Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions
0
votes
1 answer

Can't get self-signed CA cert to request corresponding client cert; Apache

I'm running Apache 2.2 on Windows, and have mod_ssl working fine for delivering a commercially signed server cert. (A wildcard cert, though I don't think it matters.) I'm trying to get the server, on certain VirtualHosts, to require a client…
lairdb
  • 131
  • 7
0
votes
1 answer

Error while converting der private key to pem

I have DER private key and certificate. I need to convert them to PEM format. Certificate converted normally, but when i try to convert key this error happens: # openssl x509 -in client-key.der -inform DER -out private.pem -outform PEM unable to…
Timur
  • 103
  • 1
  • 3
0
votes
1 answer

How to install godaddy's ssl on apache

I'm setting up a mail server for a company, I've done everything, generated csr, everything is working, I just need to add godaddy's ssl, the instructions given by godaddy aren't clear, i need some help, we have a centos dedicated server and apache,…
Lynob
  • 241
  • 1
  • 9
  • 17
0
votes
1 answer

Unable to load certificate in openssl

In Ubuntu when i was trying to execute openssl s_server -cert server.pem -www I get the following message unable to load certificate 3074300104:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:696:Expecting: TRUSTED…
Sahithi
  • 21
  • 1
  • 1
  • 1
0
votes
1 answer

Can I set the SSLInsecureRenegotiation Directive with SetEnvIf?

We're running Apache 2.2.22 with OpenSSL 0.98, one of our Citrix NetScaler Hosts cannot send a client certificate after handshaking SSL as we have to set SSLInsecureRenegotiation off as a security standard. Is there anyway to dynamically set this…
ev4nsj
  • 1
  • 2
0
votes
1 answer

Openssl, my private key is either missing or lost

I am trying to setup ssl on my webserver for https. I have come to a point where it seems all I am missing is my private key. I initially followed this guide https://buddycloud.org/wiki/Quickly_create_valid_SSL_certificates, and it failed at making…
Thomas Sigurdsen
  • 13
  • 1
  • 3
0
votes
1 answer

Converting .cer to .pem errors

I realize that there are multiple posts about converting .cer to .pem, but none actually mention issues regarding the coversion. I have a cert named Cert.cer (original, I know) that I'm trying to convert to Cert_PEM.pem using the following…
Joshua
  • 179
  • 1
  • 3
  • 12
0
votes
1 answer

Difference between ERRNO 19 and 20 in OpenSSL

I have a valid certificate installed on a server and when using the -CApath option with OpenSSL, the certificate chain is valid. However if I don't provide the -CApath option I receive this: 19:self signed certificate in certificate chain When I…
atx
  • 1,281
  • 1
  • 9
  • 26
0
votes
3 answers

RHEL/Apache ssl.conf configuration issue

We've got multiple subdomains, each with it's own virtualhost entry in httpd.conf and (for those supporting https) in ssl.conf as well. Our main www subdomain has a GoDaddy cert associated with it. The subdomain I'm configuring right now in our…
codemonkey
  • 135
  • 1
  • 9
0
votes
1 answer

Ubuntu Running an instance over HTTPS

I want to run one of my instance in AWS ubuntu over HTTPS.What is the options available for this ? I'm using free acoount so should I purchase a SSL from amazon or I can create my own certificate and port it to my instance. Can you tell the best…
user1263374
  • 133
  • 1
  • 1
  • 5
0
votes
1 answer

How do I downgrade openssl?

I am trying to install the StGeorge payment gateway api on my CewntOS VPS. But when I tried running php test.php I get error: error while opening file libwebpayclient.so So I tried: ldd libwebpayclient.so Which showed that libssl.so.6 and…
mps_sudip
  • 57
  • 2
  • 4
0
votes
1 answer

Adding root certificate to CentOS 5

Recently one of my machines was put behind a proxy meaning some programs I had working no longer do. When i try to do "openssl s_client -showcerts -connect remoteserver:remoteport" it presents me with a lovely "Verify return code: 20 (unable to get…
Onitlikesonic
  • 1,201
  • 5
  • 17
  • 24
0
votes
1 answer

postfix, TLS and rapidssl - "verify error:num=19:unable to get local issuer certificate"

I have a certificate from rapidssl. I run this command: openssl s_client -showcerts -connect smtp.server.com:465 I get this error: verify error:num=19:self signed certificate in certificate chain Here is what I have in my postfix main.cf, and what I…
technobuddha
  • 9
  • 1
  • 2
0
votes
2 answers

InstantSSL's certificate no different than a self signed certificate under Nginx with an IP accessed address

I ordered an ssl certificate from InstantSSL and got the following pair of files: my_ip.ca-bundle, my_ip.crt I also previously generated my own key and crt files using openssl. I concatenated all the crt files: cat my_previously_generted.crt…
TheOne
  • 605
  • 1
  • 6
  • 7
0
votes
1 answer

Make a wildcard using TinyCA

I have 3 web servers all located behind it`s own public IP. Is it possible to make a wildcard for example non *example.com in tinyCA, and how I proceed to get this to work? I have searched google for help but has not found any good tutorial.
Kahrann
  • 1
  • 1
1 2 3
99 100