Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl-certificate]

SSL certificates are used to encrypt and authenticate connections to network servers, most popularly for web servers but also email, file transfers, and other network connections.

SSL (Secure Sockets Layer) is a protocol that is used to encrypt and authenticate connections between clients and servers. Certificates are configured on the server so that the client can verify that the connection has not been hijacked, as well as verify that the connection is secure from end to end.

3250 questions
8
votes
1 answer

Adding a self-signed cert to the trusted certs within cURL in Windows?

I have created a self-signed cert from the instructions on this page, have installed it and it appears to all be working correctly, but now I need cURL to trust it. Since the later versions of cURL don't include a trusted list within a .pem file, I…
Brett
  • 319
  • 1
  • 3
  • 12
8
votes
3 answers

Do I have to buy a second wildcard certificate for a subdomain?

We already have a wildcard certificate for *.mycompany.com. Our network has hosts that are only reachable internally. All of them belong to the internal.mycompany.com subdomain. There is a private server with the host name…
Rafael Bugajewski
  • 799
  • 7
  • 15
8
votes
5 answers

Remote desktop certificate error - how to connect anyways?

I have a remote server that I can only access through RDP. It uses a proper SSL certificate from godaddy for RDP, not a self signed one. The server is 2008R2, and I believe is set to the default of requiring network level authentication. …
Grant
  • 17,859
  • 14
  • 72
  • 103
8
votes
3 answers

Do I have to update my snakeoil certificate after updating openssl (heartbleed)?

I just updated my debian wheezy server to the newest version of the openssl package which has the heartbleed bug fixed. I do support SSL on my server, but only with a snakeoil certificate. I was just wondering if there is actually any security…
Preexo
  • 194
  • 7
8
votes
2 answers

Discerning GoDaddy SSL Certificate Types

I'm following these instructions for installing a GoDaddy Certificate in Apache Tomcat: http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x?locale=en However, in the steps a root…
nybblesAndBits
  • 83
  • 1
  • 1
  • 4
8
votes
2 answers

IIS no longer trusts any CAs for client authentication

Yesterday the IIS on our build server (running Windows Server 2012) started refusing our clients' certificates. The certificates are signed using our own self-signed CA cert that has been added to Trusted Root Certification Authorities (local…
Yrlec
  • 230
  • 4
  • 12
8
votes
2 answers

Windows PKI: How can I import, sign/issue and export a large number of CSRs?

I have a lot of CSRs that I need to have signed/issued and exported in windows. I was hoping I could batch process them somehow (certutil sounds like it can do some of the work) but I'm not quite sure how I can go about doing this. Is it…
user183178
  • 81
  • 1
8
votes
2 answers

Can we use a certificate bought for one domain on another domain?

We bought a certificate two years ago for service1.domain1.com and it is valid up to 2018. The problem is that domain was managed by third party and they are going to drop that sub domain. My question is can we use the certificate bought for…
Jonas T
  • 225
  • 3
  • 9
8
votes
4 answers

What's the common practice of when to update a soon expiring SSL certificate?

Recently Windows Azure Storage SSL certificate expired and that causes a lot of problems. Now the certificate can be retrieved by any user and so everyone could have noticed that it was going to expire. Now what's the typical timeframe of replacing…
sharptooth
  • 2,739
  • 4
  • 32
  • 40
8
votes
3 answers

Check remote certificate - MySQL

I've found Save Remote SSL Certificate via Linux Command Line but in the case of MySQL (and thus TLS) it doesn't work. So the question is - how do I check remote certificate for TLS connection to MySQL?
Wojtek
  • 554
  • 1
  • 4
  • 10
8
votes
2 answers

How does IE/Chrome know which Intermediate CA to use when not part of chain?

A server on my network is signed with a certificate issued by RapidSSL CA but does not supply to complete issuer chain (RapidSSL CA's certificate is issued by GeoTrust CA which is a trusted root authority). When I access the site using firefox I…
Wilhelm Kleu
  • 183
  • 1
  • 4
8
votes
2 answers

Converting .cer to .pem?

I have zero knowledge on certificates . I searched on internet and found few , but none of them helped me in my case. I am on Red Hat Enterprise Linux ES release 4 (Nahant Update 9) I am trying to convert .cer ( this is a CAS certificate) to .pem…
Bujji
  • 223
  • 1
  • 2
  • 5
8
votes
2 answers

Configuring client certificate authentication in apache

I am trying to set up part of a Virtualhost in apache to require client authentication. The VirtualHost in question also acts as a reverse proxy for the actual web server. Here's what I have done: Created ca.crt, ca.csr, and ca.key on the server I…
DanielGibbs
  • 573
  • 5
  • 13
  • 32
8
votes
1 answer

What's the basis for "automatically select the certificate store based on the type of certificate"?

When I import a certificate, I'm offered the option to "automatically select the certificate store based on the type of certificate". What basis does Windows use? Which types of certificate end up in which stores?
Roger Lipscombe
  • 2,177
  • 6
  • 24
  • 37
8
votes
1 answer

What happens to encrypted mails when CA certificate expires in my Windows Domain

does anybody know what will happen to encrypted /signed mails when a root authority certificate expires in my domain network? Can the certificate still be validated from the clients and will the clients recognize that the certificate was valid when…
Wolfgang
  • 107
  • 5
1 2 3
99 100