As described in the [documentation](https://nodejs.org/docs/latest/api/tls.html#tls_tls_connect_port_host_options_callback):

* `rejectUnauthorized`: If `true`, the server certificate is verified against the list of supplied CAs. An `error` event is emitted if verification fails; `err.code` contains the OpenSSL error code. Default: `true`.

Since you&#39;re using self-signed certificates, obviously there won&#39;t be a match with the built-in CAs, so by default the connection would be rejected because it cannot verify the server is who they say they are.

By setting `rejectUnauthorized: false`, you&#39;re saying &quot;I don&#39;t care if I can&#39;t verify the server&#39;s identity.&quot; Obviously this is not a good solution as it leaves you vulnerable to MITM attacks.

A better solution for self-signed certificates is to set the appropriate `ca` value to your custom CA when connecting client-side. Also, make sure your `host` value matches that of the Common Name of the server&#39;s self-signed certificate. For example:

    var socket = tls.connect({
      host: &#39;MyTLSServer&#39;,
      port: 1337,
      ca: [ fs.readFileSync(&#39;CA.pem&#39;) ],
    }, function() {
      // Connected!
    });

    // ...

No matter if you use `rejectUnauthorized: false` or set `ca`, the connection is encrypted.

How do I turn on/off &#39;do not disturb&#39; (dnd) programmatically in Android?  Is was hoping this would give me something but it doesn&#39;t:

    Settings.System.putInt(getContentResolver(), Settings.System.DO_NOT_DISTURB, 1);


Android how to turn on do not disturb (dnd) programmatically

Making images responsive has always been a troublesome aspect of responsive web design for many. I have gone through a few of the articles regarding the same and came across &quot;srcset&quot; and &quot;picture&quot; as a solution for this.

###SRCSET Example

      &lt;img src=&quot;flower_500px.jpg&quot;
         srcset=&quot;flower_750px.jpg 1.5x, flower_1000px.jpg 2x&quot;
         width=&quot;500px&quot; alt=&quot;flower&quot;&gt;

###PICTURE Example

      &lt;picture&gt;
          &lt;source media=&quot;(min-width: 45em)&quot; srcset=&quot;flower_1000px.jpg&quot;&gt;
          &lt;source media=&quot;(min-width: 32em)&quot; srcset=&quot;flower_750px.jpg&quot;&gt;
          &lt;img src=&quot;flower_500px.jpg&quot; alt=&quot;flower&quot;&gt;
      &lt;/picture&gt;

I&#39;m trying to decide which of those two methods to choose to make images responsive. What are the characteristics that I should consider in this choice?

HTML picture or srcset for responsive images

So, I was having an issue earlier today where my client, written in `node`, was barfing because the server I was connecting to used self signed certs. So, I went and added the option `rejectUnauthorized: false` to my `tls.connect` command like any unwitting developer would do.

My question is now, what the hell does this mean for me? Is my TLS connection just a vanilla TCP connection that can also possibly be a TLS connection? Is writing this as a TLS stream totally useless?

More importantly, that server, you know the one with the self-signed certs? Is my stream between here and there actually encrypted?

TLS what exactly does &#39;rejectUnauthorized&#39; mean for me?

So, I was having an issue earlier today where my client, written in <code>node</code>, was barfing because the server I was connecting to used self signed certs. So, I went and added the option <code>rejectUnauthorized: false</code> to my <code>tls.connect</code> command like any unwitting developer would do.
My question is now, what the hell does this mean for me? Is my TLS connection just a vanilla TCP connection that can also possibly be a TLS connection? Is writing this as a TLS stream totally useless?
More importantly, that server, you know the one with the self-signed certs? Is my stream between here and there actually encrypted?

When I open a project with a package.json in Visual Studio 2015, an npm install is automatically started, and VS is unresponsive until the install is completed.

I would much rather prefer running npm install myself from the command line; how can I stop Visual Studio from doing it?

How can I disable NPM package restore in Visual Studio 2015?

How to set multiple file entry/output in project with webpack?

I follow http://webpack.github.io/docs/tutorials/getting-started/ success compile if only one file in one entry/output... 


directory

    app
    webpack.config.js
    ./assets
    ././javascripts/Administrator/Article/Create/Base.js
    ././javascripts/Administrator/Article/Edit/Base.js
    ././javascripts/Account/Index/Base.js
    ././javascripts/Contact/Index/Base.js
    ...

how to output like this?

    ././javascripts/Administrator/Article/Create/bundle.js
    ././javascripts/Administrator/Article/Edit/bundle.js
    ././javascripts/Account/Index/bundle.js
    ././javascripts/Contact/Index/bundle.js



webpack.config.js

    module.exports = {
      entry: {
        &#39;AdministratorArticleCreate&#39;:[&#39;./assets/javascripts/Administrator/Article/Create/Base.js&#39;]
      },
      output: {
        path: 
      }
       
        // if only one file
        // entry: &quot;./assets/javascripts/Administrator/Article/Create/Base.js&quot;,
        // output: {
        //     // path: __dirname,
        //     path: &quot;./assets/javascripts/Administrator/Article/Create/&quot;,
        //     filename: &quot;bundle.js&quot;
        // }
    };

How to set multiple file entry and output in project with webpack?

I&#39;d like to find out which packages depend on `express` among the installed `sails/kraken/loopback/hapi/koa` etc. Are there `npm` sub-commands or other ways to locally list all reverse dependencies on one specific npm package?

How to find reverse dependencies on npm package?

I want to just verify something but have&#39;t been able to find anything in the Express docs or online regarding this (although I know it&#39;s a feature).


I could just test this out but I don&#39;t really have a nice template and would like to hear from the community.

If I define a route in express like such:

    app.get(&#39;/&#39;, function (req, res) {
      res.send(&#39;GET request to homepage&#39;);
    });

I can also define a middleware and load it directly, such as

    middleware = function(req, res){
      res.send(&#39;GET request to homepage&#39;);
    });

    app.get(&#39;/&#39;, middleware)

However, I can also chain at least one of these routes to run extra middleware, such as authentication, as such:

    app.get(&#39;/&#39;, middleware, function (req, res) {
      res.send(&#39;GET request to homepage&#39;);
    });

Are these infinitely chainable? Could I stick 10 middleware functions on a given route if I wanted to? I want to see the parameters that app.get can accept but like mentioned I can&#39;t find it in the docs.


Chaining multiple pieces of middleware for specific route in ExpressJS

In the past, I made some websites with notepad for example, so we must create a folder TREE and put into it a .htm file, and some folderS with stuff like Javascript, css ...

Maybe I don&#39;t understand what NPM really brings, because It seems to do the same thing but automated it ... is it just that ?

For example, why not just unpack a frameworks (e.g. Bootstrap or Kube) without use of NPM and so have folders ready to use ?

Help me to understand please because I&#39;m near the crazy state with all this stuff ...

What is NPM and why do I need it?

I am getting the following error when connecting to a SQL Server database using version the Microsoft JDBC Driver:

&gt; com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: &quot;SQL Server returned an incomplete response. The connection has been closed. ClientConnectionId:98d0b6f4-f3ca-4683-939e-7c0a0fca5931&quot;.

We recently upgraded our applications from Java 6 &amp; Java 7 to Java 8.  All systems running Java are running SUSE Linux Enterprise Server 11 (x86_64), VERSION = 11, PATCHLEVEL = 3.

Here are the facts I have collected with a Java program that I wrote which simply sequentially opens and closes 1,000 database connections.

 - Connections are dropped with this error about 5%-10% of the time.  The error DOES NOT occur on every connection.
 - The problem ONLY occurs with Java 8.  I ran the same program on Java 7 and the problem is not reproducible.  This is consistent with our experience in production prior to upgrading.  We&#39;ve had zero problems running under Java 7 in production.
 - The problem DOES NOT occur on all of our Linux servers running Java 8, it only occurs on some of them.  This is perplexing to me, but when I run the same test program on the same version of the Linux JVM (1.8.0_60, 64 bit) on different Linux instances, the problem does not occur on one of the Linux instances, but the problem does occur on others.  The Linux instances are running the same version of SUSE and they are at the same patch level.
 - The problem occurs when connecting to BOTH SQL Server 2008 and SQL Server 2014 servers/databases.
 - The problem occurs regardless if I am using the 4.0 version of the SQL Server JDBC driver or the newer 4.1 version of the driver.

The thing that makes my observations unique on this compared to others on the web is that although the problem happens ONLY on Java 8, I cannot get the problem to occur on one of the seemingly identical Linux servers that is running the same Java 8 JVM.  Other folks have seen this problem on earlier versions of Java as well, but that has not been our experience.

Any input, suggestions, or observations you may have are appreciated.





SQL Server JDBC Error on Java 8: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption

I&#39;m trying to establish SSL/TLS connection to **test server with self-signed certificate**. Communication through unsecure channel worked without issues.

Here is my sample code, which I&#39;ve written based on this solutions:
https://stackoverflow.com/questions/12553277/allowing-untrusted-ssl-certificates-with-httpclient
https://stackoverflow.com/questions/2675133/c-sharp-ignore-certificate-errors
https://stackoverflow.com/questions/15205814/net-client-connecting-to-ssl-web-api

    ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) =&gt; true;

    var c = new HttpClient();
    var r = c.GetAsync(&quot;https://10.3.0.1:8443/rest/v1&quot;).Result;
    if (r.IsSuccessStatusCode)
    {
        Log.AddMessage(r.Content.Get&lt;string&gt;());
    }
    else
    {
        Log.AddMessage(string.Format(&quot;{0} ({1})&quot;, (int)r.StatusCode, r.ReasonPhrase));
    }

also tried this:

    var handler = new WebRequestHandler();
    handler.ServerCertificateValidationCallback = delegate { return true; };
    var c = new HttpClient(handler);
    ...

and this

    ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

but each time I&#39;ve got an exception:

    InnerException: System.Net.Http.HttpRequestException
       _HResult=-2146233088
       _message=An error occurred while sending the request.
       HResult=-2146233088
       IsTransient=false
       Message=An error occurred while sending the request.
       InnerException: System.Net.WebException
            _HResult=-2146233079
            _message=The request was aborted: Could not create SSL/TLS secure channel.
            HResult=-2146233079
            IsTransient=false
            Message=The request was aborted: Could not create SSL/TLS secure channel.
            Source=System
            StackTrace:
                 at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
                 at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
            InnerException: 

What do I do wrong? Why I can&#39;t connect to this server (which has invalid-self-signed certificate)

Could not create SSL/TLS secure channel, despite setting ServerCertificateValidationCallback

I am publishing my ASP.NET 5 MVC6 project from Visual Studio 2015. I have imported publish profile from my server. Connection validates successfully, however when I publish my project I have the following error:

ERROR_CERTIFICATE_VALIDATION_FAILED

&gt; Connected to the remote computer (&quot;XXXXXXXXX&quot;) using the specified
&gt; process (&quot;Web Management Service&quot;), but could not verify the server&#39;s
&gt; certificate. If you trust the server, connect again and allow
&gt; untrusted certificates.

There is no option to allow untrusted certificates in publishing settings. 

Publishing from Visual Studio 2015 - allow untrusted certificates

I am developing a Java application that queries a REST API on a remote server over HTTP. For security reasons this communication should be switched to HTTPS.

Now that [Let&#39;s Encrypt](https://letsencrypt.org/) started their public beta, I&#39;d like to know if Java currently works (or is confirmed to be working in the future) with their certificates by default.

Let&#39;s Encrypt got their intermediate [cross-signed by IdenTrust](https://letsencrypt.org/certificates/#cross-signing), which should be good news. However, I cannot find any of these two in the output of this command:

    keytool -keystore &quot;..\lib\security\cacerts&quot; -storepass changeit -list

I know that trusted CAs can be added manually on each machine, but since my application should be free to download and executable without any further configuration, I am looking for solutions that work &quot;out of the box&quot;. Do you have good news for me?

Does Java support Let&#39;s Encrypt certificates?

I am generating a self-signed SSL certificate with OpenSSL (not makecert), for use in IIS.

    openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj &#39;//CN=myhost&#39;

(The double slash is correct. The command above does not work without that.)

    openssl pkcs12 -export -out key.pfx -inkey key.pem -in cert.pem -name &#39;myhost&#39;

The first command runs completes successfully. However the second get stuck with 

&gt; Loading &#39;screen&#39; into random state -

I am using OpenSSL (1.0.2d) that comes with Git for Windows (2.6.3).
Anyone experiences the same issue?

*Clarification:* Question https://stackoverflow.com/questions/12507277/how-to-fix-unable-to-write-random-state-in-openssl describes different -- problem with writing the the .rnd file. Here the problem seems to be generating the random state. (And only in the second command.)

Content Type	Original Author	Original Content on Stackoverflow
Question	Breedly	View Question on Stackoverflow
Solution 1 - node.js	mscdex	View Answer on Stackoverflow

TLS what exactly does 'rejectUnauthorized' mean for me?

node.js Problem Overview

node.js Solutions

Solution 1 - node.js

HTML picture or srcset for responsive images

Android how to turn on do not disturb (dnd) programmatically

Attributions