Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl-certificate]

SSL certificates are used to encrypt and authenticate connections to network servers, most popularly for web servers but also email, file transfers, and other network connections.

SSL (Secure Sockets Layer) is a protocol that is used to encrypt and authenticate connections between clients and servers. Certificates are configured on the server so that the client can verify that the connection has not been hijacked, as well as verify that the connection is secure from end to end.

3250 questions
7
votes
1 answer

If I get a certificate signed for ECDSA will older browsers be able to use RSA?

I'm looking into using ECDHE-ECDSA and there are a lot of great articles on why (https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/) and (http://blog.cloudflare.com/ecdsa-the-digital-signature-algorithm-of-a-better-internet), for…
paintedbicycle
  • 199
  • 1
  • 3
  • 15
7
votes
1 answer

How to add custom OID for subject field on certificates issued by Windows Server 2008 R2 CA?

I'm using a Windows Server 2008 R2 domain controller with Active Directory Certificate Services installed. It's configured as an Enterprise Root CA. I have configured a custom certificate template so that I can generate extended validation SSL…
slantalpha
  • 305
  • 1
  • 5
  • 17
7
votes
5 answers

"Issued certificate not yet valid." with wget?

I am getting the following error when using wget to fetch a file: Issued certificate not yet valid. To connect to www.atlassian.com insecurely, use ‘--no-check-certificate’. Testing with openssl returns a similar message: Verify return code: 9…
AXE Labs
  • 1,549
  • 5
  • 19
  • 24
7
votes
3 answers

Dovecot error: ssl enabled, but ssl_cert not set

I've been trying to get Postfix and Dovecot set up for days and I think I have resolved all problems except for one that just came up. When I try to restart Dovecot I get the following error message: doveconf: Fatal: Error in configuration file…
Steve
  • 71
  • 1
  • 2
  • 4
7
votes
1 answer

Openssl error 19: “Self signed certificate in certificate chain” when keyed by GoDaddy

Can someone help me understand how to verify that my SSL cert is installed properly (or troubleshoot why it isn't)? I installed GoDaddy SSL certificate on my Apache server. Some users are still reporting issues (Some versions of IE say "This page…
Ben Allfree
  • 71
  • 1
  • 1
  • 2
7
votes
2 answers

Can't make httpd use correct SSL

I have a signed CA, issued by my university. I generated my CSR using their public key file as so: openssl genrsa -out myservername.key 2048 (new key) openssl req -new -key myservername.key -out myservername.csr I sent them the CSR, they sent me…
monkeymatrix
  • 167
  • 1
  • 2
  • 7
7
votes
2 answers

Pound Proxy with multiple SSL Certificates

After reading on the Pound website that SSL does not support virtual host names, this in fact seems quite strait forward and obvious to me now. I have a pound load-balancer I wish to terminate SSL connections with. If a web server behind it runs…
jwbensley
  • 4,202
  • 11
  • 58
  • 90
7
votes
3 answers

How do you specify the key size of a Certificate Signing Request?

I'm trying to generate a CSR with godaddy. I used the following commands to create the certificate: openssl req -new -nodes -keyout server.key -out server.csr openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt But when I…
Kevin K
  • 183
  • 1
  • 1
  • 4
7
votes
1 answer

How to generate a key file out of a .cert?

I have received a p7b file from my co-worker and he asked me to install it on one of our servers. It looks like p7b is same as .cert file. I looked up google to find out how to install the file and it looks like I also need to have .key file. Is it…
Moon
  • 2,123
  • 4
  • 24
  • 23
7
votes
3 answers

802.1x automatically validate certificate in windows clients

We're deploying a wireless networking using Windows Server 2008 NAC as a RADIUS server. When Windows XP or 7 clients connect they initally fail to connect. In order to enable the client to connect we have to add the network manually and un-check the…
Jona
  • 746
  • 1
  • 9
  • 17
7
votes
4 answers

SSL Library Error: 218570875 error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long

I am trying to install SSL certificate from a certificate authority into my httpd server in CentOS 5.x. When I configure it and start the server I am getting the following errors, [error]Init: Unable to read server certificate from file…
Abhishek
  • 403
  • 2
  • 6
  • 8
7
votes
3 answers

Can I use the same SSL certificate for smtp, imap, pop3 and http?

So far I'm using self-signed certificates, but decided to at least consider getting the "real" one. So far I noticed that internal formats of the certificated are a bit different, that is: http (nginx) certificate has only CERTIFICATE part (with…
user13185
7
votes
6 answers

How to install a single SSL certificate for www and non-www

I have purchased an SSL certificate and I should be able to configure IIS 7 to use that certificate for both https://domainname and https://www.domainname I have looked online but didn't find a solution so far. Is this possible to do? According to…
vikp
  • 287
  • 2
  • 4
  • 8
7
votes
2 answers

Certificates in SQL Server 2008

I need to implement SSL for transmissions between my application and Sql Server 2008. I am using Windows 7, Sql Server 2008, Sql Server Management Studio, and my application is written in c#. I was trying to follow the MSDN page on creating…
Brandi
  • 177
  • 1
  • 6
7
votes
2 answers

Jetty - Virtualhosting - SSL Certificates

I want to have different SSL certificates for different domains that I am hosting in a single Jetty instance. I do not want to front my Jetty application server with Apache. I am running Jetty 6.1.22. So far, I have only seen configurations with a…
Walter White
1 2 3
99 100