Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions
5
votes
2 answers

Possible to have different SSLCACertificateFiles under different Location in Apache (client side ssl certs)

I am setting up Apache to do smartcard authentication. The smartcard login is based on client-side SSL certificates handled by an OS driver. I have currently just one smartcard provider, but in the future there are potentially several of them. I am…
Mikko Ohtamaa
  • 1,374
  • 3
  • 17
  • 28
5
votes
2 answers

Upgrade OpenSSL 0.9.8k to OpenSSL 1.0.1c on Ubuntu 10.04

We're currently using Ubuntu 10.04 and based on the PCI Compliance results, we're told to upgrade our OpenSSL. I attempted to do this using this reference and this. Unfortunately, they didn't work for me. And when I attempted to remove the old…
Nina
  • 201
  • 3
  • 7
5
votes
1 answer

Moving an SSL certificate

We are developing a site for a client who already has an SSL certificate and already has a website and domain name that uses it. We will be hosting the new site on our server running Apache that has other sites on it with the same IP. The domain…
beingalex
  • 335
  • 3
  • 7
  • 13
5
votes
1 answer

install openssl-devel on ec2

I am trying to install openssl-devel on a 64bit linux instance on ec2. However, when I try to install it sudo yum install openssl-devel I get this error: Error: Package: openssl-devel-1.0.0g-1.26.amzn1.x86_64 (amzn-updates) Requires: openssl…
Josh Moore
  • 263
  • 3
  • 6
  • 14
5
votes
2 answers

Ubuntu 11.10, using wget/curl fails with ssl

On a completely new install of Ubuntu I'm getting the following errors when using wget: wget https://test.sagepay.com --2012-03-27 12:55:12-- https://test.sagepay.com/ Resolving test.sagepay.com... 195.170.169.8 Connecting to…
Greg Spiers
  • 111
  • 1
  • 1
  • 7
5
votes
1 answer

SSL/TLS 1.2 on Apache with openssl 1.0.1

I built and installed openssl 1.0.1. How do I force Apache to use TLS 1.2 Ciphers?
user68842
5
votes
1 answer

Definition of Rejected and Failed in Support Cipher Suite

When I using SSLSCAN to check the cipher suites of my server, I found that there are three status: Accepted, Rejected and Failed. After that, I tried to disable the ciphers of RC2(40bits). I created a new key "Enabled"=dword:00000000 under…
ronin
  • 121
  • 3
  • 9
5
votes
2 answers

Does EC2 support AES-NI instructions? If so, is there a particular instance type?

Trying to determine if EC2 supports and makes available this newer instruction set.
cbc
  • 121
  • 1
  • 2
  • 3
5
votes
3 answers

Terminating a high volume of SSL connections cost effectively on EC2

I have recently set up a Node.js based web socket server that has been tested to handle around 2,000 new connection requests per second on a small EC2 instance (m1.small). Considering the cost of a m1.small instance, and the ability to put multiple…
Matthew O'Riordan
  • 208
  • 4
  • 9
5
votes
3 answers

SSL setup: UCC or wildcard certificates?

I've scoured the web for a clear and concise answer to my SSL question, but to no avail. So here goes: I have a web-service requiring SSL support for authentication pages. The root-level domain does not have the "www" - i.e., secure://domain.com -…
user41426
5
votes
5 answers

Ansible OpenSSL Error with apt module

This is rather odd, I noticed it yesterday on one of my target machines, and today its happening on the rest of them too. I also tried running the playbook from a different machine and the same thing happened. It seems like this problem occurs after…
RedHack
  • 153
  • 1
  • 5
5
votes
0 answers

SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client:

A few months ago I started getting complaints from dozens of users about getting errors when connecting to my site. When I look into the error.log of nginx I see daily SSL errors: I have no idea what could cause this issue since 99% of users are…
Michiel
  • 51
  • 1
  • 4
5
votes
3 answers

How can I know that Ubuntu 18.04 Bionic's latest OpenSSL is really 1.1.1n?

According to Ubuntu's CVE-2022-0778 this release should address the CVE. However, when I look at the OpenSSL version I can't really tell that it is 1.1.1n. I do see that it was built on Mar 9 prior to: OpenSSL making the source available to the…
Peter Kahn
  • 207
  • 3
  • 11
5
votes
2 answers

Nginx with only TLS1.3 cipher suites

I am trying to configure Nginx to use only TLS1.3 with 2 ciphers: TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256. So, I tried this configuration: ssl_protocols TLSv1.3; ssl_ciphers TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256; But nginx -s reload…
simplfuzz
  • 269
  • 1
  • 4
  • 10
4
votes
4 answers

Import cert into AWS ACM: ValidationException when calling the ImportCertificate operation: The certificate field contains more than one certificate

I'm trying to import some ssl certificates in PEM format into AWS ACM via aws cli. The certificates come from an nginx installation, when trying to import them with the following command: aws acm import-certificate --certificate ssl.website.com.crt…
Juancho
  • 186
  • 1
  • 8
1 2 3
99 100