Connection https avec certificat p12
Bonjour,
Je souhaite créer un connecteur an as3 (c'est pour une appli air pour iPad)
Ce connecteur doit se connecter à une url https en envoyant un certificat p12.
J'ai essayé avec SecureSocket mais elle ne prend que les certifs en der.
J'ai aussi tenté as3crypto mais sans succès.
Grossomodo quand je tape l'url https à laquelle je dois me connecter dans le navigateur il me demande le certificat que je veux utiliser (ce certificat a préalablement été installé dans le trousseau d'accès windows). Ensuite une fois que j'indique le bon certif a utilisé je suis identifié et connecté.
Je veux pouvoir interroger cette url https en envoyant le certif p12 pour que je sois reconnu et connecté.
Si vous avez le moindre piste je suis preneur car là j'ai tout essayé.
Merci.
Don´t forget to set your proxy settings! Be sure that the application server could establish a connection to the external server.
From the BLog.
Thr 11 WARNING in ssl3_read_bytes: (536875072/0x20001040) received a fatal SSLv3 handshake failure alert message from the peer
From the Error.
Have you looked into the above details?
Thanks
SM
Similar Messages
-
Error connecting https when certificate key 2048
Hello,
I've got the following exception when I tried connecting an HTTPS web server AND when the certificate key > 2048 bits:
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLProtocolException: java.io.IOException: subject key, Unknown key spec: Invalid RSA modulus size.
The exception occurs when trying to handshake the certificate:
com.sun.net.ssl.internal.ssl.HandshakeMessage$CertificateMsg.<init>
I tried using jdk 1.4.2_08 and 1.5.0.
Is somebody can help me? Is there a specific work around or library to use?
Thanks for your help
C�dric Braem
http://www.internetVista.comhi ,
R/3 and EP are running in cross domains.
ex- R/3 india.ac,in:port/irj/portal
EP europe.ac.in:port/irj/portal
There is no web dispatcher for the portal and also for backend, there are no additonal SSL in the network
It is java webdynpro causing the issue when i am trying to access my backend system from portal from talent management.
A new iwndows appears with pop-up and poempts fro user id & password.
Thanks & regards,
rahul -
Je n'arrive pas à me connecter à icloud avec internet explorer
je n'arrive pas à me connecter à icloud avec internet explorer
Vous ne pouvez vous connecter à http://icloud.com si vous avez déjà créé un compte iCloud. Vous pouvez créer un compte iCloud sur un Mac ou un appareil iOS. Vous ne pouvez pas créer de Windows.
-
Can I create multiple certificates. P12 as a distributor?
Why would I want to publish my applications with different labels.
For example: the name of my Company is Rome, I would like to publish some applications tagged with "Rome" (the name of the certificates .p12 will be Rome.) and other Apps tagged with "Rome Today" (the name of the certificates will be "Rome Today")
because I want to distinguish my productions, as if they were independent, and then clicking "View More by This Developer" should not be viewed together even if the company's development is the same.
thanksHi Shanmu,
Yes, I have tried.
The result was:
<xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Content" Id="_u1yCugp3FrVYXEs09G90Jg22"
xmlns="http://www.w3.org/2001/04/xmlenc#"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<xenc:CipherData>
<xenc:CipherValue>g0QiXdy145M/QYiT1LDs4qmH7kwjbYK8</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
But we can´t use this because he creates the element EncryptedData inside of the element that we want to encrypt.
So, we have to do a workaround that we decide that is a Java class to encrypt the element.
Now, I can use the public key to encrypt but I can't read the private key to decrypt ... -
How to renew your self-signed certificate p12 with Flash Builder
I have been using a self-signed certificate (generated using Adobe Flash Builder 4.7) for my Android app. The app is live on Google Play market but the certificate is going to expire soon, and I know if I create new certificate and update my app, existing Android users will not be able to auto-update the app (as the App's Signature has been changed). I would like to know how can we re-new the self-signed Certificate .p12 with Flash Builder?
Thank you very much.After doing my research about the self-signed certificate created by Adobe Flash Builder , I realized that was my mistake to think that the certificate would expire soon. I doubled check the expiration date of my self-signed certificate and the date was set to 35 years after I generated it using flash builder 4.7 (which is very safe).
For anyone who wants to check the self-signed .p12 expiration date you follow the instruction from this link:
http://bsdsupport.org/how-do-i-determine-the-expiration-date-of-a-p12-certificate/
Hope it helps -
Hi,
I have this Windows 2008 R2 on which I installed remoteapp some years ago.
Now the certificate expired and I get the message
"There is a problem with this connection's security certificate
The remote computer cannot be authenticated due to problems with its security certificate.
Security certificate problems might indicate an attempt to fool you or intercept any data you send to the remote computer."
How should I renew the certificate? I already went to certification store and tried to renew certificate with same key but then it says "the request contains nor certificate template information".
Please advise.
J.
J.
Jan HoedtDoes the computer account have Enroll permission to the certificate template?
From the Server running your CA, run mmc, click File then Add/Remove Snap-in...
Add Certificate Templates and click OK.
Find the certificate template, then right click and select properties. On my CA its call ed RemoteDesktopComputers but might be called something different depending on what what template your certificate is based on.
On the security tab, click Oblect types, check Computers then OK. Enter the Computername and click OK. Then give your computer account Enroll permisssion.
HTH,
JB -
My j2me app in samsung E700 can't Connect HTTP ?
Dear all,
Now, I deverloped j2me application on samsung E700. my app can connect http on emulator.
But, it can't on handset.
please suggest,
jakkapopDear jakkapop !
Did you solve problem with http connection in E700? Please reply, if so, 'cause i have the same prob.
Thank you! -
Comment se connecter à internet avec mon Iphone 4S?
comment se connecter à internet avec mon Iphone 4S? comment introduire l'adresse WI-FI?
First, try to reset the phone by holding the sleep and home button for about 10sec, until the Apple logo comes back again.
If this does not help, try to connect in recovery mode and restore again, explained here:
If you can't update or restore your iOS device -
hai guys,
I developed one report and data downloaded into application path and file format is CSV. My development was working fine . Now I want to change file downloaded into FTP location ( this is also working). Now i want to connect HTTP URL path.
How to connect HTTP URL path ( Not Open method only connect)
Thanks in advanceHello,
U can make use of these Fm to connect to URL.
Use this code.
CNHT
CALL FUNCTION 'WS_EXECUTE' "#EC *
EXPORTING
COMMANDLINE = LV_CMDLINE
PROGRAM = LV_PGMNAME
EXCEPTIONS
FRONTEND_ERROR = 1
NO_BATCH = 2
PROG_NOT_FOUND = 3
ILLEGAL_OPTION = 4
GUI_REFUSE_EXECUTE = 5
OTHERS = 6.
IF SY-SUBRC <> 0.
Where LV_CMDLINE = WWW.SAP.COM
LV_PGMNAME = IEXPLORE.EXE
If useful reward points
Vasanth
Message was edited by: Vasanth M -
how do i change http max connections, http max persistent, pipling to true, proxy pipling to true.
Simpler question: Can I change the max connections in Flex?
Thank you. -
Dear all!
I would like your assistance in the following matter:
iPad and Secure Email Certificate.
How to encrypt e-mail using certificates *. p12?
What software do I need to buy?
Thanks.Confirm you have imported your certificates into the Windows Certificate store?
Check the info below for the proper procedure.
1. Locate the certificate files you saved on your computer. Double-click the first .P12 file.
2. In the Certificate Import Wizard Dialog, click Next.
3. The file you selected displays in the File Name field. (If it is not already displaying in the field, click Browse to select it.) Click Next.
4. Enter the appropriate backup password:
For the digital certificate file, enter the password that the Stache web page gave you when you downloaded the certificate.
5. Clear the Enable Strong Private Key protection option.
6. Select the Mark this key as exportable option.
7. Make sure the default option Automatically select the certificate store based on the type of certificate is selected and click Next.
8. The application displays a summary of the settings. Click Finish. -
The proxy allows everyone to perform CONNECT HTTP requests
Hey there.. I ran a vulnerability scan on my server and it came back with this.
Vulnerability description
The remote proxy server can be used to send CONNECT requests.
The proxy allows everyone to perform CONNECT HTTP requests to arbitrary ports, such as:
CONNECT www.domain.com:25
This may allow attackers to bypass your firewall and connect to sensitive ports like 23 (telnet), 25 (sendmail) using the proxy.
A spammer may be using your proxy to send bulk email.
This vulnerability affects Server.
The impact of this vulnerability
Firewall bypass, possible information disclosure
Attack details
The proxy server is running on TCP port 80.
How to fix this vulnerability
Restrict proxy access to valid users and/or hosts. Deny CONNECT requests
In the web area of the server admin, under settings and proxy I have "Control Access To Proxy" checked and Allowed Domain has domain.com but after another scan it keeps telling me that theres an issue with the proxy can someone please help?
thanx
JamesFirst thought: Where are you running the scan from?
If you're running it from within your network then the scanner falls into the range of systems that can use the proxy, and therefore would be able to open arbitrary CONNECTions.
You'd need to test from outside your network to see if this really is an issue on your server. -
HTTPS connection with client certificate not working in spartan
Spartan does not show certificate for the user to select
when I click the https link.
The certificates (taken from a smartcard) are indeed present in the user CertStore.
It works with IE 11 and Chrome.
Has somebody any suggestions ?
Thanks.in fact you are more using a reverse-proxy than a proxy since it is on the server part..
You have to put all the SSL server part on the reserve-proxy itself and not on the final RSS feed. Then, the reverse-proxy will authenticate your client and gets its certificate. After that, either this proxy will open a plain connection (no ssl) towards the RSS, or you can also open a ssl connection but this means you must create a client certificate for the proxy. It just depends on the security level you need, and I used this solution many times in professional hosting.
hope it helps ! -
Proxy https connection with client certificate credentials
Hello, we are building a application like netvibes/iGoogle which allows users to have portlets with rss feeds in them. The portlets are all loaded using ajax and therefore, the RSS feeds must exist on the same domain as the portal. If they don't, you run into problems with cross-domain security issues with ajax. Usually to get around this you just proxy the connection on the server which is very simple with rss feeds that are exposed via http. We however have many feeds that are exposed via https. These feeds likely require a client certificate to authenticate them. Therefore, just doing a basic proxy (take the distant url and open a new connection on the server) won't work because it will build the new connection with the servers credentials and not the users.
Is there a way to build the connection on the server using the users credentials?? How can we proxy this connection over https?
If anyone has ideas, please let me know.
Thanks!in fact you are more using a reverse-proxy than a proxy since it is on the server part..
You have to put all the SSL server part on the reserve-proxy itself and not on the final RSS feed. Then, the reverse-proxy will authenticate your client and gets its certificate. After that, either this proxy will open a plain connection (no ssl) towards the RSS, or you can also open a ssl connection but this means you must create a client certificate for the proxy. It just depends on the security level you need, and I used this solution many times in professional hosting.
hope it helps ! -
Calling webservices from ABAP via https/ssl with p12 certificates.
Hi all,
I have a problem with calling an external webservice via HTTPS.
I configured my system as indicate in the blog /people/jens.gleichmann/blog/2008/10/31/calling-webservices-from-abap-via-httpsssl-with-pfx-certificates but when I check the RFC connection the result is: ICM_HTTP_SSL_ERROR.
I check the ICM monitor and this is the result:
[Thr 11] Thu May 26 16:02:57 2011
[Thr 11] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL
[Thr 11] session uses PSE file "/usr/sap/SV5/DVEBMGS10/sec/SAPSSLHTTPS1.pse"
[Thr 11] SecudeSSL_SessionStart: SSL_connect() failed
secude_error 536875072 (0x20001040) = "received a fatal SSLv3 handshake failure alert message from the peer"
[Thr 11] >> Begin of Secude-SSL Errorstack >>
[Thr 11] WARNING in ssl3_read_bytes: (536875072/0x20001040) received a fatal SSLv3 handshake failure alert message from the peer
WARNING in ssl3_output_cert_chain: (12354/0x3042) No hierarchy certificate in FCPath
WARNING in reduce_FCPath_by_Issuer: (12354/0x3042) No hierarchy certificate in FCPath
[Thr 11] << End of Secude-SSL Errorstack
[Thr 11] SSL_get_state() returned 0x000021d0 "SSLv3 read finished A"
[Thr 11] Server's List of trusted CA DNames (from cert-request message):
[Thr 11] #1 " certificate 1
[Thr 11] #2 " certificate 2
[Thr 11] SSL NI-sock: local=ip peer=ip2
[Thr 11] <<- ERROR: SapSSLSessionStart(sssl_hdl=6000000000652010)==SSSLERR_SSL_CONNECT
[Thr 11] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT [icxxconn_mt.c 2012]
SAP_ABA 700 0012 SAPKA70012 Componenti validi per tutte le applicazioni
SAP_BASIS 700 0012 SAPKB70012 Componenti di base SAP
PI_BASIS 2005_1_700 0012 SAPKIPYJ7C PI_BASIS 2005_1_700
ST-PI 2008_1_700 0001 SAPKITLRD1 SAP Solution Tools Plug-In
SAP_BW 700 0013 SAPKW70013 SAP NetWeaver BI 7.0
SAP_AP 700 0010 SAPKNA7010 Piatt. d'applicazione SAP
CCM 200_700 0010 SAPK-27010INCCM CCM 200_700 : Add-On Supplement
SRM_PLUS 550 0010 SAPKIBK010 SRM_PLUS per mySAP SRM
SRM_SERVER 550 0010 SAPKIBKT10 SRM_SERVER
BI_CONT 703 0001 SAPKIBIIP1 Contenuto Business Intelligence
ST-A/PI 01L_BCO700 0000 - Servicetools for other App./Netweaver 04
What do you think about it?
Best regards,
Norberto.Don´t forget to set your proxy settings! Be sure that the application server could establish a connection to the external server.
From the BLog.
Thr 11 WARNING in ssl3_read_bytes: (536875072/0x20001040) received a fatal SSLv3 handshake failure alert message from the peer
From the Error.
Have you looked into the above details?
Thanks
SM
Maybe you are looking for
-
Missing "pre order points" for Shadow of Mordor.
I've recently received Shadow of Mordor, I had the game pre ordered, but I'm positive that I didn't receive the 500 bonus points for pre ordering. I can't tell if they're pending or what with the new system, and I can't report those points missing th
-
Financial Consolidation of multiple companies
Good Morning Expert! Just want to know if SAP B1 can handle financial consolidation and how to do it. Our requirement is to consolidate financials of 3 companies. Hope to hear from you soon Thanks. Sandra
-
Augmented Reality for Explorer
Hi Barnaby, I actually have no idea about this prototype as it was not developed by the bi.ondemand.com team and this is the first I have heard of it. I do know that the ipad app has been updated at least a few times since the blog was written. It c
-
How to reinstall Elements 12 [was:?]
I accidently clicked on UNINSTALL ELEMENTS 12. How do I get it back?
-
ITunes keeps stealing song focus! :(
Hello. This is standard issue on all iTunes', but I don't really like it...in fact, I hat it! When you have focus on one song while another song is playing, but when the song that's playing ends and changes to the next track, the focus moves to the s