Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl-certificate]

SSL certificates are used to encrypt and authenticate connections to network servers, most popularly for web servers but also email, file transfers, and other network connections.

SSL (Secure Sockets Layer) is a protocol that is used to encrypt and authenticate connections between clients and servers. Certificates are configured on the server so that the client can verify that the connection has not been hijacked, as well as verify that the connection is secure from end to end.

3250 questions
29
votes
3 answers

Do I need a separate SSL certificate for a DNS redirect?

I am implementing a multi-tenant application where my application hosts and serves technical documentation for a tenant's product. Now, the approach that I was considering was - I host the documentation at docs..mycompany.com and ask my…
codematix
  • 401
  • 1
  • 5
  • 6
29
votes
5 answers

Is a Self Signed SSL Certificate a False Sense of Security?

Is a Self Signed SSL certificate a false sense of security? If you are being eavesdropped, the user will simply accept the certificate like he/she always does.
Andre
  • 1,341
  • 4
  • 19
  • 34
28
votes
2 answers

Curl: unable to get local issuer certificate. How to debug?

I’ve got an odd problem. Updated my LAMP dev machine (Debian) to PHP 7. Afterwards I cannot connect to a specific TLS encrypted API via Curl anymore. The SSL cert in question is signed by thawte. curl https://example.com gives me curl: (60) SSL…
Rob
  • 383
  • 1
  • 3
  • 6
28
votes
2 answers

Can't upload certificate to AWS

I'm doing: aws iam upload-server-certificate --server-certificate-name MysiteCertificate --certificate-body Downloads/mysite/mysite.crt --private-key mysite.pem --certificate-chain Downloads/mysite/COMODOSSLCA.crt I'm getting an error though: A…
Shamoon
  • 911
  • 4
  • 14
  • 22
28
votes
2 answers

How does one install a custom CA certificate on CentOS?

I'm trying to install a certificate for my internal certificate server on a series of CentOS systems, and I'm finding the documentation on this to be almost non existent. My end goal is to be able to use git, curl, and others against internal secure…
Mikey T.K.
  • 1,417
  • 2
  • 16
  • 29
27
votes
5 answers

Where do companies typically store SSL certificates for future use?

We recently bought a wildcard SSL cert for our domain. We converted all of the certs to a Java keystore, but now we are asking ourselves where we should store these for later use. Do people use source control like BitBucket for these types of files…
AmericanKryptonite
  • 281
  • 1
  • 3
  • 6
27
votes
4 answers

Nginx proxy to back-end with SSL client certificate authentication

I have two servers, both have nginx. Server A is listening to 443 and is configured to authenticate with a Client SSL certificate. Server B has an internal process that needs to communicate to Server A through nginx. I'd like to configure Nginx on…
Bastien974
  • 1,896
  • 12
  • 44
  • 62
27
votes
3 answers

Can I purchase a certificate for my domain that can sign other certificates for subdomains?

I have written a small program to run on a Windows computer that serves SSL/TLS web pages through port 443 to visiting web browsers. I want it to be easy for non-technical people to install and run this program. I have made it easy for them to…
fawltyserver
  • 281
  • 1
  • 3
  • 6
27
votes
1 answer

Import .pem into IIS 7

I was given two .pem files to import. I did not generate these files. Can I import them into IIS 7 or do they have to be converted into another format? I know that IIS likes .pfx - can .pem's be converted if necessary? Any help is greatly…
divided
  • 367
  • 1
  • 4
  • 11
26
votes
2 answers

Can a server certificate expire after its issuer?

Most if not all server certificates that I work with expire before its issuer, but is it possible for a server certificate to expire after its issuer and does this apply to an intermediate certificate as well (expire after the root certificate)? If…
Tumelo Galenos
  • 381
  • 4
  • 8
26
votes
4 answers

Certbot letsencrypt on different port than 443

I want to set up certbot for a webserver on a different port than 443. I got the following error when running certbot --apache -d .. Failed authorization procedure. sub.domain.ext (tls-sni-01): urn:acme:error:connection :: The…
CaptainJack
  • 363
  • 1
  • 3
  • 5
25
votes
2 answers

Multiple ssl certificates with one ip and same port but different host headers (IIS 8)

I have an IIS 8 (win 2012 r2) server and i want to bind the same web site to 2 different domain and to 2 different certificates. I can't use wildcard since the domains are different FQDNs. If i add 2 bindings for https and port 443 i can't select 2…
Omri
  • 371
  • 1
  • 3
  • 6
25
votes
1 answer

Why does my wildcard SSL certificate cause a domain mismatch error on a second level subdomain?

I have a server https://www.groups.example.com - in FireFox I get the "This Connection is Untrusted" message and the "technical details" say www.groups.example.com uses an invalid security certificate. The certificate is only valid for the…
pee2pee
  • 369
  • 1
  • 5
  • 12
24
votes
2 answers

Using CA certificate for Remote Desktop Connection

I’m connecting over the web to a remote Windows Server 2012 R2 via Remote Desktop Connection for administration needs. It is a single web and database server without an AD etc. I’m not talking about Remote Desktop Services / Terminal Server, just…
marce
  • 343
  • 1
  • 2
  • 8
23
votes
7 answers

"Update Your Amazon RDS SSL/TLS Certificates by October 31, 2019"

I, like a lot of people, received an email saying to update my RDS instance to use the new rds-ca-2019 certificate for SSL connections (previous being rds-ca-2015 which expires March 5, 2020). Their documentation about the process is a little…
Tim Tisdall
  • 633
  • 1
  • 5
  • 17
1 2 3
99 100