Difference between revisions of "HTTPS"

From BC$ MobileTV Wiki
Jump to: navigation, search
Line 20: Line 20:
 
* Testing for SSL renegotiation: https://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html (''SSL renegotation'' is a DDOS vulnerability)
 
* Testing for SSL renegotiation: https://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html (''SSL renegotation'' is a DDOS vulnerability)
 
* Tips for Securing SSL Renegotiation: https://securingtomorrow.mcafee.com/technical-how-to/tips-securing-ssl-renegotiation/<ref>TLS computational DoS mitigation: https://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation</ref>
 
* Tips for Securing SSL Renegotiation: https://securingtomorrow.mcafee.com/technical-how-to/tips-securing-ssl-renegotiation/<ref>TLS computational DoS mitigation: https://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation</ref>
 +
* Apache Web Service -- Best Practice - 301 Redirect HTTP to HTTPS (Standard Domain): https://stackoverflow.com/questions/29029049/best-practice-301-redirect-http-to-https-standard-domain
  
 
* An HTTPS client and HTTPS server demo in Java: https://www.pixelstech.net/article/1445603357-A-HTTPS-client-and-HTTPS-server-demo-in-Java
 
* An HTTPS client and HTTPS server demo in Java: https://www.pixelstech.net/article/1445603357-A-HTTPS-client-and-HTTPS-server-demo-in-Java

Revision as of 13:54, 6 February 2021

HyperText Transfer Protocol Secure (also known as HTTP + SSL and Secure Hypertext Transfer Protocol; commonly abbreviated https) is a Transport-layer security mechanism, most commonly implementing SSL or TSL encryption mechanisms.




Resources


Tutorials

[8] [9] [10] [11] [12] [13] [14]


External Links


References

  1. Way to Ignore SSL certificate using HttpsURLConnection: https://stackoverflow.com/questions/33084855/way-to-ignore-ssl-certificate-using-httpsurlconnection
  2. Skip SSL HostName Verification Java HttpsURLConnection: pankajmalhotra.com/Skip-SSL-HostName-Verification-Java-HttpsURLConnection
  3. Use SSL Poke to test Java SSL connection: https://matthewdavis111.com/java/poke-ssl-test-java-certs/
  4. Connecting to SSL services: https://confluence.atlassian.com/jira/connecting-to-ssl-services-117455.html
  5. TLS computational DoS mitigation: https://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation
  6. Possible switch from Apache Http Client to HttpUrlConnection: https://github.com/android-async-http/android-async-http/issues/75
  7. Securing your localhost for NodeJS Dev environments: https://blog.praveen.science/securing-your-localhost/
  8. Accept server's self-signed ssl certificate in Java client: https://stackoverflow.com/questions/2893819/accept-servers-self-signed-ssl-certificate-in-java-client
  9. Import a certificate to the Java Keystore: https://docs.plm.automation.siemens.com/content/polarion/19.1/help/en_US/polarion_windows_installation/manually_updating_third_party_software/import_a_certificate_to_the_java_keystore.html (including how to remove using keytool -delete -alias mykey -keystore %JAVA_HOME%\lib\security\cacerts -storepass changeit)
  10. Configure a Java HTTP Client to Accept Self-Signed Certificates: https://kb.novaordis.com/index.php/Configure_a_Java_HTTP_Client_to_Accept_Self-Signed_Certificates
  11. To Delete a Certificate by Using keytool: https://docs.oracle.com/cd/E19798-01/821-1751/ghleq/index.html
  12. Convert P7B to PFX with OpenSSL: https://www.lisenet.com/2014/convert-p7b-to-pfx-with-openssl/
  13. How to tell Maven to disregard SSL errors (and trusting all certs)?: https://stackoverflow.com/questions/21252800/how-to-tell-maven-to-disregard-ssl-errors-and-trusting-all-certs
  14. Error Importing SSL certificate - Not an X.509 Certificate: https://stackoverflow.com/questions/9889669/error-importing-ssl-certificate-not-an-x-509-certificate/22028156#22028156

See Also

HTTP | SSL | TLS | Security | SEO