Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions
0
votes
1 answer

SSH : "Connection closed by" (debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY)

when I try to connect a specific server via ssh I get : Connection closed by 10.5.8.1 (more detail after) I saw much error similar to mine, but the workaround that seems works with other, don't work here. The workaround consists to reduce the Cipher…
Patrick Ferreira
  • 101
  • 1
  • 4
0
votes
1 answer

openssl s_client shows TLS working on ports 993,465, but mail clients time out on connection attempts

With the recent scares over POODLE, we have begun the process of changing everyone's connections to TLS, instead of SSL... While this process went smoothly for HTTPS, it seems that Dovecot & Postfix reject (or drop, rather - since the connection…
rm-vanda
  • 257
  • 8
  • 18
0
votes
1 answer

Unable to update CentOS 6.5 & OpenSSL

When trying to update OpenSSL on CentOS I am getting some odd errors. #rpm -qi openssl-libs Name : openssl-libs Relocations: (not relocatable) Version : 1.0.1e Vendor: (none) Release : 19.el6…
af-at-work
  • 670
  • 1
  • 6
  • 12
0
votes
1 answer

Tomcat ECDHE-ECDSA chiphers are not supported

Tomcat does not support ECDHE-ECDSA* ciphers. Configuration and version information is given below. OS is CentOS 6.5 x64 Tomcat version is 7.0.56 Tomcat native version is 1.1.30 (Loaded APR based Apache Tomcat Native library 1.1.30 using APR…
jdiver
  • 135
  • 1
  • 4
  • 9
0
votes
0 answers

Updating openssl to fix heartbleed bug tries to remove redis-server

I am trying to fix openssl heartbleed bug on my server. I read that I can update the openssl version with the following command: sudo apt-get install openssl libssl1.0.0 But when i try to run this command i get error like this: libssl-dev :…
maths
  • 101
  • 2
0
votes
1 answer

Resolving “ssl handshake failure” error in PostgresQL

I would like to connect to my Postgres 8.3 database using SSL from my XP client using OpenSSL. This works fine without SSL. When I try it with SSL (no client certificate), I get the error: error:140790E5:SSL routines:SSL23_WRITE:ssl handshake…
Mitch
  • 291
  • 1
  • 4
  • 7
0
votes
0 answers

Check for SSL Weak Ciphers SSL3_RSA_RC4_128_MD5, SSL3_RSA_RC4_128_SHA, TLS1_RSA_RC4_128_MD5, TLS1_RSA_RC4_128_SHA

I am getting a serve ready for PCI compliance, and have one area with crypto from apache with the following report: Weak ciphers offered by this service: SSL3_RSA_RC4_128_MD5 SSL3_RSA_RC4_128_SHA TLS1_RSA_RC4_128_MD5 …
morleyc
  • 1,150
  • 13
  • 47
  • 89
0
votes
2 answers

SSL Client Certificates and NginX

I followed the instructions in this blog post, but when I test it with curl, nginx's $ssl_client_verify variable is always NONE. In fact, curl doesn't even give different output when I don't specify the --cert and --key options at all. It's as if…
Nick Retallack
  • 151
  • 2
  • 8
0
votes
1 answer

How can I generate a non ec private key from openssl via Windows?

I'm experiencing different behavior with an openssl from a linux host and a windows host. I have a pfx that I generated via a windows ca. I use openssl to dissect that pfx to create 3 pem files (ca cert, identity cert, and key). I ran the following…
l0sts0ck
  • 203
  • 2
  • 5
  • 13
0
votes
1 answer

openssl giving me errors and apache is not working with https

I try to configure apache-tomcat with ssl, but find some issues [root@manage conf]# openssl s_client -state -debug -connect 10.104.1.38:443 -key server.key -cert server.crt CONNECTED(00000003) SSL_connect:before/connect initialization write to…
user95711
  • 211
  • 3
  • 4
  • 11
0
votes
2 answers

OpenSSL ChangeCipherSpec vulnerability - ubuntu solution

I checked a site with this tool and the result came back that " This server is vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224) and exploitable." I searched around and found that for not being vulnerable the version must be higher than…
Stefanos.Ioannou
  • 115
  • 1
  • 7
0
votes
2 answers

OpenBSD OpenSSL version after update to -stable

Yesterday I installed OpenBSD 5.5 release and after reading about updating and applying patches to the system (http://www.openbsd.org/errata55.html) I decided to update to the -Stable ("patch branch") following this guide…
charlie_root
  • 1
0
votes
1 answer

EC2 Single Instance Returning Port 80 for SSL

I have a single instance EC2 LAMP server running on an elastic IP on AWS. I created a self signed certificate and enabled the mod_ssl. Currently, I am able to access my website successfully through https (after accepting an unsigned certificate),…
Michael
  • 101
  • 2
0
votes
2 answers

configuring https on EC2

I know similar questions have been asked here and I read them all, but I could not get a clear answer. So I am asking here. I have an EC2 instance.It is a dedicated instance running LAMP. Everything works fine in this using http. I want to run it…
open_sourse
  • 141
  • 2
  • 8
0
votes
1 answer

Failed to bind to: /0.0.0.0:443

I am having problems starting my play framework server on port 443,i am using scala play 2.20 and my play server running fine on port 9443 by following command ./start -Dhttps.port=9443 -Dhttps.keyStore=/home/ubuntu/ssl/tomcat.keystore…
Gabber
  • 179
  • 1
  • 2
  • 9
1 2 3
99 100