Highest Voted 'ssl' Questions - Software Engineering Stack Exchange

21

votes

2 answers

Has anyone ever claimed a warranty on an SSL certificate?

SSL certificates often advertise varying amounts of warranties or guarantees, for example $500,000 or $1m. My question is, in the history of SSL, has anyone ever actually successfully claimed one of these warranties? Has there ever been a case? If…

asked Oct 29 '11 at 09:01

Tom

681
6
15

17

votes

7 answers

Why isn't SSL/TLS built into modern Operating Systems?

A lot of the basic network protocols that make up the infrastructure of the Internet are built in to most major Operating Systems. For example, TCP, UDP, and DNS are all built into Linux, UNIX and Windows, and are made available to the programmer…

security operating-systems protocol ssl

asked Mar 20 '11 at 00:15

Channel72

2,475
5
27
28

15

votes

11 answers

How important is an SSL certificate for a website?

I'm bootstrapping my own project, it has a registration/login area (via devise with RoR, properly hashed and salted of course). As I'm using subdomains and I need to access them with iframes (it's justified, really!) I'd need one of those expensive…

security ssl

asked Jul 18 '12 at 08:28

methodofaction

2,163
2
16
12

11

votes

7 answers

Will Authentication over HTTPS Slow My Application?

I am building a web application and RESTful web service. I have been reading various articles about the best way to authenticate the requests to the web service. The best option for me seems to be to use HTTP basic authentication. Pretty much every…

web-services rest authentication ssl https

asked Feb 05 '13 at 15:57

GWed

3,085
5
26
43

6

votes

3 answers

Login on every page requires SSL on all pages

Our website has a login form that shows up in the header on every page on the website. This is what my boss wants however we need to get PCI compliant and it says any sensitive form (login/password) requires SSL. So does that mean the entire website…

login ssl secure-coding

asked Mar 13 '13 at 17:14

Danny

163
4

5

votes

1 answer

How to configure HTTPS for deployments without a host name

I currently am in charge of networked linux based hardware that exposes HTTP connections. I want to be able to connect to these through HTTPS, but the hardware deployment has 1000's of installations. I've read about problems with self-signed…

security ssl https

asked Mar 30 '18 at 20:13

Bradford Medeiros

201
1
6

5

votes

4 answers

How does SSL relate to the Public Key Infrastructure?

ssl keys

asked Jan 11 '11 at 12:50

JHarley1

701
3
8
13

5

votes

4 answers

Whats safest way to tell if decryption was successful?

I'm making a C program that uses GTK3 (best documentation ever) and OpenSSL (worst documentation ever) to simply encrypt/decrypt a file using a password. The encryption and decryption functions are both working, however if I enter the wrong password…

c encryption cryptography ssl

asked Nov 30 '16 at 01:55

Dellowar

508
3
13

5

votes

1 answer

How is this Java Keystore cert still valid?

I maintain an old Java app that deploys to Tomcat and which uses SSL (and hence a keystore). It is important to note that this app will not even start up if the SSL cert is bad/expired/invalid! Every year the SSL cert expires, and so someone has to…

java ssl

asked Jan 27 '16 at 14:57

smeeb

4,820
10
30
49

5

votes

1 answer

At ping, why do we have to do array copying instead of passing on the source array that the client sent to us?

So I have been googling about this OpenSSL heart-bleed thing and somehow sees that it is caused by the heartbeat extension which requires client to ping the server to show its aliveness and it all comes to this memcpy function in C which is meant to…

c memory array ssl

asked Apr 21 '14 at 08:32

vcharlie

59
2

5

votes

1 answer

Java solution for mutual authentication with smart card

I need to develop a Java solution for mutual authentication between Tomcat 6 (server) and SmartCard "IDGo 300" (client). In order to do this I thought of the following scheme: 1.Tomcat (server) send to SmartCard (client) the request of his digital…

java authentication certificate tomcat ssl

asked Jul 29 '12 at 13:57

xfocus

51
1
2

5

votes

1 answer

Is there a proven concept to website reverse certificate authentication?

We're looking at exposing some of our internal application data externally via a website. The actual details of the website aren't that interesting, it'll be built using ASP.NET/IIS etc, that might be relevant. With this, I'm essentially I'm looking…

web-development asp.net authentication iis ssl

asked Nov 14 '11 at 15:59

Tom

221
1
3

4

votes

1 answer

Where is the OpenSSL documentation?

I've noticed alot of hatred about OpenSSL because of it's lack of documentation. And all advice and guide about the library must be passed around our people in song and story. I always doubt myself, because how could hundreds of people put so much…

c documentation ssl

asked Nov 17 '16 at 02:38

Dellowar

508
3
13

3

votes

1 answer

Is is ok to sign SSL by an authority while developing a web application?

I am currently working on a web application page, my boss sees the changes online while i still make the changes, sometimes the page is shown to some clients in order to get feedback while it's still on development.. At this point i have added a…

ssl certificate

asked Nov 29 '16 at 07:16

Oscar Reyes

143
5

3

votes

0 answers

Securing a REST API based on authentication with external site

I have a website with an already-established authentication system. Once a user logs on to it, one of the features is a statistics application based on AngularJS. The app communicates with an external REST API (built on Spring) that basically just…

rest angularjs spring ssl hmac

asked Mar 01 '16 at 18:34

ctrlz

31
1

Questions tagged [ssl]