Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions
0
votes
1 answer

HowTo use https with apache

I'am trying to configure apache to use a Self signed certificate to Secure https connections. This is working Fine using only One domainname. But how do i configure this to Support the Different hostnames our Server can be reached? I've tried to…
Lif3styl3
  • 1
0
votes
2 answers

Openssl heartbleed update not working with compiled Apache 2.4.7

We are still having heartbleed issues with one of our servers. We did the update with yum and restarted apache and any service that was using the vulnerable version of openssl. When we test our site to see if it is still vulnerable it says that it…
Tyler Knotek
  • 1
0
votes
2 answers

openssl update 1.0.1f to 1.0.1g broke sendmail (SSL23_GET_SERVER_HELLO:tlsv1 alert decode error)

Two days ago I updated openssl 1.0.1f to 1.0.1g. Everything seemed fine. But after a while an error popped up in the sendmail log: OpenSSL 1.0.1g fails Apr 10 10:13:45 mail sendmail[17568]: STARTTLS=client, error: connect failed=-1, reason=tlsv1…
Teddy
  • 195
  • 2
  • 8
0
votes
2 answers

Possible Heartbleed Compromise recovery

I have a web-server, (complete with user account and payment system), that was vulnerable to the Heartbleed attack. What I'm wondering is: How can I detect if my server has been compromised? How do I recover from a heartbleed attack? How do I…
Azzie Rogers
  • 125
  • 4
0
votes
2 answers

Apche2 multiple ssl configuration not working

I have set up two ssl certificates on apache2 but when i enter with domain the first certificate works and when i enter with server ipadress it shows me the same certificate which i have on domain. I have disabled default and default-ssl vhosts. …
guest123
  • 1
  • 1
0
votes
1 answer

How should I structure my CA hierarchy?

My current setup involved a self signed root CA, which has then signed my SSL/TLS CA and my OpenVPN client CA. The SSL/TLS CA signs the certificates of my servers, and the OpenVPN client CA signs the certificates of OpenVPN clients. Should the…
Robin McCorkell
  • 273
  • 1
  • 10
0
votes
3 answers

upgrade to apache 2.4.9 opensssl error SSL_get_srp_userinfo

I am running Centos 6.5 2.6.32-431.11.2.el6.x86_64. I have Apache PHP and openssl which I compiled from source apache2.4.7 php 5.5.10 openssl 1.0.1f I have updated apache to 2.4.7 on another instance sucessfully, but on this server I get the…
user207044
  • 11
  • 1
  • 2
0
votes
3 answers

PHP exec "unable to fork" intermittent error on CentOS VPS

Using: PHP 5.5.10 nginx 1.5.10 Centos 6.5 a xen-based 4GB VPS My site uses encrypted paypal buttons. This encryption is done by the following code: $openssl_cmd = "($OPENSSL smime -sign -signer $MY_CERT_FILE -inkey $MY_KEY_FILE " . …
Codemonkey
  • 1,086
  • 4
  • 19
  • 41
0
votes
1 answer

dd unable to write to tape drive

I'm trying to dump our online backups to tape; for obvious reasons I want to encrypt the data on the tapes, so to write to the tape I need to tar everything up, pipe that to openssl to encrypt it, then write that to tape: tar c /etc | openssl…
fukawi2
  • 5,396
  • 3
  • 32
  • 51
0
votes
1 answer

StartSSL.com SSL Class2 Certificate and Postfix

currently my Postfix 2.11 instance runs TLS on a GoDaddy SSL Certificate but as i would like to be able to access my server from smtp.example.com as well as imap.example.com, example.com or example.org i bought a cheap SSL Class2 Certificate at…
peris
  • 508
  • 2
  • 9
  • 27
0
votes
0 answers

Fixing nginx 1.4.6 dependency on old openssl version (libssl0.9.8)?

I'm trying to enable TLSv1.1 & TLSv1.2 on my Ubuntu 12.04 EC2 instance w/ nginx 1.4.6, but this version of nginx is dependent upon libssl0.9.8, even though the newest version of OpenSSL is installed (1.0.1). How can I resolve this so I can enable…
eclipsis
  • 433
  • 1
  • 4
  • 9
0
votes
0 answers

sshd installation broken. Repair with only file system access

I broke the sshd installation on a remote host and now ssh doesn't startup. I can mount the file system on the host through a rescue system. The rescue system is debian based and the host system is centos I'm currently investigating repairing using…
EoghanM
  • 560
  • 2
  • 7
  • 15
0
votes
2 answers

Restart of nginx service fails because of /etc/nginx/nginx.conf test failure

Installing 3rd party SSL on DigitalOcean Droplet, Apache running Ubuntu 12.10. Following the instructions here: AlphaSSL on Apache Self signed SSL instructions from DigitalOcean So everything seems to be going all right. I make the edits to all…
gersande
  • 103
  • 1
  • 1
  • 5
0
votes
0 answers

Installing proftpd - dependency issues (libcrypto.so and libssl.so.10)

I'm trying to install proftpd (for usage with zpanel if that's relevant), but I can't get passed these dependencies issues. I've tried to add a bunch of different packages/repos for yum, but it still produces the exact same error. At first I thought…
Steffen Martinsen
  • 9
  • 2
0
votes
1 answer

Where can I find the file to set SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS

Title says the question. I am having difficulty finding the file (and am aware that it is disabled by default with SSL_OP_ALL). I am aware that the location will vary from server to server, but it should have at least a few common locations, and the…
jperezov
  • 133
  • 1
  • 7
1 2 3
99 100