Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [https]

HTTPS stands for HTTP Secure and is a combination of HTTP and SSL/TLS (Secure Sockets Layer/Transport Layer Security) and is used to provide an encrypted connection to a website.

HTTPS connections are often used for payment transactions and for sensitive transactions in corporate systems. They are increasingly being used for social networking sites like Facebook and Twitter to help prevent identity theft etc.

HTTPS on Wikipedia

2524 questions
8
votes
9 answers

Recommendation: Company website forced to https?

My company wants their "informational" website to be rewritten from HTTP to HTTPS. Technically this is not a big deal for me. But i have doubts if this is state-of-the-art since the only reason they want this, is to encrypt contact and sign up…
zero_r
  • 2,405
  • 3
  • 16
  • 16
7
votes
2 answers

error:14004438:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alert internal error

I have tried searching for this, and I have found things that are close, but I have not found anything that helps so far. I apologize in advance if this is already asked. I have a service which is behind an HTTP VIP, and that is working fine. Now I…
ashipma
  • 171
  • 1
  • 1
  • 3
7
votes
3 answers

No need to enable SNI for multiple SSL sites on same IP but using same wild card certificate?

I have an IIS server hosting: example.com/www.example.com sub1.example.com sub2.example.com They are listed as 3 separate sites under IIS, all bind to the same IP over HTTPS on 443. But they all use the same SSL certificate which is a wild card…
thankyoussd
  • 193
  • 1
  • 1
  • 3
7
votes
1 answer

IIS randomly returns 413 Request Entity Too Large when uploading large files and using TLS

I have an ISAPI application running on IIS, which is meant to support uploads of files of any size. On one server, uploads seemingly randomly fail with 413 Request Entity Too Large or time out when using HTTPS, and the only remedy seems to be…
Florian Winter
  • 214
  • 1
  • 2
  • 10
7
votes
1 answer

nginx and https: nginx: [emerg] host not found in upstream

First of all excuse me if this problem is simple. I have a server with Ubuntu and nginx on it. Always works while http used, but after I added certificates and tried to enable https I received this error nginx: [emerg] host not found in upstream…
Kopleman
  • 71
  • 1
  • 1
  • 3
7
votes
3 answers

Is SSLsplit the right tool to intercept and re-encrypt HTTPS traffic on a wifi router?

I'm looking to do a vulnerability research on products running on a variety of devices by intercepting their HTTPS traffic, but I don't want to modify the devices aside from installing a custom cert. It seems SSLsplit does what I want, as it allows…
Andrey Fedorov
  • 2,129
  • 4
  • 16
  • 12
7
votes
8 answers

How to force SSL (https) on Apache Location

I'm trying to force SSL (https) on an SVN repository served by mod_dav_svn. Here's what I have: DAV svn SVNPath /var/repo/projectname Require valid-user AuthType Basic AuthName "Subversion repository" …
Joey Adams
  • 277
  • 2
  • 4
  • 9
7
votes
2 answers

Have both Hostname and FQDN in SSL Certificate on IIS

I've been searching here, technet and google but haven't been able to find an answer to my question yet. I have a website running on IIS 7, Server 2012 R2. The IIS serves as an access to our Citrix farm. Connecting using https, I have created an SSL…
Mikael Dyreborg Hansen
  • 559
  • 1
  • 5
  • 16
7
votes
1 answer

For SSL bridging, do HTTPS backends verify that the load balancer is using the same private key? If so, how?

We are using the F5 to perform load balancing. When using SSL bridging instead of termination, we generally use a wildcard on the front-end and a regular SSL cert on the HTTPS backend. However, there's some belief among some colleagues that, for…
Belmin Fernandez
  • 10,799
  • 27
  • 84
  • 148
7
votes
6 answers

Can I run two different secure sites using the port 443 on the same server?

Let's say I want two secure sites running from the same machine using the Apache server: 1. https://example.com 2. https://example.ca Is it possible to use port 443 for both of the above sites?
Thierry Lam
  • 6,261
  • 10
  • 27
  • 24
7
votes
0 answers

What's the best way to simulate being behind China's Great Firewall?

We're having issues with an iOS app of ours that uses in-app purchase to unlock downloadable content - but it seems only from China. We see many negative reviews from China for this reason. Our in app purchase process involves hitting a https server…
Alastair Stuart
  • 187
  • 1
7
votes
2 answers

Apache randomly stops serving HTTPS, but HTTP works just fine

We have this Apache on Windows Server 2012: Server version: Apache/2.4.9 (Win32) Apache Lounge VC10 Server built: Mar 17 2014 10:48:43 Most of the time, it works perfectly, but from time to time (randomly, cca 3-4 times per week), it stops serving…
Wapac
  • 652
  • 1
  • 5
  • 16
7
votes
1 answer

How can I enable outgoing HTTP/HTTPS requests on an EC2 in a public subnet within a VPC on Amazon AWS

I set up a VPC using scenario 2 from the AWS Docs: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html I've assigned an Elastic IP to an EC2 instance running in a Public Subnet. SSH works fine and I can access the website…
T. Brian Jones
  • 927
  • 4
  • 17
  • 29
7
votes
2 answers

nginx: HSTS on a page with www-authentication

Is it possible, on nginx, to send a Strict-Transport-Security header, even on pages that require WWW-Authentication? When I have both auth_basic and add_header Strict-Transport-Security "max-age=2592000";, the HSTS header isn't sent: $ curl -Ik…
Valmiky Arquissandas
  • 504
  • 1
  • 4
  • 17
7
votes
3 answers

Nginx not redirecting but is working

This is my first setup with nginx and I'm using it to proxy to nodejs. HTTP is on port 3000, and HTTPS is on port 3001. If I go to http://test.domain.com it loads the regular unsecure pages. If I go to https://test.domain.com it loads the secure…
romo
  • 171
  • 1
  • 1
  • 3
1 2 3
99 100