I have this error "authentication methods aren't supported by server" when i try to configure SMTP in an android device. In ios it works perfectly using MD5 Challenge.
I tried to enable CRAM-MD5, DIGEST and LOGIN but it still gives me that error.
I tested every port available. I´m using Plesk 12 with Postfix and Dovecot.
After a research i´ve found that my Postfix configuration was blocking plain login in postfix/main.cf with the parameter:
`smtpd_sasl_security_options= noplaintext`
I think this should be a standard to prevent man in the middle attacks.
Plain text should be only used in combination with TLS/SSL cipher.
Related
Is it possible to read the server TLS certificate in the BrowserComponennt (specifically the public key)?
No. You can probably use native interfaces to do that...
But I'm assuming that what you're trying to do is verify the server to protect against some attacks specifically through certificate pinning. Is that correct?
If so check out the certificate pinning section in the developer guide here; https://www.codenameone.com/manual/security.html
I'm creating a VS Code extension with a webview that contains a React application. In the React code, I'm making a GET request to a REST API, but it keeps failing due to the following error:
Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID
Any ideas on why this may be happening or a workaround? Maybe this is a restriction of webviews?
If I make the call in the extension code, it works fine.
I upgrade the version of my browser to the latest and it worked me.
find this below given link to know how to update browser version.
https://www.computerhope.com/issues/ch001388.htm
Assuming that you get this error about the certificate of the remote side (the one serving the REST API), you get this error because of one of the following:
the authority that signed the certificate is not recognized on the client side (ie : the authority is not installed on your PC)
the certificate has expired
your PC has a wrong date
You can correct the above, or as a workaround you can (depending on your tools) explicitly ignore the untrusted remote certificate. But this workaround should remain for test purpose only, as it is a security breach.
I just downloaded the latest version of xCode (9.0 beta (9M136h)).
However, when I try to make a request to my server in iOS 11 simulator (Using NSURLConnection sendAsynchronousRequest), an error is received:
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9807)
NSURLConnection finished with error - code -1202
NSError object contains the message - #"NSLocalizedDescription" : #"The certificate for this server is invalid. You might be connecting to a server that is pretending to be “***” which could put your confidential information at risk."
The plist contains:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
so it is not the problem in this case (I guess)
Needless to say that it is working in iOS 10/9/8
Any suggestions?
Thanks in advance!
You need to allow your application to run HTTP (no S) connections. By default, Apple only allows HTTPS:
go to your info.plist
then press the plus icon on any of them
Search for "App Transport Security Settings"
click the little arrow to the left and find "Allow arbitrary loads", by default it is set to "NO" change it to "YES"
For all of you who get this error in iOS 11, please make sure you're working against valid (secured) certificate in your server.
In our case, the certificate wasn't strict enough.
Once our server guy integrated new valid certificate, the problem has gone.
One way to check if the certificate is secured, is to past the problematic link in the browser.
As a result, you might see that the connection is not secured:
Since you've got an invalid certificate error, I'll make the following suggestion based on my personal security practice.
If you're still in your servicing terms with your CA, ask them to issue a new valid certificate for you.
Check your Keychain setting and make sure no CA cert is missing.
Alternatively, you can issue your own self-signed certificate for testing purposes, and add it to your local Keychain as trust anchor. A search for "how to create self-signed x509 certificate" will return something you might find useful.
I am not able to connect to https://test.salesforce.com/services/oauth2/token form SoapUI (ver 5.2.1). I have tried the PRO version and other older versions (4.6.xx) as well.
I can access the website from the web-browser. The GET to this URL gives me the response where as SOAPUI says HttpHostConnectException connection to https://test.salesforce.com/ refused.
I have checked that there is direct connection available from my PC to this address. I have tried adding https.proxyHost and https.proxyPort settings in soapui.vmoptions and sopaui.bat but of no use.
I have also tried playing around with Preemptive Authentication settings in SOAPUI without success
My organization has firewall which has white listed this address. I have also confirmed that firewall settings does allow to connect thru non standard clients (such as ApacheHttpClient).
If I use a Java Program using URLConnection using the proxy, it works.
At this point it seems to me that SOAPUI is not honoring the proxy settings.
Please share if anyone has similar experience and how did they resolve it.
Regards
Ash
I'm using kerberos 1.5.0.3 api to develop an authentication system similar to kinit command.
I have two systems, one which has only IPv4 and the second one having both IPv4 and IPv6 (but IPv6 is unconfigured on this client, but configured on server)
This functions works fine on the first machine and doesn't work on the second machine.
The first type of error when kerberos cache is not present is thrown by krb5_get_init_creds_password: 96C73ADC
When I manually do kinit and suppose the ticket is valid, then I try stuff out I get the error 96C73AB9 by the krb5_get_renewed_creds() call.
I referred to the error codes here: Kerberos Error Codes
Any help is much appreciated even though I'm familiar with Kerberos API, this is my first attempt in writing code which will work on multiple kinds of environments.