Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openssl]

OpenSSL: The Open Source Toolkit for SSL and TLS

OpenSSL is an open source project which develops software for Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1), as well being a full-strength general purpose cryptography library.

OpenSSL provides both a library (for use within your own program), and a series of command line tools for common tasks.

1601 questions
0
votes
1 answer

I can't get OpenSSL to sign a certificate request

I am using OpenSSL 1.1.1k 25 Mar 2021 (source) on Windows 10. I am following this help page to try to get RabbitMQ to use tls. 'c:\OpenSSL\x64\bin' is part of my path. My openssl.cnf file in the working directory: [ ca ] default_ca = testca […
Randy
  • 111
  • 7
0
votes
2 answers

How to Create a SSL Key and a SSL Cert from a Given CA File (Certificate Authority)

I Need to create a encrypted db connection to the Azure Cloud MySQL Servers, They have given us a CA certificate called "BaltimoreCyberTrustRoot.crt.pem" to use when connecting with the Azure MySQL Servers. My Question is when i connect to the MySQL…
mahen3d
  • 4,342
  • 14
  • 36
  • 57
0
votes
1 answer

Certificate for Gitlab-Server is invalid für Subject Alternative Name

My company has a certificate for https://data.ddl.at, which has, among others, a SAN (Subject Alternative Name) for gitlab.ddl.at. This Gitlab-Server is internal, and the domain name is only resolved by our internal DNS-Server. For reference, there…
Pipelynx
  • 3
  • 2
0
votes
2 answers

decode/encode openssl sess.pem file

I'm using openssl sess_id -in sess.pem -noout -text to decode the ssl session parameters in sess.pem file (which i got using sess_out) into human readable text. I wanted to know if there is a way to do the opposite i.e convert the text into sess.pem…
mfghani
  • 11
0
votes
0 answers

Decrypt error in TLS handshake after ServerKeyExchange

I have a WEB application deployed to Tomcat server. I connect to it with Chrome browser with HTTPS but I have decrypt error during TLS handshaking on the client side after ServerKeyExchange. Certificates (3 levels): Server certificate, signed…
Ferenc T
  • 101
  • 1
0
votes
1 answer

Compiled OpenSSL 1.1.1k but library shows older version

I have compiled the latest version of OpenSSL 1.1.1k on Debian Buster. ./config make sudo make install However when I check the version, I realise only the tool has been updated and not the underlying library. What am I missing please? > openssl…
Houman
  • 1,545
  • 4
  • 22
  • 36
0
votes
0 answers

Nginx reverse proxy for RPC over HTTPS - SSL wrong version number

What I am trying to do and my issues Hello. I am setting up a node for the Cortex blockchain. I am running Ubuntu server 20.04 with the latest update/upgrade. I am attempting to secure RPC and WS traffic through the node to prevent any potential…
EffOfX
  • 1
  • 1
0
votes
1 answer

Certbot certs seem to be bad on every computer but mine

Domain: https://americanselfstorageok.com Yesterday morning it started giving a "your connection is not private" warning for me and all of the users and client. It didn't renew the certs automatically for some reason. I ssh'd into the server and did…
JSum
0
votes
0 answers

Trying to force Apache to use only TLSv1.3 on a vhost, but it refuses to disable TLSv1.2

I have a test vhost on my web server for which I'm trying to enforce TLSv1.3-only but Apache refuses to disable TLSv1.2. TLSv1.3 does work however the following validation services all show that TLSv1.2 is still running on my…
Displayname71
  • 109
  • 1
  • 7
0
votes
1 answer

How to add a custom OpenSSL engine with OpenSSL and use from apache server?

I have a custom-built OpenSSL engine. I'm trying to make changes to openssl.cnf to load this engine automatically. My ultimate goal is to use this engine for Apache mod-ssl. Apache mod_ssl to use OpenSSL ENGINE on Ubuntu 14.04, address my issue and…
user45698746
  • 101
  • 2
0
votes
1 answer

vagrant ssh fails with OpenSSL version mismatch

I've been troubleshooting an issue with Vagrant, $ vagrant ssh OpenSSL version mismatch. Built against 100020ef, you have 1000106f $ but if I build the corresponding ssh command manually with the parameters provided by vagrant ssh-config this…
Andrew Richards
  • 336
  • 3
  • 9
0
votes
1 answer

How to read an OpenSSL cipher suite list

hMailserver is an open source Window e-mail server. For incoming e-mail it supports STARTTLS with the help of OpenSSL 1.1.1. It allows configuring the cipher suites, the default…
Jeff
  • 236
  • 2
  • 4
0
votes
0 answers

Logging TLS handshake? (OpenSSL/Mysql) Fatal Protocol Version (70)

I am getting an error instead of Server Hello from the server handshake, an alert protocol version with error 70. The description of SSL Layer shows description of 70. https://www.rfc-editor.org/rfc/rfc5246 The description describes version…
dota_fan
0
votes
2 answers

How to create a certificate with SAN and specific encryption in Windows?

I want to create a certificate with: Subject Alternative Name SHA256 as hash algorithm On a Windows 10 Ent machine, both the above options are not available by default when creating a certificate. Option for SAN doesn't exist and the default cert…
Regmi
  • 207
  • 2
  • 4
  • 12
0
votes
1 answer

Can I combine my openssl key and csr creation commands in to one command keeping des3 passphrase encryption?

I am in the process of trying to automate/script via shell, a method of post server build config for one of our teams, and one of the final steps after all is installed, is to generate an SSL key and csr file ready for upload to our internal…
Tom Marshall
  • 1
  • 1
1 2 3
99
100