I want to perform load test on some of the web services through VS2012. To do that we need to access the URL of the web service, but I am unable to do that since when i try to access the URL its displaying the below message
Your connection is not private
Attackers might be trying to steal your information from 116.50.77.22 (for example, passwords, messages or credit cards).
advanced
This server could not prove that it is 116.50.77.22; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.
Proceed to 116.50.77.22 (unsafe)
How can i handle this, how can i install the security certificate or is there some other way i can access the given URL
This error message appears to be from the Chrome browser when it detects an SSL certificate issue. I assume that the URL for the web service begins with https://116.50.77.22 (secure HTTP).
Normally SSL certificates are issued to a computer host name or internet domain name versus an IP address. You may be seeing this message due to a name mismatch, and instead of using the IP address should use the name specified in the SSL certificate. You can view more details about what is causing the error by manually browsing to the web service URL, and if prompted with the original error choose to "Proceed to 116.50.77.22". You should then be able to click on the padlock icon in the address bar as shown below, and on the Connection tab you should see details similar to those shown. If you see "Server's certificate does not match the URL", click on the "Certificate information" link to view details on the SSL certificate being used by the server. The name you see after "Issued to:" is the name associated with the certificate and should be the name used in the URL. For example if you see "Issued to: M23458" you should use a URL beginning with https://M23458/ to access the web service.
If you see other errors listed under the Connection tab, my advice would be to search Stack Overflow for specific guidance in dealing with each one. You may need to resolve all before you original error message (your connection is not private...) will go away, and each one will require a different set of steps to address.
Related
I was playing with Front Door and did set up a custom domain.
This domain is a Subdomain-delegations to my Azure subscription. Meaning for the domain myCompany.com I do not have access to the DNS settings, but the admin of myCompany set a delegation of sub.myCompany.com to a DNS zone in my Azure subscription. So I have a zone sub.myCompany.com in my account. Meaning I can only create A/Alias for sub.myCompany.com which I set to be an alias of my front-door.
This did work fine and I added the subdomain to my front-door and everything worked fine including using a SSL certificate from my KeyVault.
During playing around I tried using managed certificates and enabled that on the subdomain. And now the domain is stuck at "Domain validation" since a few days:
And I can't change this back because this results in the following error:
Failed to update the custom https configuration
Failed to update the custom https configuration for the frontend host '...'. Error: The requested operation cannot be executed on the entity in the current state.
How can I cancel that state to set it back to my KeyVault certificate?
I guess as this is not a CNAME-mapping it did fall back to e-mail verification and as the TLD is not under my control the mail got lost at the company managing the TLD. I do not have a direct contact with that company as I'm a subcontractor to the TLD's company and that company is also not managing the main domain on their own so it is not that easy to get ahold of whomever could have received that mail. And as the KeyVault certificate was working fine I just want to switch back to that...
I also had the problem that the domain validation was still not completed after many days.
I then opened a ticket in Azure and then the process was terminated in the backend. After that I was able to start the domain validation again and then it worked within 1 hour with the certificate
So my 'enabling' HTTPS stage for my CDN endpoint has been stuck for 3+ days at 'enabling cdn' with the usual message of: a verification request will be sent to the email listed in your domain’s registration record (WHOIS registrant).
Now, I have the CNAME set as you can't even add it if it's not set to the right CDN endpoint. I have cancelled the process and restarted it after 2 days and now at the 2'nd attempt it's been hanging for 3 days.
The issue is the email for verification via the WHOIS will always go to something like protected-by-gdpr#gdpr-protected.com -- some type of placeholder domain as due to GDPR in Europe WHOIS data is no longer available.
This is not like 'WHOIS GUARD' that still leaves a way of getting contact, nor it is changeable, it is by default enforced across all domains as far as I can tell.
Now my questions is, what do I do to enable HTTPS on my custom domain if it doesn't care/look at the CNAME records?
According to this doc, If the CNAME record entry for your endpoint no longer exists or it contains the cdnverify subdomain,
DigiCert also sends a verification email to additional email
addresses. If the WHOIS registrant information is private, verify that
you can approve directly from one of the following addresses:
admin#<your-domain-name.com>
administrator#<your-domain-name.com>
webmaster#<your-domain-name.com>
hostmaster#<your-domain-name.com>
postmaster#<your-domain-name.com>
You should receive an email in a few minutes, similar to the following
example, asking you to approve the request. If you are using a spam
filter, add admin#digicert.com to its whitelist. If you don't receive
an email within 24 hours, contact Microsoft support.
You also could verify the above addresses. As far as I know, some similar domain ownership verifying question such as could not get verified from WHOIS registrant or your domain owner information is not enough exposed publicly so that domain ownership verifying has a failure.
To get fix these issue quickly, you can directly contact Microsoft support. They will confirm the domain information for you. See another similar thread.
I needed to add digicert to my CAA authorities in my domains DNS setting, because I already had a value present, it wouldn't let me issue certificates unless I added that there.
Docusign connect service is not posting data to the url specified in the connect service option. Actually if i resend the data from log it works but it do not works on its own.
Please help me
Thanks
Usually when DocuSign Connect is not publishing to a URL it is caused by one of a few things:
Your server is not listening on the correct port(s).
You are not testing for the correct events.
You do not have the user (sender) configured for Connect.
Your server is not publicly accessible.
Your firewall or network security is not letting the requests going through.
Your server has crashed.
A potential bug with DocuSign Connect.
Possible resolutions:
If testing in DocuSign demo environment (demo.docusign.net) ports 80 (http) and 443 (https) are allowed. If testing in production environment (www.docusign.net) only 443 - https is allowed.
Make sure you are testing for the correct event triggers - this can be confirmed on your Connect settings page. Login to the Console and go to Preferences -> Connect -> (select one of your Connect configurations). On the following page you'll see how to select events that you want Connect to push on, as well as for which users.
Followup answer to 2 - you need to also make sure you have the correct account members enabled for Connect on the Console -> Preferences -> Connect page.
You can not use a localhost address for the Connect URL - it must be a publicly accessible URL.
Your network administrator might have a firewall (physical or virtual) or other security software setup that is stopping the requests from going through. Check your security settings and test that the proper ports are enabled, etc.
Ensure that your server is still up and running and that it hasn't crashed.
Although DocuSign Connect has been around for some time it still occasionally exhibits a bug or two. If not one of the other potential reasons then provide the failure log in your post and someone from DocuSign will follow up.
If you are running into issues with DocuSign Connect hopefully one of the above remedies resolve your issue.
I'm looking for information about authentication but I'm very newbie so I don't know any system.
My requeriments are: An user only can authenticate from one computer/mobile device/tablet.
I'm thinking about a monitoring system of MAC address and when the user connect using other device I can see this like an alert.
What other methods are there? Certificates?.
Repeat, I'm very newbie with this.
PD: My app has been development with framework Symfony2
So first of all MAC address is a network local address, which means that after it goes trough router/switch the MAC address changes, so you cannot relay on this. Even if you wanted to lookup interface MAC addres with your client software MAC's can be changed.
Secondly Certificates give you certain properties like nonrepudiation (you can calculate digital signatures on operations that users do and then the could not deny doing something in your application). But Public Key Infrastructure is really hard to manage! You would need your Certificate Authority to give valid certificates, You would need to monitor and update Certificate Revocation Lists to deny stolen/invalid/forged certificates from being treated as valid and authentic.
If it is not a security centric application and after you analyzed your options I would suggest simple form authentication (username/password/captcha). And write mechanizm that would periodicly (i.e. every second) send an AJAX request refreshing user status, thus you could recognize if user closed browser or has opened window. And in your authentication process you could check for other ACTIVE sessions for given username and deny login or act in some other fashion. If you need more informations about authentication I would recomend looking through security patterns
I have a sharepoint site hosted on windows server 2008 r2 and iis7.
the sharepoint site is hosted on port 80.
when I browse the site by typing the IP of the machine I receive a login window asking for credentials to connect the Machine. after providing credentials another login window asks for credentials to connect to the sharepoint site.
my question is that when a user logs in to a sharepoint site he uses the credentials specified in the active directory, so why in my case I recieve the login window twice ?
thanks
I've seen this before but rough guess:
When a SharePoint site has a reference to a resource held inside another site (not necessarily SharePoint).
e.g.
http://mysharepoint/
contains perhaps an image with the url http://someothersite/images/someimage.gif.
Not necessarily an image, it would be any resource.
Best way to check could be to view source and check to see if there are any urls pointing to outside the site.
Also check for urls starting with https: .
Hope this helps.
Another thought:
Since you're accessing the site through the IP address, maybe its treating your IP address site (http://192.168.1.1) seperately to the actual host headed sharepoint site (http://actualsharepointsite). Therefore the first authentication prompt is for the IP address host headed site and the second is for the actual host header of the sharepoint site.
To eliminate this, I would try (if you have access to these areas):
a) Logon to the actual box, and browse the site on the actual server using its proper host header (might need host file entry and proxy bypass setup depending on your environment). See how many times you're prompted for login details.
or b) In Central Admin, try to setup Alternate Access Mapping from the IP Address url to the actual host headed url.
Sorry if this doesn't help..