I cannot load HTTPS pages - I am getting page not found!
I guess this is related to the server.
What can I do to enable this?
Thanks
You can install this hotfix:
http://support.microsoft.com/kb/968730
Windows Server 2003 and Windows XP clients cannot obtain certificates
from a Windows Server 2008-based certification authority (CA) if the
CA is configured to use SHA2 256 or higher encryption
SSL Port was blocked by the firewall.
I added the port 443 to the windows firewall exceptions (TCP exception) and I managed to access the site using 'https://'
Related
I have a desktop client/server application. Both client and server are developed using Delphi 10.2. Application server has been deployed as a Windows service.
My requirement is to implement TLS/SSL to secure the communication between client and server. For this I have used Indy with TIdServerIOHandlerSSLOpenSSL on the server side and TIdSSLIOHandlerSocketOpenSSL on the client side.
For testing purposes, I have used self-signed certificates.
During testing of this setup , I had to setup OpenSSL on each client workstation. Also, I copied libeay32.dll and ssleay32.dll to the system32 folder.
So part of the problem is:
Could this configuration of client workstations be avoided? My understanding with TLS/SSL is that it is server which needs to be configured to enable TLS/SSL.
Since my testing is based on self signed-certificates, I did not install any certificate on client machine. What is the role of certificates for the client machine?
Does Azure IoT Edge works with Zscaler proxy AND SSL inspection
Indeed, we need to check header information from IoT Edge for security reason which require to decrypt .
IoT Edge run in CentOS or Ubuntu ESX VM and Zscaler certificat can be uploaded in the OS file system
regards
You will need the Zscaler root certificate added to list of root certificates that are trusted by OpenSSL in both the edgeAgent and edgeHub modules. Without that the TLS negotiation will fail with not trusting the certificate chain from any server that they attempt to negotiation a TLS connection with. I have done this. It will work.
How hard is it to enable TFS to start using secure connections, if its not already? Does doing so affect SQL configuration also? How can we force SSL to be required?
Im looking over this reference material
https://msdn.microsoft.com/en-us/library/aa833872%28v=vs.120%29.aspx#DisAd
Reading the above, I get the impression that MS is trying to discourage someone from using SSL for TFS over the internet?
Then I stumbled on to this blocg post
http://www.jwsecure.com/2009/01/29/using-tfs-via-the-internet/
Summary = just get a ssl cert and force ssl and port-forward a high port to 443
thoughts?
Firstly, the MSDN article you posted above shows you the detailed steps on how to set up HTTPS with SSL for TFS. To summarize main steps include:
Install a certification authority, obtain and install a server certificate for servers.
Request, install and configure websites with a certificate for Team Foundation Server using Internet Information Services (IIS) Manager.
Configure Team Foundation Server to require HTTPS and SSL.
Install the certificate on client computers.
You can also check this walkthrough: https://msdn.microsoft.com/en-us/library/aa833873.aspx
Secondly, you don't need to configure SQL Server. But if you have SQL Reporting Service, you need to configure it to support HTTPS with SSL.
Thirdly, to enable TFS to be available with external connections, you need to configure it with HTTPS with SSL. Also with it, web connections to TFS are more secure. However, these process needs more administrator's configuration & maintenance work. So you need to determine whether to use it based on your requirement.
i try to install workflow manager, but while installing i got below error. I search in other site it shows some solution as disable the some services in firewall, i tried for it but it not work.
Please give me some solution over it.
Configuration for Workflow Manager
Management Database SQL Instance SP2012.Goalsr.com\SPMSSQLSERVER
Enable SSL connection with SQL Server instance False
Authentication Windows Authentication
Management Database Name WFManagementDB
RunAs Account Administrator#GOALSR
RunAs Password ***********
Certificate Generation Key ***********
Workflow Manager Outbound Signing Certificate Auto-generated
Service SSL Certificate Auto-generated
Encryption Certificate Auto-generated
Workflow Manager Management Port 12290
HTTP Port 12291
Enable firewall rules on this computer True
Administrators Group BUILTIN\Administrators
Configuration for Service Bus
Management Database SQL Instance SP2012.Goalsr.com\SPMSSQLSERVER
Enable SSL connection with SQL Server instance False
Authentication Windows Authentication
Management Database Name SbManagementDB
RunAs Account Administrator#GOALSR
RunAs Password ***********
Certificate Generation Key ***********
Farm Certificate Auto-generated
Encryption Certificate Auto-generated
HTTPS Port 9355 Port number 9355 specified for HTTPS Port is blocked.
TCP Port 9354
Message Broker Port 9356
Internal Communication Port Range 9000 - 9004 Port number 9002 specified for Internal Communication Port Range is blocked.
Enable firewall rules on this computer True
Administrators Group BUILTIN\Administrators
What is your SQL server instance?
I was using .\MSSQL2012 and received the same error. For some reason it did not know to connect to port 1433 (default SQL server port).
The solution was to use
.\MSSQL2012,1433
I have an application (an installation of Discourse) that I'm trying to deploy. However, the email server that it is pointed at has a self-signed ssl cert for SMTP.
Is there a workaround for this? Or do I need to find a way to send mail using a "valid" SSL cert?
Few things actually care that deeply about a proper cert for SMTP. Mostly user agents.
If the cert is a problem you won't get timeouts, you'll get validation errors. I suspect what's happening is that you're trying to connect over the SMTPS port which isn't listening or exposed by the firewall.
Try using SMTP+STARTTLS. That negotiates TLS over port 25 or 587 instead of trying to connect directly to 465.