Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions
0
votes
1 answer

CSR: Extract PKCS#10 contained in a PKCS#7

Hi eveyone: let's see if someone can help me ;) I'm quite noob at this field so please be gentle. At my job someone passed me a CSR. This CSR is a PKCS#10 request enveloped in a PKC#7 request. My task is to extract this PKCS#10 request. I found this…
Noob_Number_1
  • 145
  • 1
  • 7
0
votes
1 answer

mac ssh fails in user mode succeeds in root mode for same private key

System Configuration: MAC Version : 10.10.5 uname -a Darwin xxxxx-xxxx 14.5.0 Darwin Kernel Version 14.5.0: Tue Sep 1 21:23:09 PDT 2015; root:xnu-2782.50.1~1/RELEASE_X86_64 x86_64 Issue: Not able to connect to a server using the SSH…
kumar_m_kiran
  • 103
  • 3
0
votes
1 answer

Cassandra security using openssl (not keytool)

I saw Cassandra documentation. http://docs.datastax.com/en/cassandra/2.1/cassandra/security/secureSSLCertificates_t.html I found this line "SSL certificates must be generated using keytool". But I have my self-signed CA (easy-rsa openSSL), that is…
Mark Taylor
  • 121
  • 2
0
votes
1 answer

Why can I not parse my certificate signing request with openssl on my Windows workstation

Workstation: Windows Pro 8.1 OpenSSL version: 1.0.2d-x64 I have a CSR generated via an Exchange 2010 management console. I'd like to self sign it with openssl but I am having issues parsing the CSR. I'm trying to verify the CSR with the following…
Digital ink
  • 500
  • 1
  • 10
  • 23
0
votes
1 answer

VPN IPSec on a user's local laptop, or SSL VPN?

We have bought a firewall (sonicwall nsa) and it comes with 2 SSLVPN license. With it, we also can download NetExtender, which I understood it as establishing some sort of VPN session between the local client and our firewall, and make the local PC…
surfcode
  • 245
  • 2
  • 6
  • 16
0
votes
2 answers

Proftpd with TLS not working on CentOS

Since last month update, Proftpd with TLS not working anymore on Centos 5.11 and Centos 6.7. While trying to connect with FileZilla client, it gets stuck at "Initializing TLS..." Installed Openssl and proftpd version on CentOS…
Minhaj
  • 177
  • 4
  • 14
0
votes
3 answers

Is there a way to completely suppress SSL-related warnings at the OS level on Windows or at the browser level for any major browser?

I understand why SSL warnings are needed and why users, even experienced ones, should be prevented from easily ignoring them. I also understand that in general, the "white list" or trusted untrustworthy root CA approach is the best approach when…
tacos_tacos_tacos
  • 3,250
  • 18
  • 63
  • 100
0
votes
1 answer

How do I create a SSL cert so my apache server can connect to my LDAP/AD server?

This is related to the question I asked last week. The issue is that suddenly, my apache server was unable to connect to my LDAP (Active Directory) server for sites that require authentication. After much digging, I discovered that the SSL…
SethG
  • 314
  • 1
  • 3
  • 7
0
votes
3 answers

OpenSSL: certificate signature failure error

I'm trying to wget La Banque Postale's website. $ wget https://www.labanquepostale.fr/ --2009-10-08 17:25:03-- https://www.labanquepostale.fr/ Resolving www.labanquepostale.fr... 81.252.54.6 Connecting to www.labanquepostale.fr|81.252.54.6|:443...…
Etienne Dechamps
  • 2,194
  • 8
  • 24
  • 28
0
votes
1 answer

Opennssl 1.0.2 certificate selection based on client settings

In one article I read that Openssl 1.0.2 allows you to select the certificate, depending on client configuration. For example Windows XP early SP2 does not support ECC certificate. for this server will return one certificate and other certificate…
Dmitry Gorozhanin
  • 153
  • 7
0
votes
1 answer

Linux AMI's version of OpenSSL is 1.0.1k but PCI compliance requires 1.0.1p

I run a linux AMI on AWS with version 1.0.1k of openssl $ openssl version -v OpenSSL 1.0.1k-fips 8 Jan 2015 PCI compliance requires a version greater than 1.0.1p because they claim that there are known security issues with older versions. When I…
Mika
  • 101
  • 1
  • 4
0
votes
0 answers

SSL_CTX_use_PrivateKey_file failed - aborted

I'm trying to update few of existing SSL certificates with updated expiration on following system: # cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.7 (Santiago) # uname -a Linux X 2.6.32-573.3.1.el6.x86_64 #1 SMP Mon Aug 10…
alexus
  • 13,112
  • 32
  • 117
  • 174
0
votes
0 answers

libssl.so.5 required for xmlsec1-openssl on Amazon AMI Linux

I am trying to set up xmlsec1-openssl in order to install LASSO on an Amazon AMI Linux. I have xmlsec1 1.2.7-4 setup for an x84_64 arch. I downloaded the RPM for the xmlsec1-openssl 1.2.7-4 (x86_64) from here When I execute yum install…
user312369
  • 23
  • 6
0
votes
1 answer

OpenSSL get's the server SSL key instead of the website SSL key

If I navigate to my site, it shows in the browser that my ssl key is correct for my site hosted at WP Engine. It is showing and validating my certificate. However, if I connect with openssl, it get's the underlying servers ssl key. openssl s_client…
AAA
  • 247
  • 1
  • 2
  • 9
0
votes
1 answer

I just installed LAMP on a new CentOS 7 server - why are my php-openssl commands undefined?

I have some scripts that utilize some of the openssl PHP functions, such as openssl_opbkdf2. I am migrating from an Ubuntu server to a newly-created CentOS 7 server with a fresh install of the entire LAMP stack. Despite hours and hours of…
Shawn Bradley
  • 13
  • 1
1 2 3
99 100