunit.WebWindow.getResource(WebWindow.java:162)
at com.meterware.httpunit.WebWindow.getSubframeResponse(WebWindow.java:125)
at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:118)
at com.meterware.httpunit.WebWindow.sendRequest(WebWindow.java:107)
at
com.meterware.httpunit.WebRequestSource.submitRequest(WebRequestSource.java:245)
at
com.meterware.httpunit.WebRequestSource.submitRequest(WebRequestSource.java:224)
at com.meterware.httpunit.WebForm.doFormSubmit(WebForm.java:75)
at com.meterware.httpunit.WebForm.submit(WebForm.java:67)
best regards,
FrankUmm...not to be (too) rude - but did you try reading the error message?
"java.net.SocketException: Network is unreachable: connect"
You haven't gotten to the "is my certificate acceptable" part yet, because you aren't even getting off of your box.
Grant -
How can I generate SSL Keys from a Oracle 9iAS server version 1.0.2.2.0
How can I generate SSL Keys for use on Oracle 9iAS server
version 1.0.2.2.0. I have tried using the open_ssl method but
was unsuccessful.<?xml version="1.0" encoding="UTF-8" ?>
<nodes>
<node>
<category_id>3</category_id>
<parent_id>2</parent_id>
<name>Mobile</name>
<is_active>1</is_active>
<position>1</position>
<level>2</level>
<children>
<node name="Nokia" category_id="6" parent_id="3" is_active="1" position="1" level="3">
<node name="Nokia N79" category_id="7" parent_id="3" is_active="1" position="2" level="3" />
<node name="Nokia N95" category_id="7" parent_id="3" is_active="1" position="2" level="3" />
<node name="Nokia N97" category_id="7" parent_id="3" is_active="1" position="2" level="3" />
</node>
<node name="Samsung" category_id="7" parent_id="3" is_active="1" position="2" level="3">
</node>
</children>
</node>
<node>
<category_id>4</category_id>
<parent_id>2</parent_id>
<name>Laptop</name>
<is_active>1</is_active>
<position>2</position>
<level>2</level>
<children></children>
</node>
<node>
<category_id>5</category_id>
<parent_id>2</parent_id>
<name>Monitor</name>
<is_active>1</is_active>
<position>3</position>
<level>2</level>
<children></children>
</node>
<node>
<category_id>8</category_id>
<parent_id>2</parent_id>
<name>Camera</name>
<is_active>1</is_active>
<position>4</position>
<level>2</level>
<children></children>
</node>
</nodes>
Is this correct format to create dynamic menu? -
Can't get SSL to work :(
Hi guys,
Little question: I can't get SSL up and running . I used the cer. that was created by the installation of my new mac OSX 10.6 Server. I exported the cer. and have imported it in my Macbook Pro (Mac OSX 10.6.1) now I want to use it with a VPN connection but can't connect (without using the cer. everthing works). Any ideas?? I'm not the Mac OSX expert but I know my way .
Grtz
Sgt Van de Vyver
Belgium - AntwerpPS: I've tried recreating the SSL certificate to no avail.
If i enable the https server for SDM etc, the SSL certificate works fine. -
I have XP x64 SP2 and have tried to download Adobe Reader. I get an error; "Can't establish SSL connection (16248.331.1095.307)" and
then after a couple of these, it closes the download manager.
We are using IE6.0.3790.359 128 cipher
As to the alternate browsers, our corporation will not allow them to be loaded. So we cannot use other browser.
The installation steps are: click get reader, allow activeX, unclick Google bar and click download- simple stuff.
Please refer to the screen shot
Thanks
JPSinghAssuming that you want the English version of Adobe Reader 9.2, you can download it without download manager from http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.2/enu/AdbeRdr920_en_US.exe
If you're looking for a different version, find it at ftp://ftp.adobe.com/pub/adobe/reader/ -
Coldfusion 11 - Web Sockets via SSL
Help!
I can't seem to figure out how to handle WSS (Websockets over SSL). I have a cert that has already been sent/received by verifier. I have a cert and an intermediate cert. I've been looking at documentation and from what I've gathered i need to add the certs to the "keystore". I issued a command like this ->>> D:\CF11\jre\bin\keytool -import -v -alias myCert-cert -file myCert.cer -keystore D:\CF11\jre\lib\security\cacerts -storepass changeit <-- I see the cert is added. And if list the keystore i see the number of certs increased by one. I then enable the SSL WS, use default port (built in server.. not proxied), and point it to the keystore D:\CF11\jre\lib\security\cacerts and for pass i simply use the default changeit.... I've modified my cfcode to have the secure="true" attribute. So I think everything is setup correctly ....but... when i goto the webpage the web socket will try to connect then simply not connect (Firebug says the connection was refused) (The code works fine removing the secure attribute and accessing via http) ... So i guess i'm not sure exactly what i should be doing. Can i use the same cert that I had created via IIS. The cert looks valid. Also further more i see nothing showing up in the log files.. I see a log called WebSocket.log but the size is 0 and nothing is being thrown in the exception log either.. I'm completely confused.Hi Sharma,
I also sent you a note directly via email (see below). I am having a similar issue to Prem without resolution.
Our CF11 server configuration:
Windows 2012 Server R2
IIS 8
We have a *.balboadigital.com registered RapidSSL certificate installed on our server which resolves to https://dev.balboadigital.com on this particular development box. I've been unable to locate any online resources which would show me how to utilize this certificate for websockets within CF11. Due to this, I was happy to find your reference to try a self-signed certificate. I followed your instructions. Here is the breakdown:
1. I generated the keystore per your instructions which created the websocket.crt file.
2. The CF server XML was uncommented and updated to:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\ColdFusion11\jre\bin\websocket.crt" keystorePass="[my password]"/>
3. I restarted the CF11 Application Windows service.
4. The "Use Built-In WebSocket Server" radio button was selected with PORT: 8575 for non-SLL and PORT: 8543 for SSL as defaults. The KeyStore was set to "C:/ColdFusion11/jre/bin/websocket.crt" and the KeyStore Password to "[MyPassword]" and changes posted.
5. I restarted the CF11 Application Windows service.
6. I then ran a test web page: https://dev.balboadigital.com/admin/websocket/index_withssl.cfm (this is live for you to test)
Application.cfc
<CFCOMPONENT>
<CFSCRIPT>
this.name = "balboa";
this.wschannels = [{name="phone"}];
</CFSCRIPT>
</CFCOMPONENT>
index_withSSL.cfm
<script type="text/javascript">
function mymessagehandler(atoken)
if (atoken.data != null) {
var message = ColdFusion.JSON.encode(atoken.data);
var txt = document.getElementById("myDiv");
txt.innerHTML += message + "<br>";
function publishmessage()
var msg = document.getElementById("message").value;
mycfwebsocketobject.publish("phone.4",msg );
</script>
<cfwebsocket name="mycfwebsocketobject" onmessage="mymessagehandler" subscribeto="phone" secure="true">
"Phone" Message: <input id ="message" type="text" > <input type="button" onclick="publishmessage();" value="Publish Message"><br />
<cfdiv id="myDiv"></cfdiv>
The test fails and returns the following from the Google Chrome Console:
WebSocket connection to 'wss://dev.balboadigital.com:8543/cfusion/cfusion' failed: WebSocket opening handshake was canceled
7. The script was copied and modified to eliminate SSL as follows: http://dev.balboadigital.com/admin/websocket/index_nossl.cfm (this is live for you to test)
index_nossl.cfm
<script type="text/javascript">
function mymessagehandler(atoken)
if (atoken.data != null) {
var message = ColdFusion.JSON.encode(atoken.data);
var txt = document.getElementById("myDiv");
txt.innerHTML += message + "<br>";
function publishmessage()
var msg = document.getElementById("message").value;
mycfwebsocketobject.publish("phone",msg );
</script>
<cfwebsocket name="mycfwebsocketobject" onmessage="mymessagehandler" subscribeto="phone">
"Phone" Message: <input id ="message" type="text" > <input type="button" onclick="publishmessage();" value="Publish Message"><br />
<cfdiv id="myDiv"></cfdiv>
This test passes and works as expected, but no SSL.
Please advise as our application absolutely requires that SSL is working for us.
Thanks,
Kevin -
Can't get SSL to work for WebVPN
Hi all,
I'm trying to get webvpn setup, and have it all configured correctly.... but there seems to be a problem with the SSL part.
I can connect on port 80, it redirects to port 443... but never shows the login box, just keeps trying to load.
I can telnet to port 443 fine and i've disabled all other services using port 443 (like http secure-server).
The status is UP for the gateway and context. I've no idea what to do next. It appears to be trying, but not succeeding. I've tried different IPs, on different sides of the NAT. I've tried with loopback ip, ips on the VLAN, the public IP etc.
Please please help, here's some info...
MD1#sh webvpn gate MD
Admin Status: up
Operation Status: up
Error and Event Logging: Disabled
IP: 192.168.2.199, port: 443
SSL Trustpoint: SSLVPN
FVRF Name not configured
MD1#sh webvpn cont MD
Admin Status: up
Operation Status: up
Error and Event Logging: Disabled
CSD Status: Disabled
Certificate authentication type: All attributes (like CRL) are verified
AAA Authentication List: default
AAA Authentication Domain not configured
Default Group Policy not configured
Associated WebVPN Gateway: MD
Domain Name and Virtual Host not configured
Maximum Users Allowed: 25
NAT Address not configured
VRF Name not configured
MD1#sh webvpn install st svc
SSLVPN Package SSL-VPN-Client version installed:
CISCO STC win2k+ 1.0.0
1,1,3,173
Mon 12/11/2006 18:41:54.43
MD1#sh webvpn install st csd
SSLVPN Package Cisco-Secure-Desktop version installed:
CISCO CSD IOS
3,1,1,45
Mon 10/23/2006 11:18:00.42
Thanks
~MattPS: I've tried recreating the SSL certificate to no avail.
If i enable the https server for SDM etc, the SSL certificate works fine. -
I have now tried two SSL certificates, one from RapidSSL and another one from QuickSSL. Both are from Geotrust, and it appears both require an intermediate certificate.
I have installed the intermediate certificate to both, by downloading and then dobule clicking on them. Keychain appears to have them installed.
I then install my SSL certificate and select it. On the server box everything looks perfect in both Chrome and Safari, but if accessed from the outside world, everything looks good in Safari, but in Chrome I get the error "Certificate Signed by Unknown Authority".
It appears that Chrome can't find the link to the intermediate certificate if in the outside.
See screenshots.
Any ideas?
David
But if you connnect you get this:Had this issue with a godaddy intermediate certificate.
Basically, you download the certificate file that's issued to you.
It'll have two (or more) files in there. One of which is the intermediate certificate. Put them on your desktop of the server that you're now logged in to. (It's just a handy spot)
Two parts to this:
On your Mac Server.
Log in as an administrator.
Open up /Applications/Utilities/Keychain Access
Select the System Keychain.
Click the padlock icon at the top left to unlock the System keychain. Authenticate as a user with administrative privileges, if prompted.
Go to the File Menu and choose Import. Navigate to the desktop and double click the intermediate.crt that you copied to your desktop.
Part two:
Open up Server Admin:
In the Servers pane, select the server on which you want to install the SSL certificate.
Select Certificates from the toolbar at the top of the right pane.
Select the item representing the certificate you have requested. Click the "Gear" button and then select Add Signed or Renewed Certificate from Certificate Authority....
Drag the file containing your server certificate to the blue certificate icon that displays after the previous step.
***Note: Don't drag the intermediate.crt file. You have to drag the actual certificate.
Click replace certificate.
HTH
-Graham -
Can anyone tell me why I can't get this freebie to work?
http://www.solid-state-logic.com/resources/lmc1plugin.html
I'm trying to use the AU version on an Intel iMac, it doesn't say anything about universal binary. My Logic Express AU manager is not seeing it. The installer is placing the entire SSL LMC-1 component folder in my component folder (library>audio>plugins>components). Logic's AU Manager is seeing nothing regardless of rescans. Thanks.Can anyone tell me why I can't get this freebie to
work?
http://www.solid-state-logic.com/resources/lmc1plugin.
html
I'm trying to use the AU version on an Intel iMac, it
doesn't say anything about universal binary. My Logic
Express AU manager is not seeing it. The installer is
placing the entire SSL LMC-1 component folder in my
component folder (library>audio>plugins>components).
Logic's AU Manager is seeing nothing regardless of
rescans. Thanks.
I had this plugin. It is NOT Universal Binary, and as such is NOT compatibel with Intel machines.
Cheers
Egyptian Merchet and Groma Mac OS X (10.4.9) Black Coffee and a black Staffordshire Terrier -
How can you manage ssl service provider service in PI 7.1?
Hello there..
I am trying to find a place in Netweaver admin tool so that I can add CA certificate into the SSL provider service Trusted Certification Authorities list. I use to be able to do that in Visual Admin tool -> dispatcher node -> Services -> SSL Provider -> Runtime tab -> Client Authentication, but now I cannot find anywhere in the NetWeaver Admin tool.
Thanks.
Jerry.Hi Jerry,
Once you login to the NWA, follow this path
Configuration Management -> Security -> Certificate and keys ->
You need to import the client certificate under ICM_SSL_xxx and you can find SSL_Provider if you scroll completly down. You need to import the private key of the client certificate under ICM_SSL_xxx.
You have even Trusted CA's under this list. Please let me know if you have any problems.
Thanks,
Srini
Edited by: srinivas kapu on Dec 18, 2008 9:58 PM -
Can't access SSL-secured web content from Remote Desktop Server
I am running RDS on Windows Server 2008R2. No Remote App or Gateway Services, just straight up Remote Desktop.
After making a RDP connection to the server, when trying to access any SSL-secured website, Internet Explorer displays the error "Internet Explorer cannot display the webpage" with a button labeled "Diagnose Connection Problems." It's the same generic
IE message that appears when DNS lookups fail. This failure to make SSL connections also manifests itself with Exchange autodiscover not working.
Strangely enough, Administrator is able to make SSL connections just fine, just not any other users. The server is otherwise completely functional.Hi cyborganic,
To narrow down this issue, Would you like to confirm the following questions:
1.
Does this issue exist when accessing all secured web sites or just some of them? Please try to access
https://www.microsoft.com.
Does it work?
2.
Does this issue exist when a user logs on to the console of the problematic server and then access a secure web site? In this way, we can isolate whether the problem is related
to RDS.
3.
You mentioned that administrator can access properly. As a test, can a problematic user be able to access the SSL site properly if you add him/her to the Administrators group
temporarily?
Meanwhile, Please help to make sure the “Cryptographic services” is set to Automatic Start.
Here, There are some suggestions for
General troubleshooting
Suggestion #1:
=====================================================================
Run the Network Diagnostics tool in Internet Explorer
To do this, follow these steps:
1.
Start Internet Explorer, and then try to access the Web page that is displaying the error message.
2.
On the page that displays an Internet Explorer error message, click the
Diagnose Connection Problems link. The Network Diagnostics tool will run. When the tool has finished running, it will report one of the following results:
o
It was unable to find a problem.
o
It has detected a problem. Additionally, the tool will provide guidance about the next steps to take to troubleshoot the problem.
Note
Internet Explorer 6 users click Detect Network Settings
3.
Click
IP Address, and note the IP Address. You may need it for future troubleshooting.
4.
Follow the steps in the Network Diagnostics tool to fix any connection problems.
5.
Start Internet Explorer.
If you receive the same error message, go to the next method.
Suggestion #2:
=====================================================================
Use the Delete Browsing History feature
If resetting the modem or the router did not resolve the problem, deleting your browsing history might help. Follow
these steps to remove your temporary Internet files, history, and form data:
Internet Explorer 8
1.
Start Internet Explorer.
2.
On the
Tools menu, click Internet Options.
3.
Under
Browsing history, click Delete.
4.
Select the check box next to
Preserve Favorites website data.
5.
Select the check box next to
Temporary Internet Files.
6.
Select the check box next to
Cookies.
7.
Select the check box next to
History.
8.
Select the check box next to
Form data.
9.
Select the check box next to
InPrivate Filtering data.
10.
At the bottom of window, click
Delete.
11.
Close Internet Explorer, start Internet Explorer again, and then try to access the Web page.
Suggestion #3:
=====================================================================
Use the Internet Explorer (No Add-ons) mode
To do this, click
Start, point to All Programs, point to
Accessories, point to System Tools, and then click
Internet Explorer (No Add-ons).
Note Internet Explorer (No Add-ons) mode is only available for Internet Explorer 7 and Internet Explorer 8.
If this resolves the issue, follow these steps to isolate the browser add-on that is causing the issue:
1.
Click
Tools, and then click Internet Options.
2.
Click the
Programs tab, and then click Manage add-ons.
3.
Click an add-on in the
Name list, and then click Disable.
4.
Repeat step 3 until you identify the add-on that is causing the issue.
If this issue still persists, Pls refer to the following link for
Advanced troubleshooting
You receive an error message in Internet Explorer: "Internet Explorer cannot display the webpage”
http://support.microsoft.com/kb/956196 -
How can I test SSL communication
I have successfully imported a SSL certificate to d:\JRE\Sun\1.4.2\lib\security\cacerts in Windows 2003 server. How can I test this SSL communication between my server and the other SSL Windows server?
michaelfromchattanooga wrote:
There is a card plugged into the reader, and it has good data on it as I have just used the printers card reader to copy the pictures off of it. But the wireless printer is very slow.
I contacted Sonnos (manufacturer of the expresscard/34) and Eric from their support department was kind of smart-mouthed about it. He assured me with 100% certainty that I had inserted the card reader backwards. I replied to him that the card will NOT allow you to insert it backwards, by design. This was yesterday and he has yet to reply.
My main question is if the card reader is defective, or is the slot on my Macbook Pro defective? I only have one MBP so I can't test the card reader in another machine.
Anyone?
Is the slot being recognized in your system profiler? >(option key)About this Mac>Hardware.
You can also run the Apple Hardware test by booting with the D key held down.
You can try put the card in before you boot or reboot with it in. It may only recognize if present at boot.
MacBook Pro, Mac OS X (10.6.7), 2.4GHz IntelCore i5 320 HD 8GB RAM -
How can i install SSL on J2EE?
i installed a J2EE patch 24 and J2EE is running with http but now i was demanded to install https on this J2EE .
During the installation i was asked for a https port , but when i try to reach the J2EE via this port it does not work.
Is there any documentation ,and if where can i find it ,about how to install SSL on J2EE ? (WAS basis 620)
i am thankful for any hint.
best regards
brittaHi Britta,
you can find documentation about how to install SSL on the J2EE Engine in the Administration Manual (should be part of the installation!) -> chapter Services Administration Reference -> SSL Service -> Critical Information and Troubleshooting Tips.
You'll also need the SAP Java Cryptographic Toolkit package that corresponds to your SAP J2EE Engine release. You can get it from the SAP Service Marketplace at service.sap.com/download under Download -> SAP Cryptographic Software.
Hope that helps! -
Can't access SSL site in Firefox.
A am attempting to access a Cisco server with a self-signed certificate. I can access it in MSIE.
When I try to access the server, I get the Firefox error “This Connection is Untrusted”.
I choose the option to “Add Exception”.
The following dialog box says; “Valid Certificate. There is no need to add an exception”, and does not give me the ability to “Confirm Security Exception” like it normally would. My only option is to “cancel” and go back to the previous error “This Connection is Untrusted”.
How do I get Firefox to allow me to access this web server?
== URL of affected sites ==
http:// privateYes! This is exactly my problem today. I keep getting "This Connection is Untrusted" for a server with a "wrong domain" certificate. (We're using https to get SSL encryption, not authentication.)
Normally, I click "I understand the risks" and tell it to "permanently store this exception", and it lets me through, at least for an hour.
Long-term problem: I've done this about two hundred times over the last several years, and it *still* coughs up this warning about one out of three attempts. (Yes, the system time is correct on my laptop. No, I don't do anything complicated about restoring settings or deleting cookies or anything like that.) I need a "really, really, REALLY permanently store this exception" button, not the "maybe sometimes store this exception for a while" button.
Today's problem:
I'm trying to get to foo.bar.com.
It chokes on an "untrusted" certificate, claiming that the certificate is valid only for www.bar.com. When I click it reloads the certificate and says... "This site provides valid, verified information"... to baz.bar.com.
Okay, so let's reload the page... and I'm back to "This Connection is Untrusted" — it's unhappy about the www.bar.com certificate again.
Seriously, I've done this cycle more than a dozen times in the last hour. How the heck do I get it to let me through to my server? And in the bigger picture, will we ever have a setting that says, "When going to foo.bar.com, just use SSL and do not even ask for the bleeping certificate"? -
Can't get SSL/TLS e-mail access working
Am having zero luck trying to get my wife's brand new 9810 to access a pop/imap account on a server where SSL/TLS is mandatory.
Background -- I'm the server admin.
I can access e-mail on the same server/domain from my 9700 Bold running OS 6 - I can do SSL/TLS connections to e-mail just fine.
When I look at the server-side logs when the 9810 is attempting to connect, I see that the SSL/TLS session is not getting established - hence the username/password is never being sent to the server.
The 9810 is running OS 7.1.x - is this version of the OS buggy?
Looking for an e-mail wizard to help me figure this out.Hi and Welcome to the Community!
Please try this:
KB25266 How to enable TLS on a BlackBerry smartphone preloaded with BlackBerry Device Software 6.0 or 7.0
Also, please try integrating from the BB Browser using this url:
www.blackberry.com/integrate
Also try using your carriers BIS site, from a PC/Browser
http://www.blackberryfaq.com/index.php/Where_can_I_log_into_my_BIS_account%3F
If your carrier is not listed, you may need to contact them to find their BIS site, if they have such.
Also, if you talk to them, they should be able to integrate the account as well. Further, if they can't help get it working, they have the power to escalate your case into RIM for enhanced support.
Good luck!
Occam's Razor nearly always applies when troubleshooting technology issues!
If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
Join our BBM Channels
BSCF General Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code
Maybe you are looking for
-
For the past 2 hours I have been trying to reset my ipod without a password. my computer does not accept my ipod because it does not have the new update. So when i tried to update my computer it won't accept my password to start the download. So when
-
How can i restore my ipad to factory settings? Getting error message 4005 so re-installed latest version of itunes, restarted computer, everythingis up to date. Still getting error 4005. This happened when I went to update software. Face of ipad show
-
Calling a dll that returns a handle
I am using the LV Call Library Function to call a reflective memory board interface dll on a Windows 2000 system. The first call is to OPEN with an argument of a pointer to a string containing the name of the device. This opens the driver and returns
-
Issue within Purchase Credit Account & Price Difference Account
Dear All, I just wanted to know when this Purchase Credit Account and Price Difference Accounts within the Accounting Tab in Item Group or Within the Accounting Tab within Warehouse are Posted within the Transaction. Kindly someone ex
-
Hi experts, We are working on SRM 5.0 (SP 14) and C-folder 4.0. We are implementing competitive bidding with 2 Envelope Functionality. Our problem is the authorization of bidders in C-folder. After the bid invitation is published and the bidder logs