Fixing the invalid private key error in the Google Cloud Platform App Engine app Settings page I've started playing around with Google's Cloud Platform recently and one of the first things I wanted to do was to secure my app's static pages so they could be delivered over HTTPS. This meant that I needed to upload my certificate and private key to Google. I went ahead and generated my key as usual and I thought I had an RSA key already, but Google didn't seem to like it.
Get a Free SSL certificate and speed up your web site at the same time with CloudFlare I've been using CloudFlare on my various web sites for a number of years now and the reason for using this service has just become even more compelling. Recently Google introduced HTTPS as a rank for website indexing which means if you don't have a HTTPS web site, you will be down-ranked in search results. For HTTPS you of course need an SSL certificate.
Chrome and Safari keep saying ad.doubleclick.net requires a client certificate I've noticed today that ad.doubleclick.net started asking for client certificates when browsing in Safari and Chrome on OS X. For some reason mutual authentication is being performed by the doubleclick (Google) servers. I'm guessing this is a configuration issue on the Google side as there is generally no need to have the client prove their identity, especially when serving ads. That or this is some new ad tracking technology gone wrong.
Hilton's website is using the wrong SSL Certificate for days now I've been checking Hilton's website on a regular basis this week (I travel on a weekly basis). For the entirety of this week, it's been giving me an SSL error - Safari can't verify the identity of the website "www3.hilton.com". It looks like the certificate is for a248.e.akamai.net. Now there is no reason not to trust Akamai, but having the wrong certificate for a domain is always a problem.
Force HTTPS SSL URLs on web service requests in WebLogic I've written earlier about adding basic HTTP authentication to a web service. That example forced the user of the web service to authenticate using basic authentication before a request would be served, however the username and password in this case are prone to sniffing and can be retrieved with relative ease. This is easily addressed by setting up your deployment so that WebLogic forces the use of HTTPS/SSL URLs web making requests.