Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl-certificate]

SSL certificates are used to encrypt and authenticate connections to network servers, most popularly for web servers but also email, file transfers, and other network connections.

SSL (Secure Sockets Layer) is a protocol that is used to encrypt and authenticate connections between clients and servers. Certificates are configured on the server so that the client can verify that the connection has not been hijacked, as well as verify that the connection is secure from end to end.

3250 questions
6
votes
3 answers

Extract key from JKS keystore to use with apache2 and tomcat

I have a keystore in JKS format and I want to use that with apache2. How can I export the key and the certificates (that i already chained) out the JKS in a easy way? I found many answers out there but seems that no one has my problem... (or the…
CappyT
  • 183
  • 2
  • 3
  • 12
6
votes
2 answers

Two domains, two SSL certificates, one IP

I'm trying to run two domains, one with a wildcard certificate and the other one with a regular certificate from one IP and one nginx. Setup: example1.com with wildcard certificate example2.com with regular certificate My current nginx config for my…
mediocre
  • 221
  • 1
  • 3
  • 7
6
votes
1 answer

Does Apache needs to know about intermediate certificates for client authentication?

I have a following hierarchy of certificates. And I need to do a client authentication on Apache. . └── root (CA) - self signed ├── intermediate 1 (CA) | ├── client1 | ├── client2 └── intermediate 2 (CA) ├── client3 …
Victor Ronin
  • 163
  • 1
  • 6
6
votes
1 answer

What does this intention with lots of numbers mean in a SSL certificate?

I was looking at this site, and out of interest, I was having a look at the certificate in Chrome 32, on Windows 8.1, and I had a look at the certificate. I saw this really strange intention, Apart from the usual: Ensures the identity of a remote…
George
  • 183
  • 1
  • 2
  • 9
6
votes
1 answer

Nginx "ssl_stapling" ignored, no OCSP responder URL in the certificate

I'm trying to setup OCSP stapling on Nginx because I ran a test and it suggested the idea and well, you know. https://sslcheck.globalsign.com/en_GB/sslcheck?host=aj2jewellers.co.uk#176.58.103.165 I'm getting the error: nginx: [warn] "ssl_stapling"…
Mark Robinson
  • 217
  • 2
  • 3
  • 10
6
votes
2 answers

What are the effects of having the TLS certificate and private key in same file?

I have noticed that a number of different web and mail server software allow or require you to provide the TLS certificate (including server certificate, CA intermediate certificate, and CA root certificate) and private key in a single .pem…
user981178
  • 445
  • 1
  • 3
  • 13
6
votes
1 answer

Restarting nginx keeps asking PEM pass phrase

I'm trying to reload nginx, I have a wildcard certificate for one domain which I got from namecheap, now I have moved it to my server, and assigned a nginx configuration rule with this: ssl_certificate …
MacMac
  • 2,061
  • 10
  • 31
  • 38
6
votes
2 answers

Should I delete the .pfx or .cer files after importing the SSL cert?

When provided, I have to import into IIS on Windows Server (2008 R2) using either a .pfx or .cer to get SSL certs ready for use. My question is, is should I delete these files after I have successfully imported the certificate into the certificate…
atconway
  • 162
  • 1
  • 9
6
votes
1 answer

Is it possible to allow only some client certificates in Apache to login?

In my virtual host I have something like that: SSLEngine on SSLCertificateKeyFile /etc/apache2/ssl/svn.XXXXX.me.key SSLCertificateFile /etc/apache2/ssl/svn.XXXXX.me.crt SSLProtocol all SSLCipherSuite HIGH:MEDIUM …
Ency
  • 1,231
  • 1
  • 19
  • 27
6
votes
1 answer

HTTPS and Certification for dummies

I had never used https on a site and now want to try it. I did some research, but not sure that I understood everything. Answers and corrections are greatly appreciated. Here we go: To use https I need to generate ‘private’ and ‘public’ keys for…
Vitaly Lebedev
  • 81
  • 5
6
votes
1 answer

OpenVPN failing on self-signed certificate over udp, works over tcp

I have the following server.conf: # OpenVPN 2.x config proto tcp port 1194 dev tun-vpn dev-type tun server 10.8.0.0 255.255.0.0 push "route 172.16.0.0 255.255.0.0" push "dhcp-option DOMAIN mydom.com" push "dhcp-option DNS 172.16.1.1" #…
mycroes
  • 226
  • 1
  • 2
  • 6
6
votes
2 answers

Do I need a dedicated IP address per sub domain for SSL?

I currently have a dedicated server with a domain name eg. domain.com which has its own dedicated IP address. I need to secure only one sub domain eg. secure.domain.com Does this subdomain need its own dedicated IP address to get an SSL…
John Wheal
  • 456
  • 5
  • 17
6
votes
1 answer

Safari users receive a prompt to select certificate when accessing my website

I have an ASP website on IIS6 that is equipped with a SSL certificate from godaddy. The website requires secure channel (SSL) and is set to IGNORE client certificates. In ran the SSL checker and the result looked fine. The issue that I have is…
Datapimp23
  • 191
  • 1
  • 3
  • 21
6
votes
2 answers

Opening certmgr.msc to display the Machine level certificates

I want to view the certificates installed at the machine level, if I open certmgr.msc. I am aware that we can open an mmc and app a snap in for certmgr. But I dont want to go that way. I am aware that we can use the certmgr.exe with the -s and -r…
gmaran23
  • 329
  • 2
  • 6
  • 13
6
votes
4 answers

sec_error_unknown_issuer but only with Firefox and IE6

I recently renewed the SSL certificate on my site and while initially it seemed that the certificated was installed correctly, I was shocked to discover hours ago that the HTTPS connection no longer authenticates correctly with certain browsers and…
scatmoi
  • 163
  • 1
  • 1
  • 5
1 2 3
99 100