ezproxy ssl certificate error Farber Missouri

Full Duplex Computing provides small and medium sized businesses in Kansas City, Columbia, St. Louis and surrounding areas with a wide array of professional computer support and repair services. From simple computer repair to large computer network installations, Full Duplex Computing can do it all. Regardless of the size of your business, Full Duplex Computing can help you with all of your technical support needs.

Address Columbia, MO 65201
Phone (816) 986-0151
Website Link

ezproxy ssl certificate error Farber, Missouri

OCLC recommends that you disable 40 and 56 bit encryption unless you have specific legacy requirements. We provide the ability to use them since some legacy environments may need them. You are already subscribed to this list. The EZproxy domain *must* be the in the CN field.  If your EZproxy server is ezproxy.college.edu, then the name in the CN field must be *.ezproxy.college.edu.

OCLC Kunden-Support Für Supportanfragen in Deutschland, Österreich oder der Schweiz wenden Sie sich bitte an unsere Hotline. I did send ISI our proxy configuration and the only thing I've heard so far is newisiknowledge.com can go away. Does anyone knowif this is described in EZproxy support or perhapsOCLC could add this?Thanks again, and Happy Holidays to everyone.Scott------You are currently subscribed to ezproxy as: gee-***@m.gmane.org.To unsubscribe, send request to We've upgraded to EZproxy 3.2a last weekend and I've added the line 'Option IgnoreWildcardCertificate' somewhere at the start of ezproxy.cfg, but unfortunately users still experience the mismatch warnings in IE and

Old Firefox versions supported * to mean multiplelevels but version 3 will work with only one level.EZproxy will use dash instead of period when proxying https resources. Find out more. Regular versus Wildcard In the following, Regular refers to a certificate that is issued in the exact name of your EZproxy server (e.g., ezproxy.yourlib.org) whereas Wildcard refers to a certificate that and not scifinder.cas.orgbefore the .ezproxy.bu.eduI asked them how we can get it to work for multiple levelsand they say we cannot.

A message has been sent to your e-mail address. Old Firefox versions supported * to meanmultiple levels but version 3 will work with only one level.EZproxy will use dash instead of period when proxying https resources.For example, it will rewrite Thanks for your time, Steve Clary --- You are currently subscribed to ezproxy as: [email protected] To unsubscribe send a blank email to [email protected] Next Message by Thread: Re: SSL certificates working Chris -- Chris Zagar Useful Utilities --- You are currently subscribed to ezproxy as: [email protected] To unsubscribe send a blank email to [email protected] Thread at a glance: Previous Message

Try usingthe starting point URLhttp://ezproxy.bu.edu/login?url=https://scifinder.cas.org to see if itthrows any error.----- Original Message -----From: "Scott Macomber" <***@bu.edu>To: "EZProxy discussion list" <***@ls.suny.edu>Sent: Thursday, December 24, 2009 05:18Subject: [ezproxy] New thawte ssl certificate I reviewed the FAQ on usefulutilities.com which suggested renaming the ezproxy.log file. Mary's Gate Sheffield S1 4LW GB T: +44 (0)114 267 7502 T: 0845 267 7502 (local rate) E: Support is available between the hours of 09:00 and 17:30 (UK Time). If anyone has specific questions that relate to their certificates, please feel free to follow up off-list so we can discuss this.

It also changes periods to hyphens when generating the host name for sites using https. On rare occasion, institutions already have a certificate with a name of *.yourlib.org. I did this (though I am running Windows, not Linux as listed in the FAQ) but my patron continues to get this error. There are many SSL/TLS-related configuration options in EZproxy.

The non-wildcard domain must be in the SAN field, or you will receive browser messages in some cases. These changes should allow a single wildcard certificate to generate only one error if self-signed, and no errors if purchased from a certificate authority.""Also introduces new "Option NoHttpsHyphens" and "Option HttpsHyphens" Thanks, Dana Dana Tuley-Williams Systems Librarian Keith Leftwich Memorial Library Oklahoma City Community College 7777 S. OCLC Customer Support (U.S.) 6565 Kilgour Place Dublin 43017 Ohio US T: +1-614-793-8682 T: 800-848-5800 (USA) Submit a support request » OCLC Customer Support (Canada) T: +1-888-658-6583 T: +1-800-848-5800 F: +1-450-618-8029

Information Services and Technology, IS&T------You are currently subscribed to ezproxy as: gee-***@m.gmane.org.To unsubscribe, send request to ***@itec.suny.edu 4 Replies 13 Views Switch to linear view Disable enhanced parsing Permalink to this The thomsonscientific proxy support pages have some new info as of January AND February 2008, and, it seems they are making changes. Here is the problem. This tells EZproxy that it should add "login." to the front of its name when handling login requests and should generate its SSL certificate using the form "*.ezproxy.yourlib.org".

The fix (discussed here) is to add: Option IgnoreWildcardCertificate to the EZproxy config.txt Great! Here's our config: # Special ISI config (added 9/20/07) Option DomainCookieOnly Title ISI Databases URL http://isiknowledge.com/ DJ isiknowledge.com DJ isihighlycited.com Host newisiknowledge.com DJ newisiknowledge.com Host www.isihost.com DJ isihost.com Find value="http:// Replace By continuing to browse the site, you are agreeing to our use of cookies. EZproxy V5.7.44 supports all of the cipher settings defined by http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS.

These form of certificate names are the two types that can be created from within the SSL configuration option provided by EZproxy. Hello, Due to users requests, we've been trying to find ways to avoid the domain name mismatch warnings in IE6 and Firefox. Should I be adding that long list of new URL's as hosts? They have a new and apparently different recommendation for the EZproxy entry, than what is on the EZProxy support pages, AND above that there is a very long list of new

Give me some details on SSLCipherSuite If SSLCipherSuite is present in config.txt, and no values are defined for this directive, EZproxy defaults to the values: SSLCipherSuite HIGH:MEDIUM:LOW:EXP:!ADH:!aNULL The table below provides Yup horrible. EZproxy does not validate the entire CN field, but looks for the presence of a “*.” at the beginning of this field. If you usehttps://scifinder.cas.org.ezproxy.bu.edu, it will throw an error.

Thanks, Scott -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scott Macomber - Systems Analyst/Administrator B.U. Office of Information Technology [email protected] 617-353-8275 --- You are currently subscribed to ezproxy as: [email protected] To unsubscribe send a blank email to [email protected] . --- You are currently subscribed to ezproxy If you have not been receiving your e-mails from this list, please add [email protected] to your address book or list of "safe senders." If you continue to have problems receiving this Now when you try to login the URL ends up: proxy.library.school.ca/login?qurl=http://www.someurl.org With this bit of a change the cert checks out and as it doesn't hit the third level of domain

EZproxy supports, 40 bit encryption, 56 bit encryption, and 128, 192 and 256 bit AES encryption. So that means proxy.library.brocku.ca already uses both and when you move to the login you are jumping to the third. This article also describes transport level security (TLS), the successor to SSL 2 and SSL 3. This improvement is planned for EZproxy V6.1.

Deutschland und Österreich (SunRise Support) T: +49 (0)1805-468 747 F: +49 (0)89-613 08 399 E: [email protected] Die Hotline erreichen Sie Montag bis Freitag von 8:30 Uhr bis 17:00 Uhr Schweiz (SunRise Support) Yes. Does anyone have any suggestions? tim ribaric's blog Add new comment This Work, eLIBtronic.ca, is licensed under a CC BY-NC license, although certain works referenced herein may be separately licensed.

When do I use Option EnableSSLv3, Option DisableSSLv2, and SSLCipherSuite? Depending on the choices made during certificate setup, remote users may encounter various browser warnings. EZproxy V6.1 will be built with OpenSSL V1.x, and we plan to support TLS 1.1 and 1.2 with this build. Hi Scott, You don't mention specifics, but the problem I'm seeing w/ WoS/WoK via the proxy is that your session is restarted whenever you try to manipulate a list of references.

If I had to guess (and that's what I'm doing), I would be willing to speculate that: your user has bookmarked a session at a remote service which has expired and Thinking about it a bit you can see how it is in fact ignoring the wildcard certificate because it is not rewriting the domain name, but golly that is not apparent Feedback Privacy policy ISO 9001 Certificate SSL Configuration SSL Certificate Options Connect with fellow WorldShare users in the OCLC Community Center View demo Upgrade to EZproxy 6.1.13 Subscribe to OCLC updates If you are running an older release, updating should correct this.