How to ignore the error of the certificate - asp.net

Sorry ,my English is poor, I have never speak English after I leave the school.
but now this problem have trouble me for a long days.
My problem: when I open the website which the security certificate is wrong ,then
IE8 show:
===========================
There is a problem with this website's security certificate.
The security certificate presented by this website was not issued by a trusted certificate authority.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website.
Click here to close this webpage.
Continue to this website (not recommended).
==============================
I want to open this website(https) without show this alert page
the method may use "regedit", or change the internet Options, or by code ......and so on.
please help me
thanks thanks thanks

You can do this via regedit. Go to the following key:
HKEY_USERS\<SID>\Software\Microsoft\Windows\CurrentVersion\Internet Settings
And set WarnonBadCertRecving to 0
If it doesn't exist, create a new DWORD called WarnonBadCertRecving and then set that to 0.
Alternatively, make a .reg file containing this and double click to run:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"WarnonBadCertRecving"=dword:00000000

Related

Mixed content warning but nothing in source

My client has a Wordpress site with an SSL certificate. Riht now I'm trying to figure out any solution.
The site address is https://illustro.pl
When entered on the front page you'll get the un secure connection warning.
I've tried to find what causes this with any luck, solutions that have not worked
replace http with https
change all http to https with Mixed Content/Insecure Content SSL
In the process I've also changed all the URLs to HTTPS in the database on sites where the was the need to.
I'iv inspected the site with multiple developers tools all of them show the problem at line one.
At this point any suggestion would be appreciated.
Try the below code placing at wp-config.php
define('FORCE_SSL_LOGIN', true);
There could be multible reasons:
Main reason is currently that your webserver is not sending the full certificate chain (intermediate certificate is missing). That's the current reason why the browser tells you "unknown issuer".
The next reason could be or will be that your certificate doesn't have subject alternative names. Browsers will stop checking for common name in future.

Reset password email is showing up in my junk folder

I have recently setup forgot password functionality on my site using the stock symfony2 implementation.
Problem is my reset password email gets sent to my junk folder.
What causes this? Is it the content of the email itself?
Here it is:
Hello myemail#hotmail.com!
To reset your password - please visit http://application.mysite.com/resetting/reset/yLbv6BLD6ItSlmXSl4tFI7la78Es5UnS1GqvJnN_5uR
Regards,
the Team.
Could it be something in my settings?
There is a lot of possibilities that can cause this problem.
It's most often coming from the server (e-mail) configuration.
Look at the "original message" (with headers) to see if there is no explicit problem, but it's very difficult to debug.
Look at your email configuration (postfix local ? gmail ?), search for working examples and hopes you find the problem, especially if it's your production server.
Good luck
There can be lot of reasons:
you send emails from shared IP segment
to low ammount of text in your message
spammy look sender email address (for example "noreply#...")
subject of message
url thas point somwhere to testing environment (for example 127.0.0.1)
Try to change these, and experiment...

Copied ssl cert to a test site, how do I remove it?

I copied my site to a new virtual server with Softlayer but when I did the the security cert came to. now every time I try to log to my new development site it give warnings saying that the site has taken its cert from another source.
I am using Drupal and cant find where to delete or modify the file to remove this warning.
Any help is appreciated.
https://www.drupal.org/https-information has some information on how to use SSL certs in drupal specifically.
Since you didn't provide the actual error your browser is giving you, I'm going to guess its a domain name mismatch error (like this https://www.digicert.com/ssl-support/certificate-name-mismatch-error.htm ). Basically you will either need to access your site via the domain name that the certificate was signed to, or get a new certificate for your new domain name.
I hope that helps point you in the right direction.

Drupal 7 access denied to admin panel

Migrated a fully-functioning Drupal 7 site and corresponding database to a new server. I am unable to login to the admin side. The error message is: “Access Denied. You are not authorized to access this page.” The username and password has been verified.
I looked at /admin/reports/dblog, the error log shows 2 entries per login. One entry shows the session is opened for the correct username, and the other entry shows access denied and the user is ‘anonymous.’ It is my assumption that Drupal is not able to validate the user so it is assigning the user as anonymous.
I read many forum topics on similar issues. I commented out the ‘$cookie_domain’ in ‘settings.php’, but still nothing. I looked back at the functioning site and saw that 2 cookies are generated: ‘has_js’ and a session ID cookie. In the new site, only the ‘has_js’ cookie is generated (using both Firefox and Chrome browsers). I have verified that the session id is being saved to the session table in the database.
I have looked into modifying ‘php.ini’ (etc/php5/apache2/php.ini) but have not found a solution that saves the session id cookie.
Drupal 7
Linux Server
Ubuntu 12.04
Apache 2.2.22
MySql 14.14
PHP 5.3.10
Uncomment line 340 on settings.php to reflect your domain name
e.g. for localhost
$cookie_domain = 'localhost';
Please note this works for drupal 7 and my php version is 5.6.
Regards,
When migrating drupal installations from server to another there is several problems that could appear.
1) check your file permissions, because sometimes we migrate files from server to another and having different owner:group and this gives serious problems.
2) You need to delete all cache before migrating to avoid having access problems and using wrong urls from cache and so on, in your case you already migrated Drupal, so you need to go to the DB and delete content of all cache_* databases. this could help you.
3) if not you need to look at what php version you have been using and mysql and apache maybe some deprecated functions or so.
I had the same problem, except that I could see the session cookie in Chrome (Settings -> Show Advanced Settings -> Content Settings -> All Site Cookies and Data). The cookie's "Send for" property was set to "Secure Connections Only" and my site was running up on HTTP / port 80. Thus the browser would not send the cookie back to the web.
The problem turned out to be this line in php.ini: session.cookie_secure = 1
When this option is set, PHP will specify that the cookie may only be sent over a secure (HTTPS) connection. This makes it harder to mount a man-in-the-middle attack because the cookie is no longer sent via clear text.
There are two ways to resolve the issue: 1) Switch the site to HTTPS. 2) In php.ini, set session.cookie_secure = 0
I had the same problem. Number 3 from the first answer saved me - I'd recently changed my MAMP PHP version to 5.6 and this seemed to be causing the issue. Reverting back to 5.5 means I can now login.

JMeter NTLM/Windows Authentication Load Testing

What is to be done?
We have an application deployed on the Sharepoint (corporate) Server which uses the windows credentials to log into the application.
App URL format: http://testmachine:1000/sites/test/
Windows Credentials Format: user_id#domain.co.in
The objective is to perform the load/performance testing on the application (especially the log in functionality) for such n number of users.
Normally when I hit the app URL in the Firefox/IE, it pops up a window asking for credentials. I enter the credentials, browse the app and then log out. I intend to capture this in JMeter and simulate this for large number of users.
Where I’m stuck?
Now I start the JMeter proxy server, and then try the same steps as above. But when the pop up window appears, JMeter simply doesn’t record the it nor it does record anything else after the login.
What I’ve tried?
If I try the same steps after enabling “Automatically detect intranet network” in IE, then it simply auto detects my windows credentials (No credentials pop-up), logs me into the app (this is not recorded in JMeter either) and takes me to the home page. And any page thereafter I hit gets recorded in JMeter.
I’ve also tried to use the HTTP Authorization Manager using following parameters:
BaseURL : http://testmachine:1000/sites/test/
Username: DOMAIN\USER_ID
Password: i_wont_tell_you
Domain: \
Realm:
It didn't help. I am quite confused about how-to-use the above element. And not even sure whether its a right approach to get the solution to my problem.
Any help/suggestions?
P.S. I know about a tool called Badboy, but have to go for it as a last resource. Also not even sure if it records the pop windows.
And sorry if the post is verbose.
UPDATE:
I have also tried -
Username: USER_ID and Domain: my_company_domain
But this is not the actual problem. Problem is, when I try to hit the pages (automation) which I've recorded previously return success response even if I haven't used the HTTP Authorization Manager. I'm not sure what I'm missing.
OK. Finally I got what was missing.
First, I had to change the implementation of every request to HttpClient3.1
Second, it was really frustrating to see that JMeter documentation was misleading.
It says that the config file httpclient.parameters, should be edited as following:
http.authentication.preemptive$Boolean=false
But it didn't work. Changing it to true worked like a charm.
Hope this helps other people.
JMeter works at the HTTP layer so the proxy will only capture requests made over this protocol layer. It sounds to me like you have already found the right approach to use for recording by using '“Automatically detect intranet network” in IE', you can use this method to capture most requests and you will have to figure out authentication manually. How you do this depends on how your application communicates with your server to authenticate a user.

Resources