I have a site built in angularjs and working with prerender.io and with a SSL certificate from rapidssl and everything work fine...
Except from Facebook that is not showing the right information for the page.
When I open Facebook crawler
Can't validate SSL Certificate. Either it is self-signed (which will cause browser warnings) or it is invalid.
And is not recognizing the values og:url, og:type, og:title, og:image, og:description, fb:app_id
It was working in the past, but it stop working I don't know why.
I googled and I concatenated my ssl.crt and my intermidiate.crt but without result.
My page is: https://www.granojo.com/video/10432
Your cert center isn’t providing an intermediate certificate as it should in the TLS handshake. Here is a solution how to chain your certification:
https://victorlava.com/how-to-fix-curl-60-ssl_cacert-cant-validate-ssl-certificate/
Related
i'm looking for a solution for 4 days but i have found nothing.
What i want is to get an access token from my Identity Server with a client_credentials grant_type. I found that you can do this but nowhere is explained how to make the certificates, how the request is made etc.
I tried a lot of ways but with no success.
From the documentation:Our default private key JWT secret validator expects the full (leaf) certificate as base64 on the secret definition. This certificate will then be used to validate the signature on the self-signed JWT . That base64 is the content of the .cert file i believe. On the request should i put the .pfx file in base64 too?
Are there any changes that i need to make on the program.cs file for the Kestrel? I found this too, but all are outdated and doesn't work.
Now i'm trying with postman, after this everything should be called from an Azure Logic App.
I followed this example : but doesn't work.
The error:
Postman:
Program.cs
And the Config.cs from Identity
I will be very glad if you can help. Thanks in advance
As said you can use a client secret instead of a client certificate which is more common/easier. If you really need certificate authentication: I found more information on http://docs.identityserver.io/en/latest/topics/mtls.html
I have spent a bit of time making this and it works well locally but on the server it breaks due to the below error. The API I am using seems to be on an insecure 'http:' address so the browser won't allow it's connection as my website is on an 'https' address. Is there any way to get around this with some kind of proxy/heroku thing?
Github
The broken app website
Mixed Content: The page at
'https://agwebdesign.net/react/petadoption/' was loaded over HTTPS,
but requested an insecure script
'http://api.petfinder.com/pet.find?key=920cf4ddd938497ba32bef47b7f35080&format=json&output=full&location=Seattle%2C%20WA&animal=&breed=&callback=jsonp_jfg1sgfprug5jl1'.
This request has been blocked; the content must be served over HTTPS.
This is what worked for me on react 16.12 hosted on vercel with a backend using an insecure 'HTTP:' address
Step 1. Go to the website's information section (the "i" button on the left-right corner, beside your URL)
Step 2. Scroll down to the "insecure content" and choose "allow" from the dropdown
step 3. Refresh your page and you're good to go
Why would you want to do this? You should be using HTTPS everywhere. With tools like Let's Encrypt there's no longer any excuse not to.
In any case, that particular URL seems to also be served over HTTPS. Simply change the protocol from http:// to https:// and it should stop getting blocked.
We are trying to add naked domain redirect to our custom domain. I followed the instructions on https:/ /support.google.com/a/answer/2518373?hl=en
but when I change the domain to redirect from:
http:/ /app-id=,domain=.example.io (which was auto filled)
to http://www.example.io, I get an error saying:
"""
Server error
We are unable to process your request at this time, please try again later.
"""
I'm not able to dig any deeper into the error or what is happening. My A records on the DNS provider point to the IP address specified by the App Engine. I also have SSL on this app, and https://www.example.io works fine. Its only https://example.io that gives me "Error code: ERR_CONNECTION_CLOSED" error.
It seems SSL on naked domains is not currently supported by App Engine. We have a similar issue, so our naked domain redirects to http://www.~ which then redirects to https://www.~
You might like to take a look at (and star) this issue.
Best free SSL redirect service I found was CloudFlare. To get it working:
Add your domain and switch your name servers to CloudFlare (signup process walks you through it)
Once added goto CloudFlare Settings and down to SSL. Change the setting to 'Full SSL (Strict)' this requires you to have a valid cert on the subdomain your redirecting to (SNI works fine).
Go back to your websites list, select the domain again and on the options goto page rules. Add a 'Forwarding' rule that redirects https://yourdomain.com/* to https://www.yourdomain.com/$1 (replace www with any subdomain), make sure the redirect is set to 301.
Save your settings and sit back and wait for everything to propagate.
Done. Free and secure SSL redirection for your naked domain.
As of September 2015, SSL is supported on naked domains by AppEngine.
I'm building a web service to allow salesforce to call to it, the two way SSL is used for security, and salesforce has provided its client certificate: sfdc-client.cert.
In order to test whether salesforce client certificate work or not, I have setup a very simple web on MAC apache and enable SSL and client authentication on ssl config file /etc/apache2/extra/httpd-ssl.conf as below (use self-signed):
SSLCertificateFile "/private/etc/apache2/ssl/server.crt"
SSLCertificateKeyFile "/private/etc/apache2/ssl/server.key"
SSLCACertificateFile "/private/etc/apache2/ssl/sfdc-client.cert"
SSLVerifyClient require
SSLVerifyDepth 10
The first browsing by Chrome, I got "SSL Connection Error", I supposed it's correct in this case.
Then, I have tried to import sfdc-client.cert to key chain access, but it does not work at all because it just supports p12/pfx format.
I also tried to use CURL:
curl https://test.com --cert-type der --cert sfdc-client.cert
but got the error:
curl: (58) unable to use client certificate (no key found or wrong pass phrase?)
I'm totally newbie on this stuff, does anyone know how to test client certificate to make sure it works as above?
First you need to have both the client's certificate and certificate private key to be able to test 2-way SSL authentication.
To test with web browser, follow instructions here: Is there a way to test 2 way ssl through browser?
I need to make an ajax call to a server which uses a self-signed certificate.
Using the --insecure option does in curl helps in doing so.
But i need to make ajax calls, much like the $http requests in angular js. Are there any headers that can be set so that the error of the certificate does not arise.
There is a very hackish way in which you can point your browser in the direction of the server resource. This will prompt you to proceed with caution and upon proceeding anyway (try it with Chrome), your queries to the server should now work since the browser will now remember that that particular certificate is okay. I had this issue in the last project I worked on with self signed certs.