How can enable https with fb_ca_chain_bundle.crt for a facebook app in Apache 2 server ?
Basically I have this file, how can I set up my apache 2 to use this cert?
Related
Is it possible whit apache2 and letsencrypt protect a non-ssl web aplication ? like redirect http://port to https all protected whit already instaled ssl certificate.
the web aplication dont have ssl option and is on ubuntu18.
I am working with java ee application where we authenticate via keycloak and during redirect we see AUTH_SESSION_ID in the cookie but after the log out its not there which might be creating problems (multiple redirect issue). SO we want to retrieve that and expire the cookie in the log out page.
update:
keycloak version is 3.4.3
we are using it to secure a java ee application running on wildfly 10
we use keycloak-wildfly adapter.
The multiple-redirect happens after the user is taken to application page after authentication.
(According to https://developers.facebook.com/tools-and-support/ there are Facebook engineers reading this.)
Some of our web hosting customers recently complained about missing images/text when sharing content from their https website to Facebook.
I tracked this problem to a security change in our environment that disabled TLS v1.0 for customer HTTPS sites. The curl output in Facebook Debugger merely showed an SSL connection error and I can reproduce the problem locally if I force curl to not try TLS v1.1 nor v1.2.
These values in Apache 2.4 vhost configuration makes Facebook not connect to my customers site:
SSLProtocol All -SSLv2 -SSLv3 -TLSv1
Changing SSLProtocol to this make Facebook work OK:
SSLProtocol All -SSLv2 -SSLv3
'All' includes TLS v1.1 and v1.2. Why doesn't Facebook link-sharing and the Facebook Debugger work against modern sites that use TLS v1.1 and TLS v1.2 (and have SSLv3 & TLSv1 disabled)?
Thanks.
Currently all traffic is coming to backend servers, which is running on port 80. However we want to redirect some pages to https. This means that whenever the customer hits on login page, logout page present in the website. It should be redirected to https.
When a customer hits on the login button it redirect to https but using haproxy it doesn't work.
https://XXXXXXXX.com/customer/account/login/
We have already installed ssl in both the servers.
However, redirection is not working from http to https.
Please suggest what I should try.
It would be best to use HAproxy to terminate the SSL and talk to the backend servers via HTTP rather than having both HAproxy and the webserver doing SSL.
There is a good SSL setup tutorial here https://www.digitalocean.com/community/tutorials/how-to-implement-ssl-termination-with-haproxy-on-ubuntu-14-04
We develop local apps that redirect to a secure web host which then sends the relevant FB app info to our FB app which in turn redirects back to our web server which redirects back to our local app. The local app stores the relevant FB user info so that user interaction is then posted to FB as per their approval. Everything works perfectly except for our latest project.
Our latest project running in Dubai is having latency issues between FB, the web server and our localhost on its return from the FB app authorisation. When the PHP script execution time was set to 30 seconds the redirect would timeout. We have increased this execution duration and the app works again but the wait is not ideal as ppl are queued in malls waiting to try out the activation.
I see it is possible to setup SSL on the localhost server as per: How do I allow HTTPS for Apache on localhost?
So my question is: Would FB allow this SSL connection or would the certificate have to come from an authority on a certified web server?
I was thinking of using the localhost WAMP server as the web server aswell and setting up its own OpenSSL to try reduce the latency issues.
I never built the original application so does the FB PHP SDK even need to be hosted on a secure site?