Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [https]

HTTPS stands for HTTP Secure and is a combination of HTTP and SSL/TLS (Secure Sockets Layer/Transport Layer Security) and is used to provide an encrypted connection to a website.

HTTPS connections are often used for payment transactions and for sensitive transactions in corporate systems. They are increasingly being used for social networking sites like Facebook and Twitter to help prevent identity theft etc.

HTTPS on Wikipedia

2524 questions
18
votes
2 answers

How does a web server know which key pair to use for SSL decryption?

It is my understanding that when Apache receives a request to one of the TCP ports it is listening on (e.g. 80, 443), it will decide which host is being requested by looking at the HTTP header Host. The server will then know which virtual host it…
paolo
  • 387
  • 3
  • 14
18
votes
1 answer

Where is the private key after using certreq for CSR generation on Windows 10?

I tried to follow the website below for instructions on how to generate the CSR for my web server: http://www.entrust.net/knowledge-base/technote.cfm?tn=8649 However, it only generates the CSR. Where is the private key? I was told that the key is…
Chong Lip Phang
  • 285
  • 1
  • 2
  • 7
17
votes
5 answers

Referer is passed from HTTPS to HTTP in some cases... How?

In theory browsers do not pass on referer information from HTTPS to HTTP sites. And in my experience this has always been true. But I just found an exception, and I want to understand why it works so I can use it as well. Search for "what is my…
ravisorg
  • 501
  • 1
  • 3
  • 8
17
votes
2 answers

Prevent nginx from redirecting traffic from https to http when used as a reverse proxy

Here's my abbreviated nginx vhost conf: upstream gunicorn { server 127.0.0.1:8080 fail_timeout=0; } server { listen 80; listen 443 ssl; server_name domain.com ~^.+\.domain\.com$; location / { try_files $uri @proxy; …
Chris Pratt
  • 621
  • 1
  • 6
  • 11
17
votes
4 answers

SSL certificate selection based on host-header: is it possible?

Is it possible for a web server to select an SSL certificate to use based on the host-header of the incoming connection, or is that information that is only available after the SSL connection is established? That is, can my webserver listed on port…
DrStalker
  • 6,946
  • 24
  • 79
  • 107
16
votes
3 answers

How can I use https with AWS Cloudfront without paying $600 to upload my cert?

I can host a dynamic website through Amazon CloudFront because they have CNAME Wildcard Support. However, some pages of my Site use HTTPS. Amazon have some documentation about how to associate your SSL certificate with a CloudFront distribution but…
Tom
  • 4,277
  • 11
  • 42
  • 52
16
votes
2 answers

Multiple SSL vhosts using wildcard certificate in nginx

I have two hostnames sharing the same domain name which I want to serve over HTTPs. I've got a wildcard-SSL certificate and created two vhost configs: Host A listen 127.0.0.1:443 ssl; server_name a.example.com; root …
user99559
15
votes
3 answers

Adding HSTS to nginx config

I recently changed my nginx config to redirect all http traffic to https (and all www traffic to no-www). Would it make sense to also add add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; to my server blocks as well?…
Hassan Baig
  • 2,325
  • 12
  • 29
  • 48
15
votes
1 answer

Under HTTP2, how often are new TCP connections initiated?

I understand that HTTP2 aims to keep everything under a single TCP connection, and I was wondering how often TCP connections would be torn down. For example, if I visit youtube, do some browsing, leave the site, and come back, will I be re-using the…
fruglemonkey
  • 253
  • 1
  • 4
15
votes
2 answers

Is this SSL certificate chain broken and how to fix it?

For the SSL cert on the domain example.com, some tests tell me that the chain is incomplete and since Firefox keeps its own certificate store, it might fail on Mozilla (1, 2, 3). Others tell me it is fine, as does Firefox 36, which tells me that the…
Gaia
  • 1,855
  • 5
  • 34
  • 60
15
votes
3 answers

Why does Android Chrome say my site's security certificate is not trusted?

My site is https://blendbee.com. It's using a PositiveSSL certificate that is valid. In Windows 8 Chrome the certificate is fine (green lock in top left corner). But...on my Android, it's not so fine. Screenshot: …
Kane
  • 262
  • 1
  • 2
  • 10
15
votes
1 answer

How does this kind of SSL work?

"Issued to" and "Domain Name" doesn't match but still valid and accepted by all major browsers without any warning. While previewing my blog post in Blogger, I noticed that my blog was previewed via SSL. When I checked the certificate information, I…
user213598
15
votes
2 answers

HTTPS SSH Tunnel

Ok so I have a web server, lets call it Server A, which is providing a service via HTTPS. And I have an SSH gateway server, lets call it Server B. Due to firewall rules I cannot access Server A's web service from my desktop linux computer. Therefore…
Jacob Tomlinson
  • 403
  • 2
  • 5
  • 15
15
votes
1 answer

Install & configure mod_ssl on Amazon EC2 instance

I am trying to support HTTPS traffic with the mod_ssl module on my website. I am running an Amazon EC2 instance for my server. I have installed and configured the basic LAMP packages. However, when I go to put in SSL-specific commands in my apache…
kaffolder
  • 285
  • 1
  • 2
  • 7
15
votes
4 answers

Setting up a transparent SSL proxy

I've got a linux box set up with 2 network cards to inspect traffic going through port 80. One card is used to go out to the internet, the other one is hooked up to a networking switch. The point is to be able to inspect all HTTP and HTTPS traffic…
badunk
  • 215
  • 1
  • 2
  • 11
1 2 3
99 100