ssl error invalid or self-signed certificate magento image upload - magento-1.7

ssl error invalid or self-signed certificate magento image upload
Any have solution for this error.Please rectify my problem

In my case it was because of .htaccess password protected website. Removing temporarily the password protection fixed the problem.

In the Base URL fields you should enter the unsecure (regular) web site URL and the web site URL for the SSL connections. You can leave the other values unchanged, as they will be set automatically by the script after you enter the Base URL.

In my case this only happened on staging magento servers. They had an HTACCESS file that was whitelisted for the IP and both had the HTTP site listed in the "Secure" and "Unsecure" section of the magento web configuration. Using Firefox, it would fail every single time, trying to upload a product image. The only solution that worked reliably each time was to install and use Chrome.
For some reason, that seemed to solve our issue throughout all of our servers. This error never showed up on our production server that had a real SSL installed.

Related

Redirected to /cgi-sys/defaultwebpage.cgi

I have a cpanel account under directory:
/home/username/
and a single file under:
/home/username/public_html/
which is index.php
which contains:
<?php
header("Location: https://www.facebook.com/.../");
I am using CentOS server and this worked well until today. However now it redirects me to (Default Web Site Page):
username.com/cgi-sys/defaultwebpage.cgi
I am unable to figure out what caused this.
I think there is an issues with your cPanel account setup and due to that you site is not showing content from /home/username/public_html/ directory, Might be there is misconfiguration with the site IP OR DNS, Please try to check your site with temp URL and check it (http://Server_IP/~username/)
If you are using https for your domain please check if your certificate is valid. It might be you have installed a SSL certificate on a shared IP address.

Site certificate fails when I enable https decryption in Fiddler 4

I have a PowerShell script that uploads a batch of files to lingq.com.
I created it the following way: I logged in to the site via browser, and made an upload manually through the web page. I grabbed the request in Fiddler, then duplicated it in PowerShell, including the authentication cookies. I'd just swap out the content of the request and send it. It wasn't pretty, but it worked and saved me an immense amount of time. The only downside was every time I had to log in to the site again, my authentication cookies got invalidated and I had to grab them again. But that I could live with.
They seem to have changed all their communication to https, because now instead of a request to
http://www.lingq.com/learn/ja/import/contents/?add
all I see in Fiddler is
"Tunnel to www.lingq.com/443"
Fiddler also gives me a warning that HTTPS decryption is disabled. When I enable it, and start capturing, Firefox gives me a certificate error when I try to access the site (or any other site that uses certificates, including Google):
www.lingq.com uses an invalid security certificate.
The certificate is not trusted because no issuer chain was provided.
(Error code: sec_error_unknown_issuer)
My script is now completely useless, every request I send returns the login page. And because of Fiddler messing up the certificates, I can't further reverse engineer the site to mimic the requests correctly.
How can I make https decryption work in Fiddler? Alternatively, is there a way my script can properly authenticate itself on the site? I have tried the steps described here:
How to make an authenticated web request in Powershell?
It didn't work at all. My guess is some sort of federated authentication is in place, but frankly I'm completely out of my depth here.

Redirect HTTPS to HTTP With SSL Certificate Already Removed from CPanel

I want to ask something. I have an online store. My online store uses SSL for the entire website. I also get backlinks with https:// link. Now I do not use SSL again and wish every time people click on the link https will go to http. I've removed the SSL certificate from my CPanel. I've tried several .htaccess and php code, but none of which succeeded. Please help me, thank you. Here's some code I tried:
.htaccess HTTPS to HTTP code: http://pastebin.com/uDuB1S5K
PHP HTTPS to HTTP code: http://pastebin.com/UsDQnB8v
That became my problem is .htaccess and PHP code above always detect website's SSL, I want the code to detect whether the page is opened using the url http or https, not using SSL/not.
Note: The redirect is 301.
Thank you very much for your help.
Regards, Darnin.

Need to set up SSL for facebook site apps to work, any suggestions? I do not need to protect passwords or anything

facebook is forcing apps to use HTTPS, i have been looking in to openSSL, but i really cannot get my head around on how to install it, i am using godaddy and it runs on a linux server, i dont think i can execute from any command line.
I need to have a valid HTTPS link, a self signed certificate it OK, but i cannot seem to get one up on GoDaddy, can i redirect all HTTPS to HTTP, would that work? via .htacess
Any suggestions are welcome!
I had the exact same problem Yesterday, and quickly found a way around this without having to move my application to a server with SSL.
Facebook only validates the starting URL to be https://..... however, you are not forced to use ssl from there on forward. Thus I simply created a free Heroku account (you can use any other hosting provider that supports SSL) and added a index.php file with the following code:
<?php
header( 'Location: http://my.app.url' );
When the IFrame is loaded, it will automatically redirect to your application hosted on a non-ssl server and will work without any problems.
For more information you can check out my blog post http://www.xethron.co.za/building-a-facebook-app-on-a-host-without-https-ssl-support

Redirecting https://server.com to https://www.server.com in apache

I am trying to write a redirect in apache for URL of pattern:
https://server.com to https://www.server.com
without much success
Reason for rediect: My SSL certificate is on www.server.com, so I want the users to go on the correct site (and see secure icon).
Problem: The problem is that when I try to open https://server.com the browser gives me incorrect certificate error and none of my RewriteRule gets executed till I ignore the incorrect certificate problem.
How do I redirect in this case?
You can't do this with one certificate. The reason is that the web server needs to do the ssl handshake before it does the redirect, so you'll always have the problem with invalid certificate.
You really have only one option to do this - cover both, www and no www with a certificate and redirect. This can be done several ways, either get a certificate with multiple domain names called a SAN certificate, or get two certificates, one for www and one without. However, in the second case, you would need two web servers with different ip's to accomplish your task.
An alternate approach, one that use myself, is not to worry about it. Instruct users to go to regular http website and do the redirection yourself when SSL Cconnection is needed. This is what amazon.com does actually. They want you to browse http and they redirect you to SSL only when you buy something. Their certificate is also only valid for www, just go to https://amazon.com and you'll see their certificate is invalid without www