Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions
0
votes
1 answer

What does the FreeRADIUS error "SSL says error 25 : path length constraint exceeded" mean?

I am testing the WLAN functionalities of a device connecting to a RADIUS server. This RADIUS server is located on a Raspberry Pi with Raspbian Stretch and is using FreeRADIUS 3.0 and Hostapd. Some of the EAP-TLS test cases check what happens if long…
Jannis Kappertz
  • 47
  • 1
  • 7
0
votes
1 answer

Upgrade Apache , OpenSSH , OpenSSL to latest version in CentOS 7

I have CentOS 7 Vunarablites report shows need to update Apache and OpenSSL, OpenSSH Current version of packages OpenSSL : Openssl-1.0.1e-60.el7_3.1.x86_64 Current version of Apache : 2.4.6-45.el7.centos.4 Current version of SSH …
Prakash
  • 11
  • 1
  • 5
0
votes
0 answers

OpenVPN connected, partial internet [IPv6]

I've got an OpenVPN server set up and it works wonderfully, with all internet traffic using the VPN connection. On one specific WiFi network, I can use telnet/openssl s_client to connect to web servers, but not in the browser. I really want to…
Nathan
  • 101
0
votes
1 answer

unable to find ecdh parameters

I'm working on an SLES 11 SP4 box and trying to connect to the host api.onedrive.com. Since a few days this connection is broken and returns with: # curl https://api.onedrive.com curl: (35) error:1408D13A:SSL routines:SSL3_GET_KEY_EXCHANGE:unable to…
Gottox
  • 101
  • 1
  • 2
0
votes
1 answer

apache2 multiple virtual hosts with different ssl not working

I generated certs using the following command openssl req -new -newkey rsa:2048 -nodes -keyout rrr.key -out rrr.csr I then created the following file ssl-001.conf in the sites-available folder DocumentRoot…
sqwale
  • 141
  • 1
  • 8
0
votes
1 answer

Apache server is rejecting request

I have a server running Ubuntu 16.0.4 with Apache 2.4.18 which seems to be rejecting requests from certain clients. I have another server with Apache 2.4.7 that accepts the same request w/o error. If I run the request thru a proxy like Runscope I…
andyknas
  • 113
  • 1
  • 7
0
votes
1 answer

Repairing Apache after OpenSSL update

I made an OpenSSL upgrade on ubuntu server (14.04 LTS) via apt to 1.1.0f. After the upgrade was finished, I tried to (re)start apache2. Then this appears: * Starting Apache httpd web server apache2 * * The apache2 configtest failed. Output of…
MexHigh
  • 1
0
votes
1 answer

OCSP Stapling for Thawte certificates does not work

OCSP Stapling does not work for Thawte certificates on Nginx, what could be the problem? Configured Nginx to work with OCSP Stapling. ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /ssl/ssl_trusted_certificate.crt; The…
Dmitry Maslennikov
  • 101
  • 5
0
votes
1 answer

DKIM=Fail OpenSSL error: data too large for key size

Below is detailed info on the error. Any help would be appreciated. Thanks DKIM Signature Message contains this DKIM Signature: DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=awp1.com; s=default;…
David Broderick
  • 1
  • 1
  • 1
0
votes
1 answer

F5, Apache and IIS - Error during SSL Handshake with remote server returned

Need to see if anyone can shed some light into an intermittent issue that I get within this setup. First the setup is as follows: End User -> VIP of F5(No SSL and round robin) -> 2 pair of Apache servers(SSL for virtual host) -> F5(SSL and Least…
Alex
  • 1
  • 4
0
votes
1 answer

Difference between openssl's verify and s_client

openssl verify gives me a 20 error code whereas s_client gives me a 1 return code and correctly gets the root certificate. Can anyone point me out to how to verify a downloaded certificate ? ychaouche@ychaouche-PC 10:30:22 ~/TMP/CERTS $ openssl…
ychaouche
  • 262
  • 4
  • 15
0
votes
1 answer

If I'm using HSTS on nginx, does the website force redirecting to HTTP?

I need to access some images and JS files through HTTP, but if I enable HSTS with add_header Strict-Transport-Security "max-age=31536000";, all files are served forcibly through HTTPS. So I used add_header Strict-Transport-Security "max-age=0;". Is…
Seo
  • 1
0
votes
2 answers

from hpux11.3 openssl steps to connect to ftps instrinsic-TLS/SSL

Very hpux11.31 specific question. As a ftps client on a hpux computer, I need to connect to a ftps server using intrinsic SSL/TLS. People may say to use filezilla or curl. I am not looking for that. I am looking for the steps and openssl commands a…
clonea
  • 1
  • 3
0
votes
1 answer

SHA256 fingerprint is changed, how to check when it has happened?

My server is compromised, and when I ssh to it, i get " WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!", I know it is because the SHA256 fingerprint is changed, and you can see the new one by an openssl command but I don't know from where I can…
Alex
  • 159
  • 2
  • 9
0
votes
1 answer

openssl certificate error "signed fields invalid"

On Linux, we are running this command: openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -config openssl.cnf -keyout mycompany.key -out mycompany.crt after posting this, I think the command we actually ran was probably this (but that puts the…
NealWalters
  • 1,333
  • 8
  • 19
  • 39
1 2 3
99 100