Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl-certificate]

SSL certificates are used to encrypt and authenticate connections to network servers, most popularly for web servers but also email, file transfers, and other network connections.

SSL (Secure Sockets Layer) is a protocol that is used to encrypt and authenticate connections between clients and servers. Certificates are configured on the server so that the client can verify that the connection has not been hijacked, as well as verify that the connection is secure from end to end.

3250 questions
7
votes
1 answer

How to remove a root CA certificate?

I am trying to delete a root CA certificate, but the trust anchor --remove command specified in the official Red Hat 8 documentation gives out a read-only error. sudo trust anchor --remove --verbose…
shellwhale
  • 173
  • 1
  • 1
  • 6
7
votes
1 answer

Letsencrypt for all subdomains *.example.com

I'd like to obtain one certificate working for all my subdomains *.example.com. This works: certbot-auto certonly --webroot --webroot-path /home/www/example/ --domain example.com --domain www.example.com --email…
Basj
  • 709
  • 3
  • 11
  • 29
6
votes
3 answers

What problems arise when we use a self-signed certificate for the SMTP protocol?

What problems arise when we use a self-signed certificate for the SMTP protocol, that is, when a SMTP server uses a self-signed certificate? As long as the user accepts the exception warning due to self-signed certificate (which can be the case in…
user9414424
  • 171
  • 1
  • 4
6
votes
0 answers

Remotely Monitoring RDP Certificate

We use OpenSSL on a CentOS 6 server to monitor the certificate on servers for RDP. To do this we use: openssl s_client -connect SERVER01:3389 -prexit This has worked flawlessly until 4 days ago, when it suddenly stops showing that a cert is used and…
neildeadman
  • 684
  • 4
  • 20
  • 34
6
votes
1 answer

OpenSSL keeps telling me 'unable to get local issuer certificate'

I'm using CentOS, which has OpenSSL 1.0.2k-fips installed, and I've built and installed version 1.1.0g alongside it as part of a HTTP2 install outlined here: https://www.tunetheweb.com/performance/http2/ I've been using the 1.1.0g fine, but lately I…
kasimir
  • 203
  • 1
  • 3
  • 11
6
votes
5 answers

Can I buy just one SSL cert for a subdomain?

I bought a plain ole SSL cert for mydomain.com. I also want to secure www.mydomain.com and mail.mydomain.com, which both map to the same server. Is this possible? I'm trying to avoid having to buy a wildcard SSL as it costs $200 when all I really…
Matias Nino
  • 1,392
  • 7
  • 25
  • 40
6
votes
2 answers

Is it possible to generate openssl configuration file from an existing x509 certificate?

I am looking for a way to restore openssl configuration from an X509 certificate (or a csr). I know it's possible to look at the certificate and manually reconstruct the config file but it's unreliable and requires too much labor :P. Any…
cyc115
  • 163
  • 6
6
votes
1 answer

Set Nginx https (on port 443) without the certificate?

I tried to follow up this thread as much as possible but I am always getting this message: This site can’t be reached example.com unexpectedly closed the connection. Try: Checking the connection Checking the proxy and the…
prosti
  • 348
  • 1
  • 6
  • 18
6
votes
2 answers

SSL_ERROR_NO_CYPHER_OVERLAP error with signed certifcate

My company has supplied a Tomcat/MySQL based application to a customer that by default uses http. At the request of the customer I enabled this to use https by creating a self-signed certificate. This worked subject to the expected browser error…
Darren
  • 331
  • 3
  • 4
  • 13
6
votes
1 answer

Is there a way to have certificates installed on individual EC2 instances?

I'm trying to see if I can install certificates on individual instances in AWS. I currently use a certificate on the loadbalancer, but does that mean that the certificate is installed on all the instances that use that loadbalancer ? this page :…
Varda Elentári
  • 223
  • 4
  • 11
6
votes
2 answers

IIS 8.5 change bindings on bulk (due to SSL certificate renewal)

I just renewed a Comodo Wildcard SSL certificate and I created the PFX in order to install it on my Windows Server 2012 R2 which is a VM on Microsoft Azure. I use IIS 8.5 for all my websites which includes about 300 subdomains of the main domain…
John Enxada
  • 71
  • 1
  • 4
6
votes
3 answers

ldap_result: Can't contact LDAP server (-1)

G'day, I configured openldap-server machine which is running on port 636. I can also telnet to this port from another openldap-client machine. To secure the connection, I created a self-signed certificate on the server using this link enter link…
user388145
  • 61
  • 1
  • 1
  • 2
6
votes
2 answers

Wildcard *.localhost SSL with Nginx and Chrome

I've attempted to set up a wildcard *.localhost for HTTP and HTTPS with Nginx proxying requests to localhost:3000. DNSmasq is used for resolving *.localhost to 127.0.0.1. Everything works fine for HTTP, but HTTPS connections receive the following…
thomasfedb
  • 455
  • 5
  • 14
6
votes
2 answers

Use Letsencrypt certificates for Postgresql

I have successfully configured Letsencrypt for my NGINX webserver on Debian 8 Jessie. Now I have installed Postgresql 9.4 and want to use the LE certificates (in /etc/letsencrypt/live/mydomain/com/...) for its SSL connection. I've set the paths to…
algielen
  • 63
  • 1
  • 3
6
votes
3 answers

Centos7 don't trust certificate issued by lets encrypt

I have apache nginx server running with https:// correctly configured with letsencrypt certificate. I can connect with firefox, chrome, ie. All of them reports connection as secure. However centos7 and ubuntu 14.04 reports certificate error: wget…
Pavel Niedoba
  • 233
  • 1
  • 3
  • 10
1 2 3
99 100