Tag Archives: SSL

Connect Sitecore xDB To A MongoDB On Rackspace’s ObjectRocket Platform With SSL

This was a fun experience. Anyway, let’s go. Got a 5GB $149/mo Medium pricing package from Object Rocket (Note: Small does not have SSL in its package). So after you get someone to kindly pay for your package then you will get a login to Object Rocket and (more importantly) the ability to create a […]


Use fiddler2 against JavaFX (java) WebView to intercept HTTPS (ssl) requests

Fiddler intercepts HTTP traffic by changing system proxy settings. I.e. when you start fiddler it re-configures your system (IE) to use localhost:8888 as proxy for HTTP and HTTPS. This works ok for IE and Chrome. But when you build java app with webview you realize that it does not use system proxy settings. When you […]


How To Configure Tomcat To Support SSL Or Https

via How To Configure Tomcat To Support SSL Or Https | Examples Java Code Geeks.

In this short example we are going to see how to configure Tomcat to support SSL protocol, and thus https connections.

SSL with WildFly 8 and Undertow

via SSL with WildFly 8 and Undertow ~ Enterprise Software Development with Java.

I’ve been working my way through some security topics along WildFly 8 and stumbled upon some configuration options, that are not very well documented. One of them is the TLS/SSL configuration for the new web-subsystem Undertow. There’s plenty of documentation for the older web-subsystem and it is indeed still available to use, but here is the short how-to configure it the new way.

What is SSL and How to Implement in ASP.Net Web Application

Click to Read

The HTTPS protocol is more secure than HTTP protocol because it includes the Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocol. It is a more secure way to send a request to the server from a client, also the communication is purely encrypted which means no one can understand what you are looking for. This kind of communication is used for accessing those websites where security is required. Banking websites, payment gateways, emails (Gmail offers HTTPS by default in the Chrome browser) and corporate sector websites are some great examples where HTTPS protocols are used.

Blackbox tool to disable SSL certificate validation – including certificate pinning – within iOS Apps

layout typo in version number 3 months ago
testapp Fix testapp a year ago
.gitattributes Update gitignore & gitattributes 2 years ago
.gitignore Ignore .deb package files 2 years ago
BH2012_MobileCertificatePinning.pdf Add BH 2012 slides 2 years ago
LICENSE.txt LICENSE 2 years ago
Makefile Update to 7.1 SDK 3 months ago
README.md typos 2 months ago
Tweak.xm Update README and release the new version a year ago

iOS SSL Kill Switch

Blackbox tool to disable SSL certificate validation – including certificate pinning – within iOS Apps.


Once installed on a jailbroken device, iOS SSL Kill Switch patches low-level SSL functions within the Secure Transport API, including SSLSetSessionOption() and SSLHandshake() in order to override and disable the system’s default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).

It was successfully tested against various Apps implementing certificate pinning including the Apple App Store. iOS SSL Kill Switch was initially released at Black Hat Vegas 2012.

For more technical details on how it works, see http://nabla-c0d3.github.io/blog/2013/08/20/ios-ssl-kill-switch-v0-dot-5-released/


Installing this tweak allows anyone on the same network as the device to easily perform man-in-the-middle attacks against any SSL or HTTPS connection. This means that it is trivial to get access to emails, websites viewed in Safari and any other data downloaded by any App running on the device.


Users should first download the latest pre-compiled Debian package available in the release section of the project page at: https://github.com/iSECPartners/ios-ssl-kill-switch/releases

The tool was tested on iOS7 running on an iPhone 5S.


iOS SSL Kill Switch will only run on a jailbroken device. Using Cydia, make sure the following packages are installed:

  • dpkg
  • MobileSubstrate
  • PreferenceLoader

How to install

Download and copy the Debian package to the device; install it:

dpkg -i <package>.deb

Respring the device:

killall -HUP SpringBoard

There should be a new menu in the device’s Settings where you can enable the extension.

Finally, kill and restart the App you want to test.

How to uninstall

dpkg -r com.isecpartners.nabla.sslkillswitch

Intercepting the App Store’s traffic

Additional instructions are available here: http://nabla-c0d3.github.io/blog/2013/08/20/intercepting-the-app-stores-traffic-on-ios/


Most users should just download and install the Debian package. The build requires the Theos suite to be installed; see http://www.iphonedevwiki.net/index.php/Theos/Getting_Started . You first have to create a symlink to your theos installation:

ln -s /opt/theos/ theos

Make sure dpkg is installed. If you have Homebrew, use:

brew install dpkg

Then, the package can be built using:

make package


  • v0.6: Added support for iOS 7.
  • v0.5: Complete rewrite in order to add support for proxy-ing Apple’s App Store application.
  • v0.4: Added hooks for SecTrustEvaluate().
  • v0.3: Bug fixes and support for iOS 6.
  • v0.2: Initial release.




Alban Diquet – https://github.com/nabla-c0d3

Enabling Websockets for Socket.io Node apps on Microsoft Azure

Enabling Websockets for Socket.io Node apps on Microsoft Azure

I’m running an application called Nightscout that is a node app with a MongoDB backend that presents a JSON endpoint for a diabetic’s blood sugar data. I use my Dexcom G4 CGM (Continuous Glucose Meter) connected with a micro-USB OTG cable to an Android phone. An Android app bridges the device and POSTs up to the website.

Azure is well suited to run an app like this for a few reasons. Node works great on Azure, MongoLabs is setup in the Azure Store and has a free sandbox, Azure supports WebSockets, and *.azurewebsites.net has a wildcard SSL cert, so I could force SSL.