In my server (production server), I have a goDaddy ssl certificate. I have both iOS and Android apps connecting with the server, iOS connecting with no problems, android with versions 4.* everything is good, but with devices with 2.3.* I always get a SSLHandshakeException. I did exactly like on Android Developers page (https://developer.android.com/training/articles/security-ssl.html). I already saw similar threads here in
Tag: security
Java 7 support of AES-GCM in SSL/TLS?
According to Java 7 documentation as well as third party vendors, it appears Java 7 should support AES-GCM suites: ibm java 7 java 7 ssl doc I was hitting some errors in negotiation between client and server unable to negotiate a cipher due to restricting it to only the AES-GCM ciphers. After investigation I found that it appears that the
Security Framework for Java Swing Applications
Is there a security Framework available for Java Desktop Applications? When I searched on google I saw persons talking about Spring Security, however it seems to be chiefly web-based. I have been using ordinary java code(Login forms, jdbc) to implement User Level security but I am not comfortable programming this way. Thanks for your assistance Answer I have decided to
Are server 500 errors a security issue?
I’ve found that it’s possible to cause 500 errors on a server using curl and a faked GWT-Permutation with a POST payload. The payload is generating a java.lang.Exception on an Apache server. Does this open up a security issue? Should I report it to Google’s GWT support? To clarify the question: Would a significant number of server errors be a
Microsoft ISA Server Authentication in Android
I have an application in Android, in which I were reading files from the remote server, code for reading file is given below; Now all the remote files are behind proxy (Microsoft ISA Server) which required authentication to access the files. Please guide me how I can pass authentication parameters from android to access the files. I have tried the
Web app user authentication with 2 production servers using spring security
Working on the server side of a java based web application (will serve mobile and web clients) and I need to implement users authentication. In production I have 2 servers (duplicated, working against …
Get path from FileDescriptor in Java
Some quick background on my problem: I’m writing a compiler that converts Domain Type Enforcement specs into Java Security Manager code. In a nutshell, DTE defines “types” (objects), assigns paths to those types; then defines “domains” (subjects), and defines what permissions (rwxdc) domains have to various types. I need to emulate this behavior as closely as possible in the JSM.
PKCS#12 : DerInputStream.getLength() exception
I generate a certificate using the keytool command: Then if I try to load it using java security API, after getting the file as a byte[] : I get a DerInputStream.getLength(): lengthTag=127, too big exception. What is wrong? Answer I had this problem and I’ve searched the depths of google and still couldn’t find the answer. After some days battling
how to accept self-signed certificates for JNDI/LDAP connections?
I need to connect to an LDAP directory over SSL. In non-production environments, we use self-signed certificates which, of course, fails to validate with: I am aware of how to use a custom trust manager for SSL-enabled connections, but don’t know how to use one in connection with the JNDI API where I don’t manage the actual connection. That is,