Running SSL Protocols on PDA
Hi,
I need to implement a system for personal digital assistants which uses SSL protocols. I am fine with implementing SSL over TCP/IP, however I know very little about PDA and other wireless portable devices. I am desperate for information. I would like to get two PDAs to communicate over SSL session. These PDAs will be wireless. So what technology do I use, where do I start?
Many Thanks
Do your PDAs support the Wireless Application Protocol ?
At the address http://www.wapforum.org/what/technical.htm
you will find several documents about Wireless Security.
Some of them deal with Wireless Transport Layer Security.
Similar Messages
-
Can't access ABS URL and autodiscover.sipdomain URLs externally - SSL protocol error
Problems:
- Can't sync Address Book for external or internal clients (I can do searches however just fine so I'm not sure what protocol is used to perform those, if not with address book)
- Can't connect to Lync mobile.
What I discovered was common with these issues is when I go to try and manually enter in the browser either:
https://lyncdiscover.sipdomain.com/ (to test mobile autodiscover connectivity)
or
https://"extwebservicesURL"/abs (to test address book)
I get same response from google: Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
I also ran Test-CsMcxP2PIM and got this:
TargetUri : https://pitlyncpool01.pit.local:443/CertProv/CertProvisioningService.svc
TargetFqdn : pitlyncpool01.pit.local
Result : Failure
Latency : 00:00:00
Error : ERROR - No response received for Web-Ticket service.
Inner Exception:The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (text/xml; charset=utf-8). If using a custom encoder, be
sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response were: '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.o
rg/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>IIS 7.5 Detailed Error - 500.0 - Internal Server Error</title>
<style type="text/css">
And similar result when I test with "Test-CsAddressBookService"
TargetUri : https://pitlyncpool01.pit.local:443/groupexpansion/service.svc
TargetFqdn : pitlyncpool01.pit.local
Result : Failure
Latency : 00:00:00
Error : ERROR - No response received for Web-Ticket service.
Inner Exception:The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (text/xml; charset=utf-8). If using a custom encoder, be
sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response were: '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.o
rg/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>IIS 7.5 Detailed Error - 500.0 - Internal Server Error</title>
The only search on google that I found on this is to uninstall IIS and Lync web components and reinstall. Which I tried, but Lync web components wouldn't install back (error), so I restored server back from the snapshot and back to square one..
Also tried https://www.testocsconnectivity.com to run test on mobile autodiscovery and got this:
ExRCA is attempting to obtain the SSL certificate from remote server lyncdiscover.sipdomain.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Is there anything else I can look into to find out why am I getting these errors? Maybe to try OCS logging utility? But I don't know which components to checkmark for logging..
Thank you for any help and Happy New Year!
SergeyHi,
It seems the web service url is not valid or the web service not function. Is it Lync Standard Edition or Enterprise? Did the mobility issue also happen for external? Have you assigned a public certificate for reverse proxy correctly?
1. Please go to topology builder and check which FQDN you did put in for internal and external web service. For Lync Server Standard Edition, the internal web base URL should be same with your front end server FQDN.
If the internal domain name is different with external domain name, for example, your internal domain is contoso.net, but your external domain name is contoso.com. The external base URL should use the contoso.com domain name.
2. Please make sure the certificate has been assigned on front end server successfully. Please go to Lync Server deployment wizard to check it.
3. In IIS, please make sure Lync Server Internal Web Site is configured on ports 80 and 443 and Lync Server External Web is configured on ports 8080 and 4443.
More details about configuring reverse proxy for your reference:
http://social.technet.microsoft.com/wiki/contents/articles/9807.configuring-forefront-tmg-2010-as-reverse-proxy-for-lync-server-2010.aspx
If the issue persists, please try to enable logging tool and reproduce the issue to get report for further troubleshooting.
http://blog.schertz.name/2011/06/using-the-lync-logging-tool/
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information
found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
Kent Huang
TechNet Community Support -
Urgent Please..Error while configuring SSL protocol
Hi,
I am facing problems when I am trying to configure my WLS 6.0(on
Win 2000) for SSL protocol.I have used the CSR generator to generate
CSR & I have got a trial SSL id from VeriSign.I have now got the
following files:
hercules-key.der(private key generated by CSR generator)
cert.pem (digital certificate from VeriSign)
When I configured the server console with
Server Key file name =./config/mydomain/hercules-key.der
Server Certificate file name=./config/mydomain/cert.pem
Server Certificate chain file name=./config/mydomain/cert.pem
& restarted the server with the following command:
startWeblogic -Dweblogic.management.pkpassword=<the pwd I gave>
I am getting the following error:
<Mar 19, 2001 11:20:11 AM PST> <Alert> <WebLogicServer> <Security
configuration
problem with certificate file ./hercules-key.der, java.io.EOFException>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:393)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:939)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Please tell me where I went wrong.Do I need to make any more changes
in the console.
Thanks in advance.. SitaThe Server Certificate File Name should point to the cert that establishes
the server's identity.
The Server Certificate Chain File Name should contain as its first member
the cert used to sign the server's cert, the second member should contain a
cert used to sign the first cert in the file, etc. until the last cert in
the chain which should be self-signed. The Server Certificate Chain File
Name is required to have at least one cert in it (and if there is only one
it must be self-signed, ie a root CA cert and it must be the cert that was
used to sign the server's certificate).
If you got the trial cert from Verisign their email to you should have told
you how to obtain a root CA from them to use.
"Sita Mulomudi" <[email protected]> wrote in message
news:[email protected]...
>
Hi,
I am facing problems when I am trying to configure my WLS 6.0(on
Win 2000) for SSL protocol.I have used the CSR generator to generate
CSR & I have got a trial SSL id from VeriSign.I have now got the
following files:
hercules-key.der(private key generated by CSR generator)
cert.pem (digital certificate from VeriSign)
When I configured the server console with
Server Key file name =./config/mydomain/hercules-key.der
Server Certificate file name=./config/mydomain/cert.pem
Server Certificate chain file name=./config/mydomain/cert.pem
& restarted the server with the following command:
startWeblogic -Dweblogic.management.pkpassword=<the pwd I gave>
I am getting the following error:
<Mar 19, 2001 11:20:11 AM PST> <Alert> <WebLogicServer> <Security
configuration
problem with certificate file ./hercules-key.der, java.io.EOFException>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:393)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:939)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Please tell me where I went wrong.Do I need to make any more changes
in the console.
Thanks in advance.. Sita -
Everytime I try to log on to any website that requires a username & password, I receive the following error: SSL protocol has been disabled. I have tried all of the suggested solutions to this issue - but to no avail. I cannot log on to yahoomail. gmail, hotmail, ebay, paypal, or any other site that requires a user name and pass word. Internet Explorer works just fine - and again I have tried all the solutions suggested on the firefox support forum - but none have worked
== URL of affected sites ==
http://www.yahoo.com
== User Agent ==
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.5; InfoPath.2; .NET CLR 1.1.4322)Check your settings on Tools > Options > Advanced > Encryption; see: http://support.mozilla.com/en-US/kb/Options+window+-+Advanced+panel#Encryption_tab
-
SSL protocol disabled followed all tutorioals and support help still no t solved problem
== URL of affected sites ==
http://https://www.nwolb.com/default.aspx?refererident=6AE60AAC922A7B593AC1D5BECC79401772F69A81&cookieid=72259&noscr=false&CookieCheck=2008-06-25T15:19:37You have Shockwave Flash 10.1 r53 installed for Firefox.
-
I have a webpage with an applet. It works fine on my laptop. The webpage with buttons and a textarea and the applet it working fine. But on my PDA I can only see the buttons and textarea. There is no field where the applet should be displayed.
If an applet doesn't work at the laptop, I can see a field where the applet should be displayed with a red cross. But this field is not on my pda screen.
So I went to other sites with applet's and at these websites I had the same problems.
I am running CrEme 3.25 on my PDA with Windows Mobile 3.0. CrEme 3.25 you can compare with[b] JVM 1.1.8 someone told me.
Is it possible to run applets on a PDA. Which java version do I need and where can I download the java version for pda which supports applets.While native Applets running within PocketIE is not supported, you can run an appletviewer with the Personal Profile PocketPC implementation found at:
http://www-306.ibm.com/software/wireless/wsdd/
WSDD 5.6.1 was just released. It does support many configurations/profiles on PocketPC.
/Ken -
[SOLVED] Unknown SSL protocol error in connection
Hi there. I'm trying to get a website with curl but i'm getting this error:
[martriay@atila ~]$ curl -v "https://servicios1.afip.gov.ar"
* Rebuilt URL to: https://servicios1.afip.gov.ar/
* Hostname was NOT found in DNS cache
* Adding handle: conn: 0x20412c0
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x20412c0) send_pipe: 1, recv_pipe: 0
* Trying 200.1.116.53...
* Connected to servicios1.afip.gov.ar (200.1.116.53) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to servicios1.afip.gov.ar:443
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to servicios1.afip.gov.ar:443
And when i try with SSLv3:
[martriay@atila ~]$ curl -3 -v "https://servicios1.afip.gov.ar"
* Rebuilt URL to: https://servicios1.afip.gov.ar/
* Hostname was NOT found in DNS cache
* Adding handle: conn: 0x8032c0
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x8032c0) send_pipe: 1, recv_pipe: 0
* Trying 200.1.116.53...
* Connected to servicios1.afip.gov.ar (200.1.116.53) port 443 (#0)
* Unsupported SSL protocol version
* Closing connection 0
curl: (35) Unsupported SSL protocol version
That's from my archlinux server, while on my desktop's fedora it works just fine. Both computers are within the same network.
openssl version:
[martriay@atila ~]$ openssl version
OpenSSL 1.0.1e 11 Feb 2013
openssl connection attempt
[martriay@atila ~]$ openssl s_client -connect servicios1.afip.gov.ar:443
CONNECTED(00000003)
write:errno=104
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 322 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
If I add the -ssl3 option:
[martriay@atila ~]$ openssl s_client -connect servicios1.afip.gov.ar:443 -ssl3
CONNECTED(00000003)
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO High-Assurance Secure Server CA
verify error:num=20:unable to get local issuer certificate
verify return:0
Certificate chain
0 s:/C=AR/postalCode=1086/ST=Ciudad Autonoma de Buenos Aires/L=Capital Federal/street=Hipolito Yirigoyen 370/O=ADMINISTRACION FEDERAL DE INGRESOS PUBLICOS/OU=Issued through ADMINISTRACION FEDERAL DE INGRESOS PUBLICOS E-PKI/OU=InstantSSL/CN=servicios1.afip.gov.ar
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
Server certificate
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
subject=/C=AR/postalCode=1086/ST=Ciudad Autonoma de Buenos Aires/L=Capital Federal/street=Hipolito Yirigoyen 370/O=ADMINISTRACION FEDERAL DE INGRESOS PUBLICOS/OU=Issued through ADMINISTRACION FEDERAL DE INGRESOS PUBLICOS E-PKI/OU=InstantSSL/CN=servicios1.afip.gov.ar
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
No client certificate CA names sent
SSL handshake has read 3048 bytes and written 485 bytes
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : RC4-MD5
Session-ID: F34244E0C2E402103FC9B7216E504E89761FDAF31CC1AC3A7939BE99AD8D0C57
Session-ID-ctx:
Master-Key: 146C91E59E259AD38C1E7A0B8E5DBEAE2D768622DE4045CD927D60A40FF8CA527A2694E227FEE30CC0909ADE0B72B0C8
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1389232087
Timeout : 7200 (sec)
Verify return code: 20 (unable to get local issuer certificate)
Any ideas?
Last edited by martriay (2014-01-09 14:05:02)Downgrade curl to 7.33.0-3. There is a known bug that is now fixed and should be released with the next version. I got bit by this too
Scott -
Hello,,
I want to ask if the java can support the SSL protocol that used for secure authentication??
Is there apackages that do this function at java??
if there is plese give me the pakcage and how it can be used??Google "Java SSL" and click the first link.
-
Can i run routing protocol with only F2 line card?
Hello. : )
One question.
Can i run routing protocol such as ospf, bgp, eigrp with only F2 modules? (no M linecard)
Thank you in advance : )Hi,
Yes, you can use OSPF, EIGRP, IS-IS, etc...
see link below for more info:
http://www.cisco.com/c/dam/en/us/products/collateral/switches/nexus-7000-series-switches/at_a_glance_c45-689339.pdf
HTH -
Running ssl client from multiple applications fails in Sap j2ee engine
There are two applications making ssl connections to third party.
At a time only one application is able to make connection while other
throws error message <b>"No trusted certificate found".</b>
Currently we have two j2ee applications running in SAP j2ee server. Both applications makes ssl connection to third party servers. Lets call first application as A1 and second application as A2.
A1 is an internet shopping application . It makes ssl connection to third party services at two places . One is while fetching the shipping charges from UPS site.
Code Snippet:
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.getProperties().put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
String lo_url = new URL("https://wwwcie.ups.com/ups.app/xml/Rate");
lo_connection = (URLConnection) lo_url.openConnection();
At other place A1 connects to cybersource service using webservice +ssl for credit card authentication using cybersource API. It uses certificate in p12 format.
Code Snippet:
com.cybersource.ws.client.axis.soap.RequestMessage lo_requestMessage = new com.cybersource.ws.client.axis.soap.RequestMessage();
Properties lo_cybsProperties = new Properties();
lo_cybsProperties.setProperty("merchantId","arvato");
lo_cybsProperties.setProperty("merchantRefCode","1234")
lo_requestMessage.setMerchantID( "arvato");
lo_requestMessage.setMerchantReferenceCode( "1234" );
lo_cybsProperties.setProperty("cybersourceURL","https://ics2wstest.ic3.com/commerce/1.x/transactionProcessor");
lo_cybsProperties.setProperty("keysDir", "./WEB-INF/config");
lo_requestMessage.setBillTo(setBillToAddress(po_mdsBillingAddress) );
// add ship to address
lo_requestMessage.setShipTo(setShipToAddress(po_mdsShiToAddress));
lo_requestMessage.setPurchaseTotals( setPurchaseTotal() );
//set cc details
lo_requestMessage.setCard( setCardDetails(po_mdsCreditCard) );
Set Items and total tax calculation
lo_replyMessage = com.cybersource.ws.client.axis.soap.Client.runTransaction( lo_requestMessage, lo_cybsProperties );
A2 Application
This application connects to Motorola secured web service to fetch details of mobile hand set. It uses keystore to create ssl connection with Motorola webservice.
Code Snippet
try {
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (Exception e) {
e.printStackTrace();
System.setProperty("javax.net.ssl.trustStore","SapWSM.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","xxxx");
System.setProperty("javax.net.ssl.keyStore","SapWSM.keystore");
System.setProperty("javax.net.ssl.keyStorePassword","xxxx");
Problem Cases :
Case 1
Step 1 : Server starts
Step 2 : User access A1 first
Step3: A1 Connects to UPS using https (It is able to connect)
Step4: A1 connects to cybersource using webservice+ssl (It is able to connect)
Step 5: Another user access A2
Step6: A2 tries connection to Motorola webservice over ssl
Result connectivity fails with description "No trusted certificate found".
Case2
Step 1 : Server starts
Step 2 : User access A2 first
Step3: A2 tries connection to Motorola webservice over ssl (It is able to connect)
Step 5: Another user access A1
Step6: A1 connects to cybersource using webservice+ssl
Result connectivity fails with description "No trusted certificate found".
Case3
Step 1 : Server starts
Step 2 : User access A2 first
Step3: A2 tries connection to Motorola webservice over ssl (It is able to connect)
Step 5: Another user access A1
Step6: A1 connects to UPS using ssl
Result connectivity fails with description "No trusted certificate found".Hi Please answer my query it is really <b>
urgen
t</b> and we are not able to run both the applications in same server -
With new java 1.6-15 can't establish connection via SSL protocol
Just after installation Mac OS java version is 1.5-20 and try to lanch our java client to our old server all works fine.
After upgrade Mac OS upto latest version, java upgraded to 1.6-15, but after that I've got error:
Destination unreachable; nested exception is:
javax.net.ssl.SSLHandshakeException: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters.; No available router to destination
afaik, this is because new version java is disable some old unsecured protocols for SSL connections.
But same program under Windows and same java version runs without problems.
How to enable the old protocols for SSL in java for Mac?Hi Gary,
If you have the Orange icon then your client is connected to the DAC server. (If it's red then it's not, and if it's green it's connected and an execution plan is running).
If you have never run any DAC jobs (and if you're just doing the installation then you won't have I guess) then your log will be blank and you'll just get a blank log window.
Have you got any evidence that your DAC server isn't running other than the Log won't download properly?
Obviously if you stop the DAC server then you're going to get an error that the client can't connect to the server :-D
If I were you I'd continue with the installation guide, as it sounds like things are working as they should.
BTW don't forget to mark this and other responses to your posts as helpful/correct as appropriate :) -
Problems running SSL connection using JRUN 4.0/JDK 1.4.2
Hi,
Our project is to run a SSL connection to FedEx. When we test the connection with WebSphere 5.0 test server, it connected and worked. But, when we tested with our environment (JRUN4), exception thrown:
The following are the exceptions:
===========================
socket = (SSLSocket)factory.createSocket("gateway.fedex.com", 443);
causes the error:
java.net.SocketException: Export restriction: this JSSE implementation is non-pluggable.
Which implies that we are trying to use a SSL impementation other than Sun's, which is not allowed in JDK 1.4.x. Googleing for similar cases confirms that creating SSL sockets has been problematic for JDK 1.4.x users in particular.
However, the following code
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
System.out.println("Classname: "+factory.getClass().getName());
produces
Classname: javax.net.ssl.DefaultSSLSocketFactory
This seems to imply that we are using the Sun SSL implementation. So I am not sure what could be causing the error. Have any you ever run into this particular problem before and if so what is your recommendation?
Any idea, thinking is greatly appreciated.
Thank you.I have plenty of HD space (130GB) left, so that's not the problem.
Actually, the amount of free space is not nearly as relevant to the issue as the % of free space. If your HD is over about 50% full, especially doing video, there will be performance degradation compared to an HD that is less than about 50% full. It's the physics of the hard drive. In addition, if you are working on HD video you can easily need 50-100GB per hour of video for working storage & render files. And if you render multiple times, FCE is not good at cleaning up old render files, so multiple renders take more & more disk space. The only effective way to clean out old render files is to manually delete them from your FCE /Render Files folder. And it's nearly impossible to tell which render files are actually in current use, so you end up having to delete them all and then re-render your entire timeline if you really want to free up disk space.
To answer your question about upgrading, yes, once you install Snow Leopard you should be able to update to 10.6.8 via Software Update. That's how I've always done it.
If your black Macbook is the one I suspect it is, the official max is 4GB RAM but it appears it will work with 6GB. Overall, the system specs are on the low side for FCE 4
As for still images, I have generally found sizing them to no more than 2x your video frame size works pretty well. Larger than that, FCE will be discarding lots of pixels to fit the image into your video frame. You need to consider the actual pixel dimensions of your image, not the embedded resolution or dpi. Actual pixel dimensions are what's important. The larger your jpeg image the more pixels will be discarded, so images that are much larger than your frame size are not advisable. -
What is the Chiper suite and TLS and SSL protocol sent by safari browser ver 8 from iOS8
Hello,
I have a production environment where users login in from Ipad/Iphone having Ios8 and safari v8 are not able to log on to the application.
However, on the same Ipad/Iphone when user tries login in with Chrome or any other browser , they are able to login.
I need the following help/information:
1. What is the SSL/TLS protocol version that is supported or used by Apple iOS8.
2. What is the cipher suites of safari version 8
Any information on this would be very helpful.
Thanks,
Parin.Just to recap, this is a collection of ports I have collected over time for people who needed this information when setting up the HP ePrint app so that they could view their email from within the app. I am certain other applications also need this information. Although lengthy, I could not find a more comprehensive place to retrieve this information. Feel free to post additional information, faulty information, or other related topics below as this is simply a collection of data and it would be practically impossible to test all of them. Thank you!
Don't forgot to say thanks by giving "Kudos" if I helped solve your problem.
When a solution is found please mark the post that solves your issue.
Every problem has a solution! -
Disable weak ciphers and support for all SSL protocols prior to v3.
I am very new to Weblogic and I need a little help with the SSL configurations. I received a security audit back and discovered that Weblogic's SSL is running weak ciphers and also supporting unacceptable versions of SSL (we require a minimum of SSLv3 and need to deny connections with anything less). That said, can anyone point me in the right direction for disabling weak ciphers as well as forcing support for SSLv3 and up only for client connections. I am running Weblogic 10.3.
Edited by: David Pulliam on Jan 26, 2011 8:31 AMHi David,
-Dweblogic.security.SSL.protocolVersion=SSL3 —> Using this JAVA_OPTION will allow Only SSL V3.0 messages are sent and accepted. So add the mentioned JAVA_OPTION in the server start script along with the below OPTION:
-Dweblogic.security.disableNullCipher=true
Also you can do the following in your "config.xml" to make sure that the Weblogic will not accept weak and medium weak passwords:
<ssl>
<enabled>true</enabled>
<ciphersuite>TLS_RSA_WITH_RC4_128_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_RC4_128_MD5</ciphersuite>
<hostname-verification-ignored>true</hostname-verification-ignored>
<listen-port>7002</listen-port>
<server-private-key-alias>aliasHere</server-private-key-alias>
<server-private-key-pass-phrase-encrypted>encryptedpassphraseHere</server-private-key-pass-phrase-encrypted>
</ssl>Thanks
Jay SenSharma
http://middlewaremagic.com/weblogic (Middleware magic Is Here) -
Hi,
Earlier we were using SSL 3 protocol for APNS sandbox.
but we have noticed that Its stopped working from last 2 weeks.
When we changed this to TSL protocol, its started working.
In this scenario, Which protocol should be used when we deploy our service to Production ?
SSL or TSL?
are there any recent changes regarding this to APNS?
Thanks in advance.Hi alexburton,
I am using a similar systemconfig and this server.xml entry seems to work.
You probably will modify the port parameter.
<Connector className="org.apache.catalina.connector.http.HttpConnector"
acceptCount="10" allowChunking="true" bufferSize="2048"
connectionTimeout="20000" debug="0" enableLookups="true"
maxProcessors="75" minProcessors="5" port="8443" proxyPort="0"
redirectPort="-1" scheme="https" secure="true"
tcpNoDelay="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
algorithm="SunX509" clientAuth="false"
keystoreFile="/var/tomcat4/.keystore" keystoreType="JKS"
protocol="TLS"/>
</Connector>
ciao
Maybe you are looking for
-
I am not able to save changes of gadgets in my Blogger blog
When I am in the edit layout of my blog: http://www.blogger.com/rearrange?blogID=5691124119466167227 and I move a gadget up or down and then hit the 'save' button, the save gets locked up and I have to exit and the change is not saved. I see in the l
-
Im running 3.1 and Ive noticed that a lot of link are not working. I end up having to click and open in new window. What can be done?
-
Help! Aperture is schizophrenic!
Today I imported a couple of hundred images into a project. Now many (a hundred or two?) images in that project (which has about 4,000 images in it) are REALLY screwed up. Wrong metadata, wrong thumbnails, and wrong images! Some have the right metada
-
Where are the BIOS update release notes - Satellite P300-Q01
I have a Satellite P300 Q01 - there have been two BIOS updates since I bought it W360 and W390. Where can I find the release notes detailing what is fixed/changed in each release? Thanks
-
Is Safari 5.0.1 safe to download?
I got the Software Update alert a few weeks ago, but when I saw some of the horror stories on this discussion board, I was afraid to download it and do the update. Are the problems people are having few and far between, or are the problems with 5.0.1