Re: HTTPS and certificate trust
Hello everyone. I read a lot of posts in this forum on the theme of the HTTPS and I think I understand the different ways to obtain certificates on a device to avoid the message "you are trying to open a secure connection, but the server certificate is not approved.".
My question is whether it is possible for an application to trust all certificates via APIs, in order to avoid the certificate trust whole-problem?
In Windows Mobile and iPhone OS, you can override the logic of acceptance of certificate in the API so that an application trusted all certificates. This is useful in cases where an application needs to connect only to a private server. Is it possible in sib to override the logic of certificate, or certificate statement stuff above, outside of the app? (More precisely, I'm just using a simple object of HttpConnection MDS etc..)
Thank you!
-Tom B.
There is no API that allows you to trust a certificate. This must be done by the user or the administrator of the BlackBerry Enterprise Server.
Tags: BlackBerry Developers
Similar Questions
-
stagewebview problem with https and invalid certificate
Hello
I use StageWebView to display a HTML with https and an invalid certificate, and I find a very strange error. It works well when I install the app on my iPad, but if I force to close the application, and then I open it again, the html page cannot load even if I close and open the application (do not force this time)
Can someone help me please?
Thank you
I solved it with a valid certificate.
I think that apple does not support the invalid certificate.
Thank you
-
When you visit our Web site without using https, they see all of our content as expected. When you use https content does not appear, specifically, youtube videos using the youtube of muse widget. How do we offer a secure site using the https and youtube links (which are themselves secure)? We have a certificate issued by Dreamhost.
The widget is just a nice UI for the YouTube embed code. If you go to the video in YouTube you can copy the embed code (and it comes to https, change if necessary) and then go on Muse, paste and a video widget appears, but he's not the good guy on the options of the user interface of the object within the Muse.
-
When I check the link all that shows is http / / and nothing else. She does several times. I use Outlook for Windows 8.1. I have not tried the links embedded to see if this is a universal or just isolated problem to this email in particular.
You can follow the discussion in the bug.
- bug 1003082 - check/verification link broken in emails for confirming registration accountant Firefox sync if reading mail in Outlook
Please, do not comment in bug reports
https://Bugzilla.Mozilla.org/page.cgi?id=etiquette.html -
Recently, I noticed that some sites like yahoo, google, facebook, bing still show the https and the lock that indicates a secure link/site. However, sites like amazon, ebay, where I need to enter personal and financial information shows the grey world, as I understand is not sure. How can I fix it? I read the posts related to this topic, but none of the suggestions to solve my problem.
Thank you!Hi lisa14, gray globe corresponds to HTTP, because HTTP is not secure. You should see a padlock for HTTPS pages.
For Amazon, I think that they go back to HTTP on the product pages and only use a secure connection on the account and payment pages.
I don't know about eBay, sorry.
-
HP20002D19WM came with no software (cyberlink) key and certificates of authenticity for windows
I just bought the HP20002D19WM, which came with no software (cyberlink) key and certificates of authenticity for windows. I can't use any program cyberlink with a key number to enter. Also if I would give for somereason I wonder in my number of windows I would not be able to since I have ever trevieved it
This is the original factory specifications for your laptop HP 2000-2d19WM. All Cyberlink OEM software should work without key, because it is not mandatory for the installed OEM mass products. Regarding the Windows product key, see Activation of Windows 8 product;
- OEM Activation 3.0 (OA3) at the factory. A digital product key (DPK) is encrypted and installed on the motherboard BIOS during the manufacturing process. Windows 8 will be ignited automatically the first time that the computer is connected to the Internet. With systems activated by OA3, most of the computer's hardware can be replaced without the need to reactivate the software from Microsoft.
-
Automatic logout after inactivity of 180 seconds (http and https)
All of my N4032 and N3024 switches with 6.2.7.2 firmware automaticlly break http and https session after ~ 180 seconds of inactivity. Controls:
line telnet
exec-timeout xdo not work
Does anyone have a similar experience?
Is this a known issue?Looking through the firmware release notes, it looks like it was a known, only http/https problem did not follow the exec-timeout parameter. # Ip http timeout-political order, has been added to 6.2.6.6. I would test change the time-out setting by using the command # ip http timeout policy.
Example of release notes:
Console (config) #ip http idle timeout-political 3600 life 86400
Let us know if it works.
-
HTTP and without using the APN settings
Hello
Is there a way I can get my application, use internet using HTTP and without using the settings APN and GPRS for. Please note that this should work on both BES and BIS.
Applications like Google maps and Facebook on Blackberry using internet, but,.
-They do not need any APN settings
-They don't need to be active GPRS BlackBerry
Thanks in advance,
Naveen
You have a chance to go through this sticky thread.
http://supportforums.BlackBerry.com/Rim/Board/message?board.ID=java_dev&thread.ID=29103
-
ASA (v9.1) VPN from Site to Site with IKEv2 and certificates CEP/NDE MS
Hi all
I am currently a problem with VPN Site to Site with IKEv2 and certifiactes as an authentication method.
Here is the configuration:
We have three locations with an any to any layer 2 connection. I created each ASA (ASA5510 worm 9.1) to establish one VPN of Site connection to the other for the other two places. Setting this up with pre shared keys and certificates that are signed by the CA MS administrator manually work correctly.
But when we try to enroll these certificates through the Protocol, CEP/NDE his does not work.
Here are my steps:
1 configure the CA Turstpoint to apply to the certification authority
2. request that the CA through the SCEP protocol works fine
3. set up a Trustpoint and a pair of keys for the S2S - VPN connection
4. registration form identity certificate CA via the SCEP Protocol with a one time password works fine
5. set the trustpoint created as for the S2S - VPN IKEv2 authentication method.
Now I did it also for the other site of the VPN Tunnel. But when I ping on a host that is on a different location to make appear the Tunnel VPN - the VPN session is not established. In the debugs I see that there are a few problems during authentication of the remote peer.
On the MS that I see that the certifactes of identity for both ASAs are communicated and not revoked or pending state. The certificate based on the model of the "IPSec (Offline).
When the CA-Admin and a certificate me manually based on a copy of the model of "Domaincontroller" connection is successfully established.
So I would like to know which is the correct certificate for IP-Sec peers template to use for the Protocol, CEP and MS Enterprise CA (its server 2008R2 of Microsoft Enterprise)?
Anyone done this before?
ASA requires that the local and Remote certificate contains EKU IP Security Tunnel Endpoint (1.3.6.1.5.5.7.3.6) (aka IP Security Tunnel termination). You can create a Microsoft CA model to add.
If you absolutely must go with the 'bad' cert, there is a command
ignore-ipsec-keyusage
but it is obsolete and not recommended.
Meanwhile at the IETF:
RFC 4809
3.1.6.3 extended Key use
Extended Key Usage (EKU) indications are not required. The presence
or lack of an EKU MUST NOT cause an implementation to fail an IKE
connection.
-
Change the default ports for http and https
Hello
I'm trying to change the default ports for http and https
I have a 506th PIX (which does NOT of NAT)
I have the following: -.
static (inside, outside) tcp 192.168.10.2 601 192.168.10.2 http netmask 255.255.255.255 0 0
static (inside, outside) tcp 192.168.10.2 602 192.168.10.2 443 netmask 255.255.255.255 0 0
access-list acl permit tcp any 192.168.10.2 eq 601
access-list acl permit tcp any 192.168.10.2 eq 602
Access-group acl in interface outside
where 601 and 602 are the http port and https to be redirect to respectively.
I changed the webserver accordingly
I get the error message
"No group of translation not found for tcp src outside:189.x.x.x/50232 dst inside:192.x.x.x/80" (trying to access port 80)
"I also have ' fixup protocol http 601.
I had access to the internal and external web server before attempting to change the default ports
Any ideas where I'm wrong?
See you soon.
I apologise for not thinking correctly.
the static method must be:
static (inside, outside) tcp 192.168.10.2 80 192.168.10.2 601 netmask 255.255.255.255 0 0
static (inside, outside) 192.168.10.2 tcp 443 192.168.10.2 602 netmask 255.255.255.255 0 0
-
Problems with HTTPS and javascript widgets
My HTTP site works fine, but when I switch to HTTPS, I get the following error...
MuseJSAssert: Error calling the function switch: TypeError: E.split is not a function
I have even tried to create a simple page with nothing else than a javascript widget, and I still get the error when you use the HTTPS version.
FYI - I upload my pages using the 'upload to the FTP host.
Muse and HTTPS is not compatible?
It is more likely a problem with your server as a problem of cross-site script because the HTTPS protocol uses a folder or a different domain and browser security mechanisms as long as the server itself remove access to the script so. If there is a specific secure folder on the server, import is your files, otherwise, you will need to set an option in the web interface to allow HTTPs and normal HTTP access to your folder.
Mylenium
-
Hello! I've got CS3 Design Standard - real records and certificate of software license. It was installed on my laptop that crashed and could not be uninstalled. I have now installed it on my new MacBook Pro, but can't get it registered with the serial number. Is it because it has not been uninstalled on the previous laptop? What should I do now? THX!
Maybe this can help someone else... I had to simply properly uninstall CS3 and reinstall again after that. I think what he sort! I also remember having a similar problem with the Mac at work a couple of years back. Not sure if it is the same for CS5/CS6. Here is a link on how to properly uninstall CS3 on Windows XP, Windows Vista and Mac OS. I'm on OS X 10.9.2 but it works beautifully. Remove from Creative Suite 3 and CS3 products
-
The warning im im installation vCenter 4U1 and this becomes:
so if I change HTTPS to HTTP and 446 81 what impact with, will have to be changes on the ESX host or somwhere else?
That's what I want to to:
I think for vCenter, this would not affect (never tested but)-you should just be specifying the https port when connecting to VC always.
Marcelo Soares
VMWare Certified Professional 310/410
Master virtualization technology
Globant Argentina
Review the allocation of points for "useful" or "right" answers.
-
vCenter Question Upgrade (requirement of http and https ports)
Hello
In vSphere Upgrade Guide, the documentation clearly indicates "vCenter Server 4.0 uses TCP/IP Ports 80 and 443, you _cannot _run vCenter Server on the same computer as a webserver using these ports, because this causes conflicts of port.
Now in the vCenter has always allowed me to change the ports by default during the installation, not only do this to avoid conflicts? My current virtualcenter server using ports 80 and 443 for a bunch of websites and I can't move. I don't have another server that has these free ports.
If any of you have changed the default http and https ports during installation (I even do that)? Problems? All comments in general? VCenter even use these ports for? I searched but could not find a definitive answer.
This is a very critical level and I'd rather not start it until I know exactly what to expect.
Thank you!!
Well the port 80 and 443 are generally webservices 80 http 443 https, it is no different with virtual center, they are used for web access to manage virtual machines etc.
and yes I have changed these on a server vc, when access to the content of the web services via the browser enough ":" at the end of the address
change change will require virtual center of service needs to be restarted
-
Hello
I'm working on the preparation of a magazine to the newsstand to newspapers. I need to create the mobileprovisions and certificates for I can get into the designer of the Viewer. I have problems with that. I looked at several articles, and it seems that this must be done in Xcode. Is this true?
Can someone tell me please in the right direction on this subject? I opened up Xcode and it seems complicated to me. I imagine that there is an easier way or I'm missing something.
Any help is appreciated.
Thank you
Do not confuse yourself by following the Apple developer forums. X code does not enter the DPS workflow. If your application is a matter of Multi application, make sure that you publish as "Public and retail sales" of the same producer Folio id / 'Title id"that you entered in your DPS App Builder account.
Now to test the application, you can add up to 100 UDID in your Provisioning portal and then re - download Mobile configuration files, use the new DPS APP Builder and then download the new developer.ipa on your ipad for testing. You should never apply to Apple without testing first.
Maybe you are looking for
-
How long they will hold my phone will provide for collection
Pre-order iPhone 7 began today. I was looking to pre-order it and have it delivered to me but its already a 2-3 week wait on that. I was looking for pick up in a store, but I won't be able to pick up the 16. If I pre-order for the 16th, how the store
-
Detection of position of a secondary monitor
Is there a function that tells me that my secondary monitor is to the left or to the right of the primary monitor? I paint 2D objects on a vi that will monitor is displayed on the primary or secondary, to the left or right and used the bounds FP.moni
-
HP-S5-1014: s5-1014 green blinking on power supply
I have a S5-1014 HP that I'm fixing for a friend. I was told he was "struck by lighting. I know that the mouse and keyboard no longer works which was connected to the computer. I tried pluggin a power cord to the power outlet, but the computer doe
-
Can not put Windows Media says Server unavailable player security?
Can not put Windows Media says Server unavailable player security?
-
Don't let me change my password. Says I have 0 characters and 0 days to change it. Many people receive emails via my email address wrong and I'm not sending them. I need to know how I can change my password.