Trouble Connecting To *Certain* HTTPS (Secure) Sites

Similar Messages

• HH3 slowing down on https secure sites

  Hi I'm not too technically minded so this may be straight forward and I'm missing something obvious so hopefully someone can point me in the right direction. I had posted the issue here before with limited response so tried the tech team via email but that seems to have stalled. My connection is c6 MB and that's fine for where I am. All sites load quickly except for any sort of secure site - payments, membership log ins etc. It happens on 3 different devices running 3 different browsers and with 2 wireless and 1 Ethernet so I'm pretty confident it's in the hub or somewhere earlier in the chain ( but I may well be wrong). If I turn off the hub it clears the problem for a few days maybe a week but then the problem slowly returns with secure sites loading slower and slower until they eventually time out. Whilst it is annoying to have to keep turning it on and off it's more annoying when going through payment processes and then at the last hurdle it alls over or you're not sure if it's completed properly or not. The HH3 is c3 months old and our previous HH2 showed similar behaviour but not quie as often. The response to my previous post reckoned something to do with DNS(?) which is when I tried to raise it with the tech email. I had previously tried the live chat on the BT site but after having been dumped out of chats twice and the responses taking over half an hour at a time this wasn't working as an effective route for me. Any ideas?!

  Hi John I'm not sure how I would go about changing the dns settings and what to? The bit I don't understand is why it happens on 3 different devices all running different browsers and different firewall packages at the same time. Resetting the hub by turning off and on clears the issue on all 3 devices at the same time without changing any setting on the PF, laptop or iPad. They then all start to show the same behaviour at the same time when it redevelops in a few days time. I can't see how they can all gang p on me at the same time and the decide to clear the problem simultaneously, the only common factor seeming to me to be the hub. How might I change dns in a HH3- is it in advanced settings and is there somewhere I can find that would show me the sort of settings they can change to? Lots of q I know and I appreciate I'm not as IT literates I should be so apologies if the above sounds like an idiot (because it is) Thanks for any help.

• Trouble connection to certain wifi APs

  So I've been having trouble connecting to some wifi access points over the last half last year or so. The weird thing is that my notebook stopped connecting to one AP which works for other devices, used to work with the notebook and now it connects to some networks (like eduroam) but refuses to connect to others, like my access point at home. Other distributions and operating systems, like Kali Linux and Windows 8 connect fine to the same access points on the same notebook.
  My hardware is a Thinkpad Edge E325 with this network controller
  01:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. RTL8188CE 802.11b/g/n WiFi Adapter [10ec:8176] (rev 01)
  The kernel is the latest stable 3.16.4 and wpa_supplicant is 2.2-2, but I think it's been happening since somewhere around linux 3.13.x.
  The logs I could gather are useless to me. Here is NetworkManagers  journal output:
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Activation (wlan0) starting connection 'STERNCHEN_Netzwerk'
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) started...
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): device state change: disconnected -> prepare (reason 'none') [30 40 0]
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) scheduled...
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): device state change: prepare -> config (reason 'none') [40 50 0]
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Activation (wlan0/wireless): connection 'STERNCHEN_Netzwerk' has security, and secrets exist. No new secrets needed.
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Config: added 'ssid' value 'STERNCHEN_Netzwerk'
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Config: added 'scan_ssid' value '1'
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Config: added 'key_mgmt' value 'WPA-PSK'
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Config: added 'psk' value '<omitted>'
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) complete.
  Okt 08 12:03:03 thinkpad-ajs124 NetworkManager[1008]: <info> Config: set interface ap_scan to 1
  Okt 08 12:03:03 thinkpad-ajs124 kernel: wlan0: authenticate with 7e:4f:b5:c2:6b:10
  Okt 08 12:03:04 thinkpad-ajs124 kernel: wlan0: send auth to 7e:4f:b5:c2:6b:10 (try 1/3)
  Okt 08 12:03:04 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: inactive -> authenticating
  Okt 08 12:03:04 thinkpad-ajs124 kernel: wlan0: authenticated
  Okt 08 12:03:04 thinkpad-ajs124 kernel: wlan0: associate with 7e:4f:b5:c2:6b:10 (try 1/3)
  Okt 08 12:03:04 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: authenticating -> associating
  Okt 08 12:03:04 thinkpad-ajs124 kernel: wlan0: RX AssocResp from 7e:4f:b5:c2:6b:10 (capab=0x411 status=0 aid=2)
  Okt 08 12:03:04 thinkpad-ajs124 kernel: wlan0: associated
  Okt 08 12:03:04 thinkpad-ajs124 kernel: cfg80211: Calling CRDA to update world regulatory domain
  Okt 08 12:03:04 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: associating -> 4-way handshake
  Okt 08 12:03:04 thinkpad-ajs124 kernel: wlan0: deauthenticating from 7e:4f:b5:c2:6b:10 by local choice (Reason: 1=UNSPECIFIED)
  Okt 08 12:03:04 thinkpad-ajs124 kernel: cfg80211: Calling CRDA to update world regulatory domain
  Okt 08 12:03:04 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: 4-way handshake -> group handshake
  Okt 08 12:03:04 thinkpad-ajs124 NetworkManager[1008]: <warn> Connection disconnected (reason -1)
  Okt 08 12:03:04 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: group handshake -> disconnected
  Okt 08 12:03:04 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: disconnected -> scanning
  Okt 08 12:03:18 thinkpad-ajs124 kernel: wlan0: authenticate with 7e:4f:b5:c2:6b:10
  Okt 08 12:03:18 thinkpad-ajs124 kernel: wlan0: send auth to 7e:4f:b5:c2:6b:10 (try 1/3)
  Okt 08 12:03:18 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: scanning -> authenticating
  Okt 08 12:03:18 thinkpad-ajs124 kernel: wlan0: authenticated
  Okt 08 12:03:18 thinkpad-ajs124 kernel: wlan0: associate with 7e:4f:b5:c2:6b:10 (try 1/3)
  Okt 08 12:03:18 thinkpad-ajs124 kernel: wlan0: RX AssocResp from 7e:4f:b5:c2:6b:10 (capab=0x411 status=0 aid=2)
  Okt 08 12:03:18 thinkpad-ajs124 kernel: wlan0: associated
  Okt 08 12:03:18 thinkpad-ajs124 kernel: cfg80211: Calling CRDA to update world regulatory domain
  Okt 08 12:03:18 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: authenticating -> associating
  Okt 08 12:03:18 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: associating -> 4-way handshake
  Okt 08 12:03:18 thinkpad-ajs124 kernel: wlan0: deauthenticating from 7e:4f:b5:c2:6b:10 by local choice (Reason: 1=UNSPECIFIED)
  Okt 08 12:03:18 thinkpad-ajs124 kernel: cfg80211: Calling CRDA for country: DE
  Okt 08 12:03:18 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: 4-way handshake -> group handshake
  Okt 08 12:03:18 thinkpad-ajs124 NetworkManager[1008]: <warn> Connection disconnected (reason -1)
  Okt 08 12:03:18 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: group handshake -> disconnected
  Okt 08 12:03:18 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: disconnected -> scanning
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <warn> Activation (wlan0/wireless): association took too long.
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): device state change: config -> need-auth (reason 'none') [50 60 0]
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <warn> Activation (wlan0/wireless): asking for new secrets
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <warn> Couldn't disconnect supplicant interface: This interface is not connected.
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <warn> Couldn't disconnect supplicant interface: This interface is not connected.
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <warn> No agents were available for this request.
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): device state change: need-auth -> failed (reason 'no-secrets') [60 120 7]
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <warn> Activation (wlan0) failed for connection 'STERNCHEN_Netzwerk'
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): device state change: failed -> disconnected (reason 'none') [120 30 0]
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): deactivating device (reason 'none') [0]
  Okt 08 12:03:29 thinkpad-ajs124 NetworkManager[1008]: <warn> Couldn't disconnect supplicant interface: This interface is not connected.
  Okt 08 12:03:30 thinkpad-ajs124 NetworkManager[1008]: <info> (wlan0): supplicant interface state: scanning -> inactive
  wpa_supplicant debug logs generated with "wpa_supplicant -dd -Dnl80211 -iwlan0 -c/etc/wpa_supplicant/STERNCHEN_Netzwerk.conf" where STERNCHEN_Netzwerk.conf is
  network={
  ssid="STERNCHEN_Netzwerk"
  key_mgmt=WPA-PSK
  psk="supersecretpassword"
  This problem might actually solve itself, since I'll probably give this notebook away in a few weeks, but I'd still like to find the reason for this.

  Well, that's quite a drastic solution so I've saved it for last (Recovery Mode).
  First, try a system reset.  It cures many ills and it's quick, easy and harmless...
  Hold down the on/off switch and the Home button simultaneously until you see the Apple logo.  Ignore the "Slide to power off" text if it appears.  You will not lose any apps, data, music, movies, settings, etc.
  If the Reset doesn't work, try a Restore.  Note that it's nowhere near as quick as a Reset.  It could take well over an hour!  Connect via cable to the computer that you use for sync.  From iTunes, select the iPad/iPod and then select the Summary tab.  Follow directions for Restore and be sure to say "yes" to the backup.  You will be warned that all data (apps, music, movies, etc.) will be erased but, as the Restore finishes, you will be asked if you wish the contents of the backup to be copied to the iPad/iPod.  Again, say "yes."
  At the end of the basic Restore, you will be asked if you wish to sync the iPad/iPod.  As before, say "yes."  Note that that sync selection will disappear and the Restore will end if you do not respond within a reasonable time.  If that happens, only the apps that are part of the IOS will appear on your device.  Corrective action is simple -  choose manual "Sync" from the bottom right of iTunes.
  If you're unable to do the Restore, go into Recovery Mode per the instructions here.

• Can only connect to HTTPS (secure) sites and can't connect to HTTP sites

  In short I CAN ONLY connect to HTTPS sites, meaning secure.
  I've narrowed this down to an issue regrading my mac book pro and the wireless router.
  Router:
  - not sure of the make model
  - other computers CAN connect to this router and go online
  My Mac:
  - Mac Book Pro
  - OS X 10.6
  - I can connect to other wireless networks just fine
  - I can surf the web for about 10 minutes or so then it blocks ALL http traffic
  and i'm only allowed to https sites
  going to a http site results in a "page is taking to long to respond"
  please anything?

  The router is a Verizon MI424WR
  hope that helps, but i doubt it will...
  just to also clairfy http sites either go really slow then time out only never to come back, https are blazing fast

• I am having trouble connecting at McDonalds & other open sites. The system shows connected but the internal sign on screen fails to display. USING 7

  I open an HP at Mcdonalds. Firefox loads fine and the bar on the computer shows connected to the network. Firefox does not display the Mcdonalds sign in screen. after several reloads and attempts to connect the Mcdonalds sign on screen will finally display. After sign in everything works fine. I have most current version of FireFox . System is new and on Windows 7 Machine is an HP with i7 processor.
  Same version on a thinkpad under XP works fine every time.
  Thanks for any advice you can give
  Mike Wilson

  Is that with your own computer via a wireless connection or with a public computer?
  If it is your own computer then your security software may be blocking data.
  You can reload web page(s) and bypass the cache to refresh possibly outdated or corrupted files.
  *Press and hold Shift and left-click the Reload button.
  *Press "Ctrl + F5" or press "Ctrl + Shift + R" (Windows,Linux)
  *Press "Cmd + Shift + R" (MAC)
  You can try to clear the cache and the cookies from sites that cause problems.
  "Clear the Cache":
  *Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
  "Remove Cookies" from sites causing problems:
  *Tools > Options > Privacy > Cookies: "Show Cookies"

• JSSE: Having trouble connecting to an https URL (certificate problems)

  Hi folks,
  I have a really, really simple Java app that just opens a URL using the java.net.URL class to open a URL ("https://....").
  I can't get it to connect successfully. Here is a history of what I've done so far.
  I was given a cert that's part of a two-cert chain, but not rooted in a recognized CA. I installed it in
  ./jre/lib/security/cacerts file using keytool.
  It didn't work. I got this error:
  javax.net.ssl.SSLHandshakeException:
  sun.security.validator.ValidatorException: PKIX path building failed:
  sun.security.provider.certpath.SunCertPathBuilderException: unable to
  find valid certification path to requested targetDoing some googling I found this article:
  http://blogs.sun.com/andreas/entry/no_more_unable_to_findIf I'm paraphrasing it correctly, it says that the InstallCert app it mentions will hit the server, obtain its cert, and install it in my jssecacerts file as part of a chain so that JSSE won't throw an exception.
  So, I think this means I don't need my original cert. I can run this guy's program and it will get the server's cert and install it in (or first create) my jssecacerts file as part of a cert chain.
  I did this, and now get another error:
  "no name matching disc.paramount-bluray.com found"
  The URL I'm trying to hit is: https://disc.paramount-bluray.com The CN in the cert presented by the server is: disc.paramount-hddvd.comI believe the two names need to match, correct? OK, but if I'm using this guy's program, it's not even using my cert. It's getting the cert from the server and installing it as part of a chain in my jssecacerts file so the name matching in my cert shouldn't matter.
  So, why did this program not properly install the cert chain? Am I missing a step? After running his program a second time, it behaves as he describes. But when I subsequently run my app, it fails.
  Do I need to add all the certs in jssecacerts to the .keystore file in my home directory? Do I need to add the certs in the jssecacerts into my cacerts file?
  Or, perhaps the simpler question is "how do I get my app to successfully connect" to the server?
  Many thanks in advance.
  Vartan

  Thanks for the warning, but I can "trust" the server cert because I know the server. It's a client who will not be acquiring a cert that's chained to a CA's root cert.Then get them to export it and import it into your own truststore. That's the correct solution. Accepting any certificate you receive over the connection that you're trying to make secure via the certificate you receive over the connection you're trying to secure ... doesn't make any sense. Get them to send it to you offline. And put a security design around that process too. If you don't do this step your solution is not secure, because you don't have any guarantee that the certificate came from who it said it came from. The HostnameVerifier doesn't help you with that part.
  I think I want to get the common name (CN) out of the cert that the server presents and compare it to the URL to which I'm connecting. Is this correct?Yep.
  I can't figure out how to get the CN out of the server's cert.X509Certificate.getSubjectX500Principal().getName(), then parse out the CN part.
  How do I get the cert from the SSLSession object that's passed into the HostnameVerifier.verify() method? SSLSession.getPeerCertificateChain().

• WRT160Nv3 trouble connecting laptop using Vodafone secure remote acces

  I have a WRT160Nv3 router installed at home. My home laptops, gameconsoles and iPhone could be connected thru Cicso Network Magic. To get my netgear WGPS606 printerserver connected, I had to disable my windows firewall, connect it with CNM and enable my firewall. This works fine now. 
  Yesterday I got a laptop from my boss. This laptop has Vodafone Secure Remote Access installed in order to connect to (home) networks or with a HSDPA-card. On my homenetwork I can't get a proper connection thru VSRA, Network Magic doesn't see the laptop as a new device so it can't regocnize the mac-adres. I can connect with the windows tool but then my connection is not secured and I can not use my laptop on the company network. I've tried disabling my firewall (as I did connecting the printerserver) but this didn't work. 
  Anybody any suggestions?

  If your Wireless Network is Secured or its an Unsecured Wireless Network ? If you are able to connect to your Wireless Network using Windows Utility then its not the problem with the router. If your Computer has any other wireless Utility and if you are trying to connect to your wireless network using that Utility are you getting any error message while connecting to your wireless network?
  While using VSRA  on your computer are you getting any error message? 
  If you need to know the MAC Address of your Computer then on your computer click on Start - RUN - CMD and click Ok... In the Command Prompt window type "ipconfig /all" and hit enter and under "Wireless Network Connections" you will find the MAC address of your Wireless Network Adapter. 
  So if you have enable the Wireless MAC Filter on your Router then you can Input that MAC on your Router and click on Save Settings. 

• Cisco RV042 - Dual Wan Load Balancing - Secure Site (HTTPS) Trouble

  PID VID :
  RV042 V03
  Firmware Version :
  v4.0.0.07-tm (Aug 19 2010 19:19:50)
  Ever since I setup my RV042 with load balancing using the Dual Wan system I have had trouble staying connected to some secure sites. After doing some searching I found that the potential issue is the IP change mid session.
  "http://www.broadbandreports.com/forum/r25537589-Cisco-RV042-can-not-use-load-balancing-for-some-web-sites"
  Although my interface is significantly different I was able to find the same area in my RV042 admin area however, it doesn't seem to work.
  System Management
  > Dual Wan
  In Wan 1 & Wan 2 I have HTTPS and HTTPS Secondary all forwarded to use Wan 2 under Protocol Binding
  This however has not managed to do anything at all for my network and every computer conneceted experiences the same HTTPS irregularities at some websites.
  I'm sure I must be doing something wrong, but I don't know what it is.
  Both incoming connections are from the same service provider although the plans are different.
  Any help with this would greatly help me stop losing my mind trying to fight with my website control panel for 10 minutes to just login and get something done.
  Thanks

  Any ideas or advice from anyone?

• Trouble connecting to https secure web service using Adobe Livecycle Designer

  I am attempting to use Adobe Livecycle Designer ES2 to create a data connection in a Form to a secure (https) web service and I'm having some difficulty.
  I'm new to Livecycle and have tried searching online for an answer, but the help isn't very clear and the only tutorials online that I can find are ones that connect to non-https services.
  The WSDL I'm trying to connect to is: https://uk.ws.ondemand.qas.com/ProOnDemand/V3/ProOnDemandService.asmx?WSDL
  My questions are:
  Q1. Does Adobe Livecycle support https web service connections? The following link suggests that this isn't possible: http://books.google.co.uk/books?id=yOOcM3Bn4BAC&pg=PA179&lpg=PA179&dq=secure+web+service+w ith+adobe+livecycle&source=bl&ots=jm1GIZflOJ&sig=uLfv5Xda4eXXJl5o_7vBViwU-w0&hl=en&sa=X&ei =WLvIT5P4OujW0QWmv7nDAQ&ved=0CI4BEOgBMAk#v=onepage&q=secure%20web%20service%20with%20adobe %20livecycle&f=false
  Q2. I've managed to consume the WSDL but can only see the body of the XML request for a particular SOAP action. Where can I add the username/password credentials? I've selected "Requires Message-Level Authentication" during the new connection wizard, but it doesn't prompt me at all for these details.

  Hi,
  I tried using SOAP.Connect too..
  But I am facing the same problem.
  Any solution found yet?
  Rgerads, Amith

• Can connect to two secure sites

  I've done some reading on threads where people have trouble connecting to selected sites, but I don't think those solutions apply with this situation.
  I went to a friends , mothers house, to help here with getting her new flat panel iMac on the web correctly and to get her PC laptop on the wireless router that her ISP provided. She had been talking to tech support for some time, and he finally got her partly working, but not everything worked as it should.
  I got her PC and router working but I was stuck with her Mac situation. She has two sites she visits to pay bills. A bank and (as some of the threads also listed ) DirecTV.com. She can get to the sites, but once she tries to login and the address is https: ..... rather than http: the browser stalls. I tried FireFox as well. Same result. I reset Safari. No dice. I even created a new user account, to get a new set of user preferences. No change. Her PC can get to those pages just fine, using the same router, on the wireless side. I tried tossing a few of the security prefs and that didn't change things. I verified nothing was set in her firewall, and even turned it off.
  Here is the kicker... while I was doing this, and she recounted what the tech support guy did, over the phone, as he remote controlled her machine, she mentioned that at one point, she could ONLY get to those two sites, and now they are the only two she can't get to. I suspect he may have been trying some settings, asked her for two sites she goes to, and she mentioned WaMu and DirecTV. Maybe he put them in some DNS screen or host file settings ? I doubt the guy would know how, but you never know. There must be a global setting that might control this. I know it's not the router, or a web browser issue.
  Any suggestions ?

  She is going to a secure website that needs a certificate. Its information is in Safari Help, search under security certificates.
  Same with Firefox where setting are under Advanced>Encryption

• Inspect http issue - unable to browse secure site.

  Hi,
  Current version of the asa firewall is 7.1(2) in which when the inspect http is enabled, while opening secure site like axis bank account or any money market site either blank page display or page can not display error message appear. When i disable this command i am able to access all the secure sites properly. It looks like a bug but in the release not i am not finding any bug related to this issue. Please help me resolve this issue.
  Amit M.

  Thanks for the reply. When i disable http inspection and when i try to open login page for some of the site then this page cannot be display appear. Also i try MSS might get exceeded and found in the show asp drop tcp mss is not showing. But still i create a class for mass exceed and apply it in globle configuration but it does not work. Latter i have to disable the http inspection and it started working. Now the question is while clicking on login butten it will go from http to https page during this shifting of http to https why does it affect the connection when enable http inspection.
  Following is the show asp drop output.
  Please check
  PIXFIREWALL# sho asp drop
  Frame drop:
    Invalid IP header                                          10
    No route to host                                           13
    Reverse-path verify failed                             398846
    Flow is denied by configured rule                 107075
    Flow denied due to resource limitation          35
    Invalid SPI                                                 2
    First TCP packet not SYN                           62706
    TCP failed 3 way handshake                        1211
    TCP RST/FIN out of order                             39
    TCP packet SEQ past window                      1
    TCP invalid ACK                                          1
    TCP packet buffer full                                    209
    TCP RST/SYN in window                               14
    TCP DUP and has been ACKed                      10411
    TCP packet failed PAWS test                         10
    IPSEC tunnel is down                                     137
    IP option drop                                                551
    Expired flow                                                   26
    ICMP Inspect seq num not matched                1057
    ICMP Error Inspect different embedded conn     60
    DNS Inspect id not matched                            4674
    IPS Module requested drop                              8
    FP L2 rule drop                                               22988
    Interface is down                                             8
  Flow drop:
    Flow terminated by IPS                                     16
    NAT failed                                                       13066
    Tunnel being brought up or torn down                514
    Need to start IKE negotiation                            2136
    Inspection failure                                               60

• Firefox repeatedly demands verification of security exception for certain secure sites, no matter how many times I confirm that it is secure.

  Not all secure sites have this problem. There are certificates for these cites in my list of certificates, but they don't seem to work.

  It shouldn't be necessary to make an exception for certificates unless some intermediate certificate aren't send or a site has a self signed certificate.<br />
  It is also possible that your security software is monitoring secure connections and sends its own certificate instead of the certificate from the server.
  Also check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.
  * https://support.mozilla.com/kb/Secure+Connection+Failed

• Problems using https protocol to connect to open a web site

  Hi,
  I am trying to connect to a web site from my java programme. When I try connecting using htpp protocol, I am able to open the web page then I am giving the username,password to login into that web site..its working fine.
  But, When I try connecting using https protocol connection, I am not getting the page opened and after some time I am getting below error
  Exception in thread "main" org.apache.xmlrpc.XmlRpcException: I/O error while communicating with HTTP server: Connection timed out: connect
       at org.apache.xmlrpc.client.XmlRpcCommonsTransport.writeRequest(XmlRpcCommonsTransport.java:244)
       at org.apache.xmlrpc.client.XmlRpcStreamTransport.sendRequest(XmlRpcStreamTransport.java:151)
       at org.apache.xmlrpc.client.XmlRpcHttpTransport.sendRequest(XmlRpcHttpTransport.java:115)
       at org.apache.xmlrpc.client.XmlRpcClientWorker.execute(XmlRpcClientWorker.java:56)
       at org.apache.xmlrpc.client.XmlRpcClient.execute(XmlRpcClient.java:167)
       at org.apache.xmlrpc.client.XmlRpcClient.execute(XmlRpcClient.java:137)
       at org.apache.xmlrpc.client.XmlRpcClient.execute(XmlRpcClient.java:126)
       at com.wipro.bugc.Test1.call(Test1.java:94)
       at com.wipro.bugc.Test1.main(Test1.java:124)
  Caused by: java.net.ConnectException: Connection timed out: connect
  Can anyone please suggest or give sample code to work with https web sites in java.
  I will have to use only https protocol to open any browser as my server only opens the web pages using https protocol
  Thanks in advance

  Hi,
  Thank you for your immediate reply. Please find the below code for your infomationa and please let me know where I am wrong..
  Below is the example we used to connect to "rojects.maemo.org" site and end up with the error I mentioned in the previous topic.
  package com.wipro.bugc;
  import java.net.Authenticator;
  import java.net.URL;
  import java.security.cert.X509Certificate;
  import java.util.HashMap;
  import java.util.Map;
  import javax.net.ssl.HostnameVerifier;
  import javax.net.ssl.HttpsURLConnection;
  import javax.net.ssl.SSLContext;
  import javax.net.ssl.SSLSession;
  import javax.net.ssl.TrustManager;
  import javax.net.ssl.X509TrustManager;
  import org.apache.http.HttpEntity;
  import org.apache.http.HttpHost;
  import org.apache.http.HttpResponse;
  import org.apache.http.auth.AuthScope;
  import org.apache.http.auth.NTCredentials;
  import org.apache.http.auth.UsernamePasswordCredentials;
  import org.apache.http.client.HttpClient;
  import org.apache.http.client.methods.HttpGet;
  import org.apache.http.impl.client.DefaultHttpClient;
  import org.apache.http.protocol.BasicHttpContext;
  import org.apache.http.protocol.HttpContext;
  import org.apache.xmlrpc.client.XmlRpcClient;
  import org.apache.xmlrpc.client.XmlRpcClientConfigImpl;
  import org.apache.xmlrpc.client.XmlRpcCommonsTransportFactory;
  public class Test1 {
      private static void install() throws Exception {
          // Create a trust manager that does not validate certificate chains
          TrustManager[] trustAllCerts = new TrustManager[] {
              new X509TrustManager() {
                  public X509Certificate[] getAcceptedIssuers() {
                      return null;
                  public void checkClientTrusted(X509Certificate[] certs, String authType) {
                      // Trust always
                  public void checkServerTrusted(X509Certificate[] certs, String authType) {
                      // Trust always
          // Install the all-trusting trust manager
          SSLContext sc = SSLContext.getInstance("SSL");
          // Create empty HostnameVerifier
          HostnameVerifier hv = new HostnameVerifier() {
              public boolean verify(String arg0, SSLSession arg1) {
                      return true;
          sc.init(null, trustAllCerts, new java.security.SecureRandom());
          HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
          HttpsURLConnection.setDefaultHostnameVerifier(hv);
      public static void call(String url) throws Exception {
           HttpClient httpClient = new HttpClient();
           httpClient.setHttpConnectionFactoryTimeout(600000000);
          httpClient.getParams().setAuthenticationPreemptive(false);
         Credentials defaultcreds = new UsernamePasswordCredentials("username", "password");
         httpClient.getState().setCredentials(new AuthScope("projects.maemo.org", 443, AuthScope.ANY_REALM), defaultcreds);     
            HttpHost targetHost = new HttpHost("projects.maemo.org", -1, "https");
            System.setProperty("proxySet", "true");
            System.setProperty("http.proxyHost", "xxxx.com");
            System.setProperty("http.proxyPort", "xxxx");
            Authenticator proxyAuthenticator = new HttpAuthenticateProxy(
                      "username", "password");
            Authenticator.setDefault(proxyAuthenticator);
            XmlRpcClient rpcClient = new XmlRpcClient();
            XmlRpcCommonsTransportFactory factory = new XmlRpcCommonsTransportFactory(
                      rpcClient);
            factory.setHttpClient(httpClient);
            rpcClient.setTransportFactory(factory);
          XmlRpcClientConfigImpl config = new XmlRpcClientConfigImpl();
          config.setServerURL(new URL(url));
          config.setEnabledForExtensions(true);
            config.setEnabledForExceptions(true);           
            config.setBasicUserName("username");
            config.setBasicPassword("password");
            rpcClient.setConfig(config);      
            Map<String, String> loginMap = new HashMap<String, String>();
            String bugzillaUserName = "username";
            String bugzillaPassword = "password";
            loginMap.put("login", bugzillaUserName);
            loginMap.put("password", bugzillaPassword);
            Object loginResult = rpcClient.execute("User.login",new Object[] { loginMap });
            System.out.println("loginResult.toString() "
                      + loginResult.toString());
      public static void main(String[] args) throws Exception {
          String url = "https://projects.maemo.org/bugzilla_sandbox/xmlrpc.cgi";
          Test1.install();
          Test1.call(url);
          System.out.println("Finished.");
  }

• I can't open my gmail or send gmails on Firefox. I can read and send gmails on other servers. It started when I was using a hotels wireless connection. Firefox said that this was not a secure site and asked if I wanted to overide it. Since then I have

  I cannot open my gmail nor send any gmails on Firefox. My wife also has gmail and she has no problem on firefox opening or sending her gmails. Also, I cannot access my settings. It started when I was at a hotel last Friday using their wireless connection. When I turned firefox on, which automatically goes to gmail, firefox would not open my gmail as it stated that this was not a secure site. I probable did something incorrectly and I got blocked out. All my other bookmarks work fine. I can access my gmail using other servers. Please help. Thank you.
  == This happened ==
  Every time Firefox opened
  == June 11

  how can i open my gmail at mozilla firefox? because i cant open it..

• Unable to connect to any secure sites with any browser

  I am unable to connect to any secure sites. I downloaded Firefox with the hopes that it would fix the problem but it did not. What ever browser I use I cant connect to any secure sites. All of the other pages load correctly.
  I have a PC notebook that I tried to load the same sites it worked fine, so I know that it is not a connecting problem.
  emac Mac OS X (10.4.6)
  ibook   Mac OS X (10.2.x)  

  Are you connecting via dial up or high speed through a router? If that latter, check the firewall settings of the router. I have my router set to medium (high, medium, low, & none) and it works most of the time. But occationally I get to sites that won't load and setting the router (temporarily) to low usually allows me to access those sites. So perhaps this is your issue.
  I think there are ways to add those sites to router security lists or "services" that will now let them through with the higher security settings, but I need it so rarely I haven't bothered to figure it out yet.
  Patrick