Tim McGuire wrote:I think you have told Firefox to ignore the certificate warning for the second web site. You have a self-signed certificate, right?
Clear the security exception out of Firefox and try it.
With self-signed certificates this redirect will always fail. This is by design. Browsers allow you to bypass this for development purposes and they have different ways of going about this bypass.
Jeff Verdegan wrote:
Winston Gutkowski wrote:
Jeff Verdegan wrote:Then you have to encrypt that file. And when it's time to read that file, a human user who knows the decryption key for the file has to enter it.
It's also better if that file isn't called 'password' or 'keystore'.
Winston
Meh. Security through obscurity is overrated.
The real problem, I suspect, is that the OP wants to store a password, say, for a DB or web service, so that his app can run without human intervention. But he's missing the point that if his app can decrypt the "key file", then so can anybody who can read his app's classes and resources. It's turtles all the way down, as they say.