Migrate email from generic IMAP server to Google Apps without SSL - email

We have to migrate a lot of email from an IMAP server to Gmail in Google Apps. Google Apps have a migration tool, but it works only with a server with a valid SSL certificate.
We wouldn't want to do a manual import... someone have a suggestion?

Try using GAMME. It should do SSL w/o a valid cert.

Related

Deploying PWA server with offline support in intranet

I am developing an application that needs to be delivered as following:
PWA application server(Host app/IIS) is installed in the local network
PWA should support offline
Domain SSL not possible on the server as it's not a domain
Un attended installation
No configuration should be forced on the client machine, to change chrome settings etc.
I have tried:
Running from VS, Only works on same machine by design
Published to IIS and tried, works ok on the same machine. Offline does not work on mobile
Self sign SSL is not helping, Offline does not work
One option I found is to host it on our server on the internet, after installation access data from intranet server. Not yet tried this.
Looks like it is impossible to deploy PWA as intranet application with self-sign SSL. Am I missing something ?
Is there a way to automate deployment of PWA with self-sign that supports offline working?

Does SoapUI support PKI/certificate authentication?

Does SoapUI support PKI authentication? I currently have version SoapUI 5.0.0 available to me.
If so then...
What versions support it?
Are any of the versions free?
How do I configure the tool to use PKI?
If anyone can, please assist with details or a link to another forum posting that I cannot find.
All authentication done to the server is done via certificate. I can use HttpRequester plugin with Firefox but find it to be lacking and want to use SoapUI. In order to do so I need to have SoapUI present my cert to the server but cannot find information on how this is done.
Additionally, to be more precise I have .p12 and a .ppk file to work with. What do I need to do to get this to function? I posted this to the SmartBear forum site almost a week ago but have not gotten any response.
The answer to this is (when using SoapUI 5.0.0)
File > Preferences
Click SSL Settings tab
KeyStore: C:\pathToYour\fileName.p12
KeyStore Password: password to your p12 file
Click OK

IBM MobileFirst certificate pinning best practices

We are developing an IBM MobileFirst 7.1 Hybrid mobile application, and planning to use the certificate pinning feature.
We can find information on IBM website about the SSL certificate pinning on IBM MobileFirst website : Here is a post in the IBM Knowledge Center and Here is a tutorial and its sample project/code
All these resources are great, but I have some questions :
Are there any advantages to use native certificate pinning implementation for Android and iOS when my application is a hybrid application ?
If I use the hybrid environment code, will the SSL certificate be included in the wlapp, and then can be updated using direct update ?
Does the hybrid implementation of certificate pinning work on WindowsPhone 8 (Hybrid app for Silverlight environment) ?
In the tutorial video, I have seen that when SSL pinning is ON, and we call a URL outside our server (google for example) it will fail. Does this mean google maps will fail loading if I enable certificate pinning ?
What happen when the SSL certificate is revoked ?
What happen when the SSL certificate is expired ?
What is the best SSL renewal strategy to keep certificate pinning working and the application up while updating our server SSL certificate ?
Please advice
Are there any advantages to use native certificate pinning implementation for Android and iOS when my application is a hybrid application ?
You can always write your own code that does the pinning, or use 3rd party Cordova plug-ins. But none of those assure you the level of support you get by using the provided functionality. Note that you are then limited to the functionality provided (for example, certificate pinning by MobileFirst is restricted to a single destination host and not multiple).
If I use the hybrid environment code, will the SSL certificate be included in the wlapp, and then can be updated using direct update ?
You need to have the certificate in both the client and the server. You do not need to use Direct Update to update the certificate on the client.
The way it works is that you need to only update the certificate on the server, but you must maintain the same public key in case you do update it
Does the hybrid implementation of certificate pinning work on WindowsPhone 8 (Hybrid app for Silverlight environment) ?
As mentioned in the documentation, certificate pinning supports only: "native iOS, native Android, and hybrid iOS or hybrid Android"
In the tutorial video, I have seen that when SSL pinning is ON, and we call a URL outside our server (google for example) it will fail. Does this mean google maps will fail loading if I enable certificate pinning ?
The pinning relates only to requests that are bound to the MobileFirst Server and not to other services.
What happen when the SSL certificate is revoked ?
Requests that are bound to the MobileFirst Server will fail.
What happen when the SSL certificate is expired ?
Requests that are bound to the MobileFirst Server will fail.
What is the best SSL renewal strategy to keep certificate pinning working and the application up while updating our server SSL certificate ?
Because you only need to update the certificat eon the server, you only need to make sure to keep using the same public key as before.

PhoneGap module to detect certificate error (certificate pinning)

How can I detect certificate errors when attempting to access web content hosted on a HTTPS site with a certificate that would generate browser certificate errors or warnings?
It seems that currently the framework does not even send the HTTP request if the communication channel is not secure (i.e. if SSL is not enforced properly [e.g the validation of the certificate’s chain of trust fails])?
Similarly, what would be the best way to enforce certificate pinning?
Cheers
You can write your own PhoneGap Plugin based on the following SO question:
How to pin the Public key of a certificate on iOS
Here's some background on Pinning from the OWASP:
Pinning Cheat Sheet
If you end up writing the plugin, let me know as I'm interested too.
check out this post, which includes a PhoneGap (Build) plugin for certificate pinning, by comparing the server certificate fingerprint with an expected value: http://www.x-services.nl/certificate-pinning-plugin-for-phonegap-to-prevent-man-in-the-middle-attacks/734

facebook update: How to provide an SSL certificate

You must provide an SSL certificate in the Dev App settings to avoid having your app disabled.
https://developers.facebook.com/roadmap/
Do I have to upload my certificates anywhere? Where?
You need to add your certificate to your web server.
For more information about installing certificates, visit this link: https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=SO16226
Find out what kind of web server you're using and follow the instructions. You may need to contact your web hosting administrator for help.
Once the certificate is installed on your web server, you need to enter the https url in the dev app settings, I believe it's called "Secure Canvas URL". That's all that facebook requires of you.