Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions

votes

1 answer

Is it better to enable or disable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS?

Title summarizes my question best. I am trying to make my ubuntu 10.0.4 server PCI compliant, and to do so, the last bullet on the list is to make sure it isn't vulnerable to the BEAST attack. To do this, I can disable…

asked Feb 17 '14 at 12:41

jperezov

votes

3 answers

Detect unencrypted SSL keys

I have an OpenVPN server installed on a Debian machine. Is there a way to find which of the keys have been created without being encrypted with a password, so as to replace them?

ssl-certificate openssl x509

asked Jan 28 '14 at 13:17

user200913

votes

0 answers

OpenSSL performance oddity

I've seen something odd regarding OpenSSL performance. This is the output of 'openssl speed aes-128-cbc' on a physical HP Bl460c Gen8 with dual E5-2680's running RHEL/OEL 6.4x64 and OpenSSL 1.0.0-fips; Doing aes-128 cbc for 3s on 16 size blocks:…

openssl performance-tuning

asked Jan 21 '14 at 12:59

Chopper3

101,299
9
108
239

votes

0 answers

Generating an own CA for internal use

I want to create a CA for internal use in our office. I created the CA like the following: openssl genrsa -out rootCA.key 2048 openssl genrsa -out rootCA.key 2048 -des3 openssl req -x509 -new -nodes -key rootCA.key -days 1024 -out rootCA.pem Next…

ssl-certificate openssl

asked Dec 25 '13 at 02:41

Paul

votes

0 answers

What is causing HTTPS handshake not to occur?

I have two systems, running an application that does web service calls over HTTPS. I run a test by trying to log in to the HTTPS over webservice and one system works with HTTPS but the other does not. I have spent a while trying to find a difference…

ubuntu ssl ssl-certificate openssl web-services

asked Dec 13 '13 at 23:47

dnelson

votes

1 answer

How to convert a SSL certificate and private key to a PFX for import in IIS?

Certificate name is: mycert.crt My CSR converted to PEM (RsA) Private key is: private.key I want to create mycert.pfx so I can use it in IIS. When I run this command: openssl pkcs12 -export -out mycert.pfx -inkey private.key -in mycert.crt openssl…

ssl-certificate openssl

asked Nov 22 '13 at 22:13

Developr

votes

2 answers

Apache will not start using mod_ssl.so

Using centos 4.4/apache 2.2.13 with openssl 0.9.8k Built from source. Getting message below, on startup. Everything seems to build fine mod_ssl.so: undefined sysmbol: SSL_CTX_set_info_callback

linux apache-2.2 openssl

asked Aug 18 '09 at 08:34

Peter

votes

0 answers

Uploading an SSL cert to AWS -- Converting cert to PEM

Short Question I have a working crt file imported into tomcat keystore and I need a certificate file and private key file in pem to uplaod to aws cloudfront. Long Question Our SSL cert issued by go-daddy to use the cert for tomcat, hence I have the…

ssl amazon-web-services openssl amazon-cloudfront

asked Nov 01 '13 at 16:06

user192788

votes

1 answer

Apache cannot read certificate file

I use self-signed certificates with no issue but today I have tried to create a SSL certificate for commercial use. But apache doesn't start and gives the following error: Notice: I have confirmed that crt file is valid as CSR decoder loads the…

apache-2.2 ssl-certificate openssl

asked Oct 27 '13 at 17:08

user196395

votes

1 answer

Renewing a self-signed certificate

Is there a way to reset the expiry of a self signed X.509 certificate but keep both the public and the private key as they were? Technically this should be nothing more than a different date for the "Not After" tag and a fresh signature instead of…

openssl certificate x509

asked Oct 20 '13 at 10:01

aef

1,745
4
25
43

votes

1 answer

Export openssl cert public key to DER format

i'm looking for a way to export my openssl certificate (the public part) used by apache2 (.pem file) to import it to an android device's credential storage (Settings menu> Security > Credential storage > Install from device storage) as explained…

apache-2.2 openssl export android import

asked Oct 16 '13 at 14:38

mp04

votes

1 answer

OpenSSL not using CA directory

OpenSSL will not verify a cert $openssl s_client -connect :443 ... Verify return code: 21 (unable to verify the first certificate) However, if we figure out the location of the store $ openssl version -d OPENSSLDIR: "/usr/lib/ssl" $ ll…

ssl-certificate openssl certificate-authority

asked Oct 15 '13 at 21:06

Mike S

votes

1 answer

RapidSSL nginx Certificate issuer is me

I have baught the SSL certificate from RapidSSL. I have concatenated the chain files of RapidSSL CA and GeoTrust Global CA But when I check it on http://www.sslshopper.com/ I have this : The certificate is self-signed. Users will receive a warning…

nginx ssl-certificate openssl

asked Oct 14 '13 at 20:47

Aymane Shuichi

votes

1 answer

Create self signed SSL certificate - nginx

I want to create a self signed SSL sertificate for my website. I will not use it for accessing the website itself but for other services i am going to be using (roundcube, phpmyadmin etc). I want to use https in these services as i am going to be…

nginx ssl-certificate openssl

asked Sep 26 '13 at 15:27

Christos Baziotis

votes

1 answer

An issue with HAPROXY on sll that give error verify return code: 20

I have an issue with HAProxy config on AWS. The issue is when I make requests over SSL it triggers two types of errors: When I go to https it gives this following error: "The plain HTTP request was sent to HTTPS port" When I do a cli command such…

amazon-web-services haproxy openssl

asked Sep 09 '13 at 08:15

Sivan Wolberg

Prev 1 2 3

…

99 100 Next