Does certicom implementation support ssl renegotiation ?

Similar Messages

• Does Weblogic support SSL v3.1?

  The documentation for both Weblogic 9 and 10 refer to v3.0, but I cannot find any reference to 3.1. Does either version support SSL 3.1?
  Thanks,
  Doug

  The documentation for both Weblogic 9 and 10 refer to v3.0, but I cannot find any reference to 3.1. Does either version support SSL 3.1?
  Thanks,
  Doug

• How to disable SSL Renegotiation

  Hi All,
  A security audit discovered one of our application's SSL termination, resides our ACE, supports SSL Renegotiation, which is, in their opinion, a security risk. As far I know, it is not supported to turn off this feature on ACE. Anyway, I want to be sure, before I reports this to the auditors. If you know, how to disable it, please share with me!
  We are running 3.0(0)A4(2.2).
  Regards,
  Tamas

  Thank you for your answer.
  Our running version is A5(2.0). It should have rehandshake disabled by default.
  Here are the outputs from some commands:
  ACE# sh run | i rehand
  Generating configuration....
  ACE# sh parameter-map SSL_TERMINATION
  Parameter-map : SSL_TERMINATION
  Description : -
  Type : ssl
      version                            : all
      close-protocol                     : none
      expired-crl                        : allow
      cdp-errors                         : reject
      authentication-failure any         : reject
      session-cache timeout              : disabled
      queue-delay timeout                : disabled
      Accepted cipher list:
        RSA_WITH_RC4_128_MD5 (priority:1)
        RSA_WITH_RC4_128_SHA (priority:1)
        RSA_WITH_AES_128_CBC_SHA (priority:10)
        RSA_WITH_AES_256_CBC_SHA (priority:1)
      rehandshake                        : disabled
      purpose-check                      : enabled
  As you can see there is no configuration command to activate rehandshake.
  So my question is if the rehandshake command only affects the ACE´s ability to do a rehandshake from its own side, but always lets the client do it if it wants to.
  It isn't easy to find details about this. And the only place where I have found i little bit of details says "Enables rehandshake, allowing the ACE to send an SSL HelloRequest message to its peer to restart SSL handshake negotiation", so it might just be in that direction.
  A followup question would be if it is possible to prevent the client from doing a rehandshake by a command in the ACE.
  If this behaviour is not the intention this has to be a bug and I would go to the TAC with it.
  I just want to know how the ACE is intended to work before I do that.
  Best Regards,
  /Torbjörn

• JavaMail supports SSL: True or False?

  Hi Guys, this is my first time here. :)
  Btw, I have questions:
  1. Does JavaMail really support SSL or not from the original package? Cause from the FAQ, They said it's not. But i've read some examples where there is a class imported from javax.net.ssl.SSLFactory kind like that. So my question is, is it really supported?
  2. I want to create a program that sends email with or without SSL. Is there any simple "if" block that distinctively differentiate from SSL connection with the standard one? What i mean is something like this.
  boolean isPOPSSL;
  Properties prop = new Properties();
  if(isPOPSSL)
      //SSL Connection
  prop.setProperty(    //set Properties for SSL);
  else
      //SSLless connection
  prop.setProperty(    //set Properties for standard connection);
  }Can somebody explain what thigs should I put inside the "if" body there?
  3. Is it true that SMTP server doesn't need any SSL encryption because thre's already a TLS in SMTP Protocol?
  Thanks for your attention. :)

  1. Does JavaMail really support SSL or not from the original package? Cause from the FAQ, They said it's not. But i've read some examples where there is a class imported from javax.net.ssl.SSLFactory kind like that. So my question is, is it really supported?Yes, SSL is fully supported.
  Where in the FAQ did you read that SSL was not supported?
  Did you find the file SSLNOTES.txt that's included with the JavaMail download?
  2. I want to create a program that sends email with or without SSL. Is there any simple "if" block that distinctively differentiate from SSL connection with the standard one?The simplest approach is to choose the protocol name based on whether you want SSL or not:
  if (isSSL)
      prot = "smtps";
  else
      prot = "smtp";
  props.put("mail." + prot + ".host", mailhost);
  ...The smtpsend.java demo program illustrates this approach.
  3. Is it true that SMTP server doesn't need any SSL encryption because thre's already a TLS in SMTP Protocol?There are two approaches for using SSL:
  1. Connect on a socket that uses SSL right from the beginning. This is what the "smtps"
  protocol does.
  2. Connect on a plain socket, then switch to SSL (aka, TLS). This is what the "STARTTLS"
  command does. You can enable use of this command by setting an appropriate property.
  See the com.sun.mail.smtp package javadocs.
  Some servers will support one approach, some will support the other, some will support both.

• Does WLS 5.1 support SSL session reuse?

  Does WLS 5.1 support SSL session reuse?
  I noticed in an earlier post that WLS 4.5 doesn't. It this also true for 5.1?

  Does WLS 5.1 support SSL session reuse?
  I noticed in an earlier post that WLS 4.5 doesn't. It this also true for 5.1?

• Does flashplayer 9 ocx by itself support SSL (without browser)?

  We are using the Flashplayer 9 ocx, running a Flex Client Application, and interfacing to it with a FlexCpp
  Bridge.  We open the flashplayer inside of the C++ Windows application.   We would like all communication from a java mid-tier server, to the flashplayer to be SSL.  Can the flashplayer ocx support SSL on its own, without using a browers? We had to eliminate the browser, to support the C++ interface.  I can't find any documentation on flashplayer SSL without a browser.

  IIRC Flash requires the host application for all server communication. You migth want to investigate implementing the Netscape Plugin API in your application and hosting Flash in that:
  http://en.wikipedia.org/wiki/NPAPI

• Does Oracle Exchange Portlet 2003 Support SSL?

  I installed the Oracle Exchange Portlet 2003 successfully. However, when enabling SSL on the Webmail (frontend) of Exchange Server, I got the some SSL handshake error. Just wonder whether the portlet support the SSL.
  Failed to handle HTTP Request
  java.io.IOException: javax.net.ssl.SSLException: SSL handshake failed:
  X509CertChainIncompleteErr
  Any advise will be welcomed.
  Thanks a lot in advance.

  Hi Zhan,
  I am not sure that the Exchange portlets support SSL. I will find out more info and get back to you.
  thanks,
  Harsha

• Does JDBC Drivers in Oracle9i support SSL connection

  Hi everybody,
  I have to access to some information in Oracle9i DB throught SSL connection from Oracle OCI clients. I would like to know if the administrators have to use an specific datasource and OCI driver. I have to verify if Oracle 9i JDBC drivers support SSL connections.
  Thanks you very much
  Rosa

  In order to use SSL, you would need to install and configure Oracle Advanced Security both on the client and on the database. If I recall correctly, this is an additional cost option if you have the Enterprise Edition database.
  Justin
  Distributed Database Consulting, Inc.
  http://www.ddbcinc.com/askDDBC

• Does JSSE implementation of TLSv1 falls back to SSLv3 or SSLv2 if server re

  Does JSSE implementation of TLSv1 falls back to SSLv3 or SSLv2 if server requests.
  I am planning to use TLSv3 protocol for our SSL client implementation. My worry is if I use TLSv3 which being the latest and the new standard, does the Sun's JSSE implementation fallsback to SSLv3 or SSLv2 if the server doesn't accept TLS.
  Can anyone let me know and point me to the right link.
  This highly required as I am not sure what clients use their webserver as.

  If you specify 'TLS' you will get TLS, if you specify 'SSL' you will get TLS or a fallback to SSLV3. You'll never get a fallback to SSLv2 because Sun doesn't support SSLv2 at all except for the initial Hello message.

• Does AVL table supports popin in WebDynpro ABAP

  Hi,
  Just a short question, does AVL table supports popin in WebDynpro ABAP?
  I know that popin in supported in normal table in WD ABAP. Is this feature also available for ALV table?
  Thanks
  Yingzhi

  Hi Yingzhi Liu,
  Did you get any answers to this question?
  I'm also trying the same where we need to show additional details for an ALV table row. Is it possible to have a table popin in ALV? We are on 2004s release and implementing Web Dynpro for ABAP.

• Does ACE-30 support multicast in routed mode?

  We currently have ACE20's, which only support multicast in bridge mode.
  Was wondering if it's the same on ACE30's, or if Cisco finally implemented support for mcast in routed mode.
  thx
  Kevin

  Could you please confirm if this applies to both ACE20 & ACE30, or just ACE20?
  If both, when does Cisco plan on supporting mcast in routed mode?
  thx
  Kevin

• Does Flex HttpService support https with client authentication

  Hi,
  We have a set of backend services available over https with client auth (cert based). We need to use mxml HttpService to access these backend services. Does HttpService support ssl with client auth?
  Another question is, for Https does flex share the browser keystore and certstore or uses its own?
  Thanks,
  Debashis

  Yes , a flex HTTPService can access services on https://.  But if I remember correctly , to use an https:// service , the swf has to be served on an https.  Example ,
  Served from https:// ... --> Can access https:// ...
  Served from https:// ... --> Can acess https:// ...
  Served from https:// ... --> CANNOT access https:// ...
  Served from https:// ... --> CANNOT access https:// ...
  Since Flex has the browser do the connecting , the browser handles the keystore stuff , not Flex. I think.

• Roles of Implementation & Support  Project  of demand planner

  hi to all
               i let to know whats the exact job of a Planner in Implementation & Supporting project his roles and responsibility and i want to know exactly that what do he do in real time project of I & S. please answer for my query and expecting for ur response.
  1) Implementation
  2) Supporting 
  Please answer for mi query and help me in  mi career further.
  Thanking u all in advance .
  ronald

  Hi,
  Demand Planners role in Implementation Project:
  - Business process related requirement provide to the implementation team
  - Test scenario explanation
  - Unit testing as per the Demand Planner's view
  - Report requirements provide to implementation team.
  You will work as a Business expert or as a Core team member in the Implementation Project. Your role will be very crucial .. you will Drive the project as per the business processes of Demand planning.
  Support Project :
  If you are working as a Demand planner and doing day to day Demand planning work then in case any issues come you will send it to support team for correction.
  You may be from Business Team work as a single point of contact from Business.
  You will gather the requirement for reports/ any new devlopment and for implementation send it to support team.
  In the support project you will require to see continous process improvement

• How to make tomcat 5 support SSL (https)?

  Hi,
  is there a way to make tomcat support SSL (https)?
  i using: Apache 1.3.33
  with : Tomcat 5.0.28-1.00RC2
  and : jakarta-tomcat-connectors-jk-1.2.6
  JDK: j2sdk1.4.0_04
  Many thanks
  Anatolia

  Thanks very much Sherbir,
  But JSSE is integrated into the Java 2 SDK, Standard Edition, v 1.4 and above!
  here is what i'm facing:
  the documentation says:
  >
  It is important to note that configuring Tomcat to take advantage of secure sockets is usually only necessary when running it as a stand-alone web server. When running Tomcat primarily as a Servlet/JSP container behind another web server, such as Apache or Microsoft IIS, it is usually necessary to configure the primary web server to handle the SSL connections from users. Typically, this server will negotiate all SSL-related functionality, then pass on any requests destined for the Tomcat container only after decrypting those requests. Likewise, Tomcat will return cleartext responses, that will be encrypted before being returned to the user's browser. In this environment, Tomcat knows that communications between the primary web server and the client are taking place over a secure connection (because your application needs to be able to ask about this), but it does not participate in the encryption or decryption itself.
  I'm running running Tomcat as a Servlet/JSP container behind Apache 1.3.33 web server.
  So all SSL requests are handled by apache web server, but the problem I'm facing is that if i request any jsp page using https (ssl) i get plain text and it's not handled by tomcat!
  i have a test page called test.jsp:
  <html>
  <head>
  <title>JSP test page</title>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body>
  <p>2 x 2 = <%= 2 + 2 %>
  </p>
  </body>
  </html> If I request this page using normal http request I get my results fine:
  2 x 2 = 4
  but if i request the page using https (ssl) I get a clear plain text of my jsp file content like this:
  <html>
  <head>
  <title>JSP test page</title>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body>
  <p>2 x 2 = <%= 2 + 2 %>
  </p>
  </body>
  </html> Now how do I fix this problem and make apache passes the jsp file to tomcat if the request was https (ssl) and not send me cleartext of my file content!
  Many thanks
  Anatolia

• Does Java 6 support SSLIOP in Java orb?

  I have Java orb clients connect to server in TAO orb CORBA. Now I want to change the java orb clients to use SSLIOP (SSL in orb) to talk to the servers written in SSLIOP.
  The question is, does Java 6 supports SSLIOP ? if yes, where are the documents and samples I can take a look to get started.
  Thanks in advance.

  http://java.sun.com/javase/6/webnotes/features.html
  I can't see any ORB enhancements at all.
  I suspect Sun is leaving SSLIIOP for the ORB and J2EE vendors.