Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl-certificate]

SSL certificates are used to encrypt and authenticate connections to network servers, most popularly for web servers but also email, file transfers, and other network connections.

SSL (Secure Sockets Layer) is a protocol that is used to encrypt and authenticate connections between clients and servers. Certificates are configured on the server so that the client can verify that the connection has not been hijacked, as well as verify that the connection is secure from end to end.

3250 questions
69
votes
2 answers

How to combine various certificates into single .pem

I've just finished reading over this great thread explaining the different SSL formats. Now I'm essentially looking for the opposite of How to split a PEM file There's 4 files I want to consolidate, originally created for Apache, I'm looking at…
quickshiftin
  • 2,125
  • 5
  • 27
  • 41
65
votes
4 answers

How to decide where to purchase a wildcard SSL certificate?

Recently I needed to purchase a wildcard SSL certificate (because I need to secure a number of subdomains), and when I first searched for where to buy one I was overwhelmed with the number of choices, marketing claims, and price range. I created a…
user664833
  • 1,277
  • 1
  • 11
  • 13
60
votes
11 answers

Why do I need to purchase an SSL certificate when I can generate one locally?

I am having trouble understanding why we need to purchase SSL certificates when we can generate them locally using openSSL. What is the difference between the certificate I purchase and a test certificate I generate locally? Is it just a big scam?
S-K'
  • 1,301
  • 3
  • 11
  • 15
59
votes
4 answers

Download SSL certificate from aws certificate manager

I am using aws certificate manager for managing SSL. Recently I purchased a wildcard ssl *.example-private.com Now I need that SSL certificate to deploy on enterprise git instance on aws. How can i download ssl from aws?
Shailesh Sutar
  • 1,517
  • 5
  • 23
  • 41
58
votes
8 answers

Apache: SSLCertificateKeyFile: file does not exist or is empty

I am configuring SSL for Apache 2. My system is Ubuntu Server 10.04 LTS. I have the following settings related to SSL in my vhost configuration: SSLEngine On SSLCertificateKeyFile /etc/ssl/private/server.insecure.key SSLCertificateFile …
blueFast
  • 4,200
  • 13
  • 37
  • 54
55
votes
8 answers

How to remove Private Key Password from pkcs12 container?

I extracted certificate using Chrome's SSL/export command. Then provided it as input to openvpn - in the config for openvpn: pkcs12 "path/to/pkcs12_container" When calling openvpn ~/openvp_config it asks for a password for private key (wich I…
Ayrat
  • 653
  • 1
  • 5
  • 6
54
votes
11 answers

IIS7: can't set host name on site with SSL cert and port 443

Consider a Win 2008 SP2 machine with IIS7. The task is to apply a certificate and host name to the one and only Site on this machine. The site's host headers need to be abc.123.example.com The first step was installing the .pfx to the Personal…
p.campbell
  • 4,407
  • 6
  • 41
  • 51
54
votes
6 answers

Can an SSL certificate be on a single line in a file (no line breaks)?

SSL certificates by default have line breaks after 67 characters. I'm trying to create SSL certificate files using Chef. Essentially I want to create the entire certificate file from a string variable without any line breaks. I've tried this a few…
wrangler
  • 3,080
  • 5
  • 24
  • 20
52
votes
16 answers

SSL Error - unable to read server certificate from file

I've been setting up SSL for my domain today, and have struck another issue - I was hoping someone could shed some light on.. I keep receiving the following error messages: [error] Init: Unable to read server certificate from file…
williamsowen
  • 1,167
  • 3
  • 16
  • 25
51
votes
5 answers

Failed tls handshake. Does not contain any IP SANs

I'm trying to set up logstash forwarder, but I have issues with making a proper secure channel. Trying to configure this with two ubuntu (server 14.04) machines running in virtualbox. They are 100% clean (not touched hosts file or installed any…
connery
  • 545
  • 1
  • 4
  • 8
50
votes
3 answers

stop apache from asking for SSL password each restart

Using instructions from this site but varying them just a little i created a CA using -newca, i copied cacert.pem to my comp and imported as trusted issuer in IE. I then did -newreq and -sign (note: i do /full/path/CA.sh -cmd and not sh CA.sh -cmd)…
user274
49
votes
7 answers

Default CA Cert Bundle Location

I need to add a .pem cert file to my default CA cert bundle but I don't know where the default CA Cert bundle is kept. I need to append my new .pem file to this default bundle. I'd rather do that than specify my own location using --capath cURL…
Slinky
  • 1,027
  • 3
  • 15
  • 26
42
votes
1 answer

Can not get rid of `net::ERR_CERT_COMMON_NAME_INVALID` error in chrome with self-signed certificates

There are numerous question on the web where people are having difficulty setting up self signed certificates for use on internal network. Just to link a few: Getting Chrome to accept self-signed localhost certificate Chrome accept self-signed…
Ashesh
  • 525
  • 1
  • 4
  • 7
42
votes
6 answers

View the SSL certificate of a page that immediately redirects to another

So I've googled quite a bit for this but it appears that my google-fu fails me - apologies if this is a trivial and already answered question, I could not find anything about this I'm trying to diagnose an SSL certificate hostname mismatch. When I…
Robert Petz
  • 545
  • 1
  • 5
  • 9
41
votes
2 answers

Error code: ssl_error_rx_record_too_long

I have nginx with the following setup: server { listen 80; server_name site.com www.site.com; root /home/site/public_html; listen 443; #server_name site.com www.site.com; #root…
Tiffany Walker
  • 6,681
  • 14
  • 56
  • 82
1
2
3
99 100