Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions
0
votes
1 answer

Nginx Config file need to be configure

I have generated the certificates as given below: Root-CA -> Intermediate-CA -> Server Root-CA: rootca.key rootca.crt rootca.crl Intermediate-CA: intermediateca.key intermediateca.crt intermediateca.crl Server: server.key server.crt Here,…
soup
  • 76
  • 4
0
votes
0 answers

Unable to configure ssl on mariadb using certbot generated certificates and private key

I'm using certbot to generate a certificate for mariadb server and client ,but it's not working. sudo certbot certonly -d mariadbserver -d mariadbuser This is the command that i've used to generate certificates using certbot, I've got 4 files for…
Vijay
  • 1
  • 2
0
votes
0 answers

How to debug ssl_client_verify = NONE while the client cert is supplied?

We've a nginx setup running on docker. nginx version: 1.13.11 openssl version 1.1.1 docker os image: Ubuntu 18.04.2 LTS docker container running on an aws ec2 instance running: 18.04.6 LTS (Bionic Beaver) In the nginx site config, we've specified…
skwokie
  • 165
  • 2
  • 9
0
votes
1 answer

How to debug OpenSSL SSL_read: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure, errno 0

We have a nginx setup with client certificate authentication running on docker, we are only using these ssl settings: ssl_protocols TLSv1.2; ssl_ciphers…
skwokie
  • 165
  • 2
  • 9
0
votes
1 answer

How can I create a self-signed certificate that works with the browser?

I have been trying to create a self-signed certificate. The Firefox browser says the certificate is "not secure." I created the certificate following this SO explaination: Is it possible to generate RSA key without pass phrase? I entered the…
brohjoe
  • 101
  • 2
0
votes
0 answers

SSL decode error/eof postfix

Recently started receiving this error and unable to find any solution to this, any ideas? OpenSSL version: OpenSSL 3.0.4 21 Jun 2022 (Library: OpenSSL 3.0.4 21 Jun 2022) Postfix version: mail_version = 3.6.4 Dovecot version: 2.3.19.1…
tmclo
  • 1
  • 1
0
votes
0 answers

SSL certificate not working

I'm going to put an application on a new server (after upgrading it from PHP 7 to PHP 8). I can connect to the server(Red Hat) only using VPN (pulse). my purpose is to run the application on the browser. when I connect to the server then I run curl…
Naruto Uzumaki
  • 31
  • 1
  • 1
  • 3
0
votes
0 answers

Connection to mosquitto failed with error code 'error:1408F10B:SSL routines:ssl3_get_record:wrong version number'

I'm having problems configuring mosquitto with SSL. Everything works fine in clear text (1883) but when I do the SSL configuration and test it (8883), I get the following errors: mosquitto_pub --host 127.0.0.1 --port 8883 --topic test -m "bankai"…
theirman
  • 1
  • 2
0
votes
1 answer

OpenVPN issue verifying CRL

With an OpenVPN/EasyRSA 3 setup (split machines for CA and VPN entry point), I'm facing the issue that whatever CRL I generate, OpenVPN seemingly cannot handle it. Setup Overview: Things That Go Well I was following these guidelines to setup the…
jbndlr
  • 101
  • 4
0
votes
1 answer

Build OpenSSL 1.1.1q with FIPS in RHEL 8

Is it possible to build OpenSSL 1.1.1q with Fips support in RHEL 8? In RHEL 8.6, the supported version is OpenSSL 1.1.1k FIPS. But I want to upgrade this OpenSSL to the latest. Thank you in advance.
user1631072
  • 1
  • 1
  • 1
0
votes
1 answer

Building PHP 8.1.8 with open SSL, failing unable to find package. Lambda Layer

I'm trying to build a PHP8.1.8 lambda layer however i was following https://aws.amazon.com/blogs/apn/aws-lambda-custom-runtime-for-php-a-practical-example/ And just using the correct version, so the first thing I did was spin up a Node.JS Lambda in…
Martin Barker
  • 279
  • 1
  • 17
0
votes
1 answer

Apache HTTPS not works, HTTP works

OS: Ubuntu Server 20.40. WebServer: Apache2 SSL: OpenSSL SSL Module enabled SSL files copied on server SSL site configurated (above the code) Apache Syntax: OK Firewall: disabled HTTP request works HTTPS request do not works (timeout) I'm missing…
Katalux
  • 1
  • 1
0
votes
1 answer

SSL Cert Issues with Proxy Server Configuration

Running into an issue when applying an SSL cert to one of our reverse proxy servers - "This server could not prove it is ". I think I might be confusing some of the SAN settings on the cert as well as server host names, dns, etc. Here's…
jrd1989
  • 698
  • 15
  • 48
0
votes
1 answer

Chrome shows ERR_CERT_COMMON_NAME_INVALID when firefox is happy

Learning how to work with certificates, maybe will have local CA server. I have server with BMC, so I used it for practicing. Generated CA pair then host pair and then signed host CSR with CA pair to get host crt. I uploaded CA crt to chrome trusted…
Oleksandr Znachkov
  • 1
  • 1
  • 1
0
votes
1 answer

Infinite loop of BN_mod_sqrt not resolved after updating openssl in Ubuntu

as I mentioned; I updated my openssl version to 1.1.1-1ubuntu2.1~18.04.15 and followed the code mentioned in github.com/drago-96/CVE-2022-0778 to verify if it is fixed. But it's going into an infinite loop. Do I need to update any other package? Or…
user41965
  • 101
  • 2
1 2 3
99 100