ERROR:(You can't able to connect server without SSL certificate)
I have to use fullchain.pem file. How can I use that fullchain.pem file in my project to access the server and retrive the secure information from the server(fullchain.pem file was given by my backend team)
Please help me...
Advanced Thanks
Related
I am trying to implement Elasticsearch 5.x with https(using Safeguard) and NEST client.
I am failing on, how to generate a X509certificate of Elasticsearch installed in server.
Found some code in below link how to create a NEST connection to Elasticsearch with X509 certificate.
How to use X509 certificate with the Nest Elastic Client
But I have no idea how to achieve this. I need to know how the below things:
How to generate a X509 certificate of Elasticsearch 5.x(Elasticsearch installed in a server and is accessible through some url like https://elas:9300)
What could be the value for "path_to_cert" in the above link's answer(I understood it is the path to X509 certificate file). It need to be a shared path or that certificate need to be included in application
I tried searching all the web and still no idea. Please help on this.
Thanks in advance.
Your question is not clear if it is about the Elasticsearch server to configure, or only the client. Is the server already running with SSL (is it reachable at https://elas:9300 ?). If no, then you need to create a java keystore containing a self-signed certificate (I suppose it's enough for your need). If already running in SSL and your question is only about the client, then store the certificate that you can get when browsing https://elas:9300 in this file that you suggested (path_to_cert)
Since I update to iOS 7.1 I had to start using a secure conexion to be able to download the plist file, I received the following:
Mar 21 09:08:36 xx-iPad itunesstored[98] <Warning>: Could not load download manifest with underlying error:
Error Domain=NSURLErrorDomain Code=-1202 "Cannot connect to the Store"
UserInfo=0x16ec5500 {NSLocalizedDescription=Cannot connect to the Store,
NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?,
NSLocalizedFailureReason=A secure connection could not be established. Please check your Date & Time settings.,
NSErrorFailingURLStringKey=https://mydomain/myappanme.plist,
NSUnderlyingError=0x16dd7fa0 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “mydomain.com” which could put your confidential information at risk.",
NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x16e04510>,
NSErrorFailingURLKey=https://anything/myappanme.plist}
My server it is configured like this:
We've got a wildcard certificate for *.mydomain.com. We moved it to a new server, and the certificate is valid for all browsers that we have tested. (IE, firefox, chrome, safari...). The certificate is the tipical CRT with a bundle/intermediate certificate from GoDaddy and the key. The https site loads without issues. Apache 2.4 and Linux Fedora 20.
The download to install the app is:
itms-services://?action=download-manifest&url=https://mydomain/resources/myappanme.plist
Posible duplicated questions (try them all)
-)The certificate for this server is invalid
-)iOS Enterprise OTA distribution Unable to Download Application
-)http://www.nefkens-ict.nl/enterprise-build-does-not-install/
Thanks in advance
Try the below link, which will help you solving this certificate problem
http://cases.azoft.com/how-to-fix-certificate-is-not-valid-error-on-ios-7/
No issue in sharing the .ipa or apk file, for quick round, you can use below link to share binary file's, using multiple recipients...
URL:
thebetafamily.com/supersend/
After iOS 7.1 ,if we want to deploy our Enterprise app over air, the URL for the manifest.plist file has to be HTTPS.
For example:
itms-services://?action=download-manifest&url=https://example.com/manifest.plist
In my server I use a self-signed SSL certificate. When I tap the URL on an iPhone, it says Could not connect to <ip-address> and logs the typical
NSUnderlyingError=0x15d37040 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be `<ip-address>`, which could put your confidential information at risk.
So, I want to know whether I can use the self-signed SSL certificate or not?
If I can, how do I resolve the problem the problem I've encountered?
First have the user install the self-signed SSL certificate on their device. Or use a free verified SSL service.
You will need to have the user install this file https://superuser.com/questions/97201/how-to-save-a-remote-server-ssl-certificate-locally-as-a-file
I believe this service provides browser-validated SSL certificates. https://www.startssl.com/?app=1
I'm trying to setup our APNS server. I was looking at the instructions on this page:
http://www.raywenderlich.com/3443/apple-push-notification-services-tutorial-part-12
I'm understanding everything. Problem is that I have a website already SSL enables (SSL terminates at the load balancer) on AWS, following these instructions a while back:
"Public key certificate and private key doesn't match" when using Godaddy issued certificate
The website for APNS is telling me to get a CSR file, etc. But if I already have this SSL certification done, does it mean I have to start from scratch and re-key my key? :( I wasn't able to find information regarding this...
The APNS CSR has nothing to do with any certificates you already have.
You have to create certificates in the developer area of apples websites. You don't install those certificates to the web server... they are only used from the php script on your server to connect to the apple server as a client. Your script has to load them while they run.. but they are not installed in the web server or load balancer.
I'm using the acegi security plugin and I run the app -https. The cert is generated but I get a certificate warning when i visit the web page. I have then download the weak ssl plugin and added weakssl.trustAll =true to Config.groovy. But still getting the same warning. Have I left out anything?
The warning is normal. You can just accept the self-signed certificate. The weakssl module allows the Grails server to trust itself even if it provides a self-signed certificate. It has no effect whatsoever on the client. (Think what a horrible security hole it would be if you could just install some code on the server and get a client to accept a self-signed certificate without a warning!)
To solve your problem you need to either
manually tell your browser the certificate is OK by adding the certificate to your truststore
or
get a certificate from a trusted CA (Certificate Authority) a list of trusted CAs is stored in your browser. To get a certififate from a CA you need to proof your identity and pay (a lot) some money.
so I recommend you just accept the untrusted certifcate unless you want to buy a CA certificate.
The config you changed tells only the server to accept all certificates. i.e. if your server is connecting to another server