Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [self-signed-certificate]

A self signed certificate is signed with its own private key instead of the private key of a higher or publicly trusted certificate authority (CA).

135 questions
1
vote
2 answers

Unable to access a server with a self-signed SSL certificate from some devices

I'm struggling to connect to an SSL site (self-signed certificate) that seems to work from other computers/internet connections. I've tried accessing the site using wget: wget https://example.com --no-check-certificate --2018-02-06 17:07:50-- …
Amr Bekhit
  • 111
  • 1
  • 7
1
vote
0 answers

Apache : Wrong hostname is checked when connecting to proxyed sever using SSL

I'm trying to make this setup work : Reverse proxy : SSL enabled and facing the internet using Let's Encrypt certificate (reverse-proxy.com). Target : Site accessed via the reverse proxy with SSL enabled using internal certificate chain…
MathieuR
  • 141
  • 1
  • 6
1
vote
3 answers

How is a self-signed certificate different from a certificate signing request?

From the wiki page for a Certificate signing request: In Public Key Infrastructure (PKI) systems, a Certificate Signing Request (also CSR or certification request) is a message sent from an applicant to a Certificate Authority in order to apply for…
mbigras
  • 289
  • 1
  • 3
  • 11
1
vote
2 answers

Difference between CSR creation and create domain certificate

I'm a CA admin and I'm new to this field, Can any one explain the below scenario and explain the difference between them. Scenario 1 System Admin creates a CSR file and give it to me... I will generate a certificate by CSR file and issue it back…
azarhsaf
  • 21
  • 3
1
vote
1 answer

Reverse DNS and Mailserver and self generated certificates

this is my first question here, so don't kill me if it sounds stupid. I don't know much about server administration, that's why we booked a managed server to host our clients. So far we have been to setup most of it but I am concerned about the…
Mtm Project
  • 13
  • 3
1
vote
1 answer

WildFly with client certifactes: javax.net.ssl.SSLException: Received fatal alert: unknown_ca

I'm trying to install a wildfly9 server with client certificate authorization. To do that I have: On the Client: Create a self signed certificate: keytool -genkey -keystore client.keystore -validity 3650 -keyalg RSA -keysize 4096 -storetype…
Steffen
  • 989
  • 3
  • 13
  • 31
1
vote
1 answer

Which certificate store do I put a third party self-signed SSL certificate to have authentication working without extra security risks?

I'm trying to setup client certificate authentication in an ASP.NET MVC3 application running in IIS 8. The client (Good Third Party) uses a self-signed SSL certificate to authenticate himself and my application knows the thumbprint in advance and…
sharptooth
  • 2,739
  • 4
  • 32
  • 40
1
vote
0 answers

Nginx ssl port 433 not open/listening (refused to connect)

I'm running nginx 1.6.2 on Linux and using CloudFlare origin certificates for HTTPS, I have installed the certificate and key in (for example) /path/to/certs and run chown 600 root on the directory and the certificate files (origin.pem and…
Luke Moll
  • 111
  • 1
1
vote
1 answer

Signing Powershell scripts that are included in another script?

Do I need to sign every Powershell script (external .ps1 file) that I include in my Powershell profile? If so, can I sign it with the same certificate (or is that a worst practice)? And just to be clear if a script changes, I only need to resign…
leeand00
  • 4,869
  • 15
  • 69
  • 110
1
vote
1 answer

Signing/Generating SSL Certificates for ElasticSearch (search-guard)

I am trying to build my own ElasticSearch cluster and I decided to use an open source plugin called Search Guard. It requires generation of client and host/node certificates. In its demo there is a script which generates a root ca, client and node…
iboware
  • 111
  • 3
1
vote
0 answers

Is it possible to use subjectAltName with one word domains?

I'm running my own CA. My new cert's desired CSR has CN papaya. I'm looking to add some local domain structure with subjectAltName, but browsers are rejecting the added domains. This is my openssl.cnf used for signing: [req] default_md =…
lkraav
  • 786
  • 1
  • 8
  • 22
1
vote
2 answers

Powershell New-SelfSignedCertificate missing -NotBefore in Windows 2012r2

My 2008 powershell script is not working correctly in 2012r2. The command New-SelfSignedCertificate -DnsName test.testdomain.com -NotBefore [datetime]::now.AddYears(10) comes back with: New-SelfSignedCertificate : A parameter cannot be found…
Zonus
  • 203
  • 1
  • 5
  • 12
1
vote
1 answer

Self Signed Root Certificate with SAN in child

I am trying to implement a better set of self signed certificates at my company. What I want is this: All certificates are signed by one root certificate, so developers can trust just this root certificate Child certificate are wildcards of the…
Max Bucknell
  • 223
  • 1
  • 3
  • 9
1
vote
1 answer

How can I trust my self signed root CA on Fedora?

I've generated a root CA certificate and key on my fedora system, using the following command: openssl req -new -x509 -extensions v3_ca -keyout \ /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem -days 365 I have then generated a self…
dcrdev
  • 89
  • 1
  • 1
  • 9
1
vote
1 answer

Why am I getting URL mismatches on my wildcard self signed certificate?

I'm trying to set up a self signed wildcard certificate for use by Apache, normally this is pretty straightforward I just set a subjectalternate name with the root domain and specify *.dcrdev.com in the common name field. However it seems this is…
dcrdev
  • 89
  • 1
  • 1
  • 9
1 2 3
8 9