Correctly switching between HTTP and HTTPS using .htaccess

I use something similar to this for my admin folder in wordpress: #redirect all https traffic to http, unless it is pointed at /checkout RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !^/checkout/?.*$ RewriteRule ^(.*)$$1 [R=301,L] The RewriteCond %{HTTPS} on portion may not work for all web servers. My webhost requires RewriteCond %{HTTP:X-Forwarded-SSL} on, for instance. If … Read more

Python Requests getting SSLerror

The certificate itself for (not is valid, but it is missing a chain certificate as shown in the report by ssllabs: Chain issues Incomplete …. 2 Extra download Thawte DV SSL CA Fingerprint: 3ca958f3e7d6837e1c1acf8b0f6a2e6d487d6762 The “Incomplete” and “Extra download” are the major points. Some browsers will have the missing chain certificate cached, others … Read more

Whats an easy way to totally ignore ssl with java url connections?

There is a solution at here which gracefully works for me. Just call SSLUtilities.trustAllHostnames(); SSLUtilities.trustAllHttpsCertificates(); Before your SSL connection. You can also capture more solution by searching Internet for java ssl trustall. Here is the copy of that solution (in case of maybe a broken link in future): import; import; import; import … Read more

Choosing SSL client certificate in Java

The configuration is done via an SSLContext, which is effectively a factory for the SSLSocketFactory (or SSLEngine). By default, this will be configured from the* properties. In addition, when a server requests a certificate, it sends a TLS/SSL CertificateRequest message that contains a list of CA’s distinguished names that it’s willing to accept. Although … Read more

Java: Overriding function to disable SSL certificate check

This should be sufficient. I use this when testing code against testing and staging servers where we don’t have properly signed certificates. However, you should really really strongly consider getting a valid SSL certificate on your production server. Nobody wants to be wiretapped and have their privacy violated. SSLContext sc = SSLContext.getInstance(“TLS”); sc.init(null, new TrustManager[] … Read more

How do you configure WEBrick to use SSL in Rails?

While the scripts directory in Rails 4 is gone, the bin directory remains. You can get WEBrick working with an SSL certificate by editing the bin/rails script. Tested on Rails 4 and Ruby 2.1.1, installed with rbenv. Much of this is from this blog post and this Stack Overflow question. #!/usr/bin/env ruby require ‘rails/commands/server’ require … Read more

SSL Connection Reset

It is an SSL version problem. The server only supports SSLv3, and Java will start at v2, and attempt to negotiate upwards, but not all servers support that type of negotiation. Forcing java to use SSLv3 only is the only solution I’m aware of. Edit, there are two ways to do this that I’m aware … Read more

Tomcat Server/Client Self-Signed SSL Certificate

Finally got the solution to my problem, so I’ll post the results here if anyone else gets stuck. Thanks to Michael Martin of Michael’s Software Thoughts & Ramblings I discovered that: keytool by default uses the DSA algorithm when generating the self-signed cert. Earlier versions of Firefox accepted these keys without problem. With Firefox 3 … Read more

Java and HTTPS url connection without downloading certificate

The reason why you don’t have to load a certificate locally is that you’ve explicitly chosen not to verify the certificate, with this trust manager that trusts all certificates. The traffic will still be encrypted, but you’re opening the connection to Man-In-The-Middle attacks: you’re communicating secretly with someone, you’re just not sure whether it’s the … Read more