Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
A Java Servlet I maintain uses SSL encryption. I THINK it uses JSSE SSL by Oracle and after the HeartBleed Bug announcement I don't want to be using OpenSSL. Can someone tell me how I can be sure this is the case please?
So far I have found nothing on Google.
This isn't so much about the openssl command (which might not be on your path anyway) than about the OpenSSL library.
If you're using Tomcat, you would be relying on the OpenSSL library if you've set up the APR connector. Otherwise, you'll be using the JSSE (unless you've providing your own SSLImplementation classes, which is very unlikely).
I am not sure if I understand correctly but if you're trying to find out if your servlet is prone to heartbleed attacks and if it is reachable from the internet you might want to take a look at: http://filippo.io/Heartbleed/
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I have upgraded open source hazelcast 3.x to 4.x, in hazelcast 4.x how security can be achieved, I mean group password has been removed from hazelcast 4.x.
Actually, Hazelcast password was never really meant to provide any security. Please check this and this for details.
Hazelcast Security is an enterprise feature and, unfortunately, it can not be accessed in community version.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
In recent discussions on stackoverflow I have discovered that many/most web hosts dont allow java servers to be uploaded as they open ports and create a vulnerability in their system. Without paying extra for a java web host, how is possible to by pass this issue? Can php be used to somehow wrap the java programmed socket, or even write the socket itself in php? This is one method I have heard, but surely the host would look at this no differently than a java written socket- a security threat?
Whilst i'm on topic, how is it that paying more for a java webhost all of a sudden makes their system less vulnerable? Is this just a con to extort a little more by allowing ports to be open if your willing to pay for it, or is their something that i'm misunderstanding?
Thanks
Host it using a dedicated or VPS(virtual private server) below are 2 of my personal cloud/vps providers that i use. You can look around for more but yeah shared hosting in my opinion is for entry thing or when you don't want to have to worry about the underlying platform. If you have a understanding of linux and managing your own servers then i would go for vps all the way.
http://aws.amazon.com/ and https://www.digitalocean.com/
With regards to the PHP part of the question as I stated in my comment if you have ssh access you can run your PHP script php myscript.php though i am not to sure how you would wrap your java service.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I need to download a particular version of the Java JDK, so I'm going to Oracle's website to do so. When I click any of the links to begin downloading a JDK, I get the following error message from my browser:
This is probably not the site you are looking for!
You attempted to reach download.oracle.com, but instead you actually reached a server identifying itself as a248.e.akamai.net. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of download.oracle.com.
You should not proceed, especially if you have never seen this warning before for this site.
Is this normal (i.e., does Oracle use akamai.net to host its JDK distributions), or does this suggest that Oracle or I are being attacked?
Neither Sun nor Oracle has ever used third parties to host JDK downloads in my experience since 1997.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
In January 2014, with the new java update 7u51, the signature of applets and web start application will be required.
Considering that a workaround with self signed signatures wouldn´t fit my needs, I would like to know how much it would cost to buy it from a Certification Authority.
Thanks :-)
In https://author.tucows.com/ they offer 3-year code signing certificates for $195. That was the best deal I could find.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
Is it possible to (safely) start a java program from /etc/rc.local? I'm using Ubuntu Nov. 2011 (Why should I learn what #s the months are?).
If it helps (and can improve specificity), I'm running Minecraft 1.2.5 Bukkit Server, and yes, I have a script preprepared that sets up every thing to start the server (RAM, nogui, set working dir, etc).
Yes you can, try to look at this answer for a generic Java process:
Best way to daemonize Java application on Linux
Then specifically for Minecraft you can read this tutorial, and in particular this chapter.
Yes, you can.
Another approach is to create your own upstart script in /etc/init.d/. Take a look at /etc/init.d/skeleton and if it does make sense, make a copy of it and modify to suit your needs.