Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl-certificate]

SSL certificates are used to encrypt and authenticate connections to network servers, most popularly for web servers but also email, file transfers, and other network connections.

SSL (Secure Sockets Layer) is a protocol that is used to encrypt and authenticate connections between clients and servers. Certificates are configured on the server so that the client can verify that the connection has not been hijacked, as well as verify that the connection is secure from end to end.

3250 questions
14
votes
1 answer

How to install multiple Intermediate CA Certificate files on Apache?

I just bought a SSL certificate, and here are all the certificate files i got: Root CA Certificate - xxCARoot.crt Intermediate CA Certificate - x1.crt Intermediate CA Certificate - x2.crt Intermediate CA Certificate - x3.crt Your EssentialSSL…
pdeva
  • 2,447
  • 5
  • 18
  • 15
14
votes
4 answers

OpenSSL: how to generate a CSR with interactively solicited Subject Alternative Names (SANs)?

I wish to configure OpenSSL such that when running openssl req -new to generate a new certificate signing request, I am prompted for any alternative subject names to include on the CSR. I have added this line to the [req_attributes] section of my…
Maxy-B
  • 243
  • 1
  • 2
  • 7
14
votes
4 answers

Example of live site with trusted, signed but revoked certificate?

I'm drawing up some documentation for users with the intent on educating them on certificate revocation. I would like to include screen shots of browsers to demonstrate the user experience when encountering a revoked cert. The revocation can occur…
flumignan
  • 357
  • 2
  • 9
14
votes
3 answers

Is SSL data still encrypted if there is a certificate error?

If there is a certificate error on a website (such as the domain not matching what is stated in the cert) and I continue to view the site anyway, is data over the HTTPS connection still encrypted? My understanding is that the SSL certificate simply…
silent__thought
  • 321
  • 1
  • 5
  • 12
14
votes
2 answers

How to setup SSL on Amazon EC2?

I have just hopped over to Amazon for serving my .net sites and one site requires SSL. I have an elastic IP pointing at my EC2 instance, and I have my site setup in IIS 7 all working fine. I also have an SSL cert from a vendor. I have installed the…
Anthony
14
votes
4 answers

Why does Window's SSL Cipher-Suite get restricted under certain SSL certificates?

Problem: Windows Server 2008 R2 will only support the following ssl cipher suites when using certain certificates on the server: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA This prevents XP clients from connecting to…
Gary
  • 301
  • 1
  • 2
  • 7
14
votes
4 answers

HTTPS not working; binding set, certificate installed

I've installed the certificate and set up the HTTPS bindings. However, when I load the site on HTTPS it does not load. I've looked at all the settings but everything seems correct. I've restarted the server numerous times. The certificate is stored…
rksprst
  • 445
  • 1
  • 6
  • 9
14
votes
7 answers

Free (or nearly free) Trusted SSL Certificate?

Is it possible to get a trusted signed ssl certificate for free? I could create a self signed one using iis7 for example but these normally require the user to accept them as compared to one from a trusted source. Therefore, is there a very…
asn187
  • 219
  • 1
  • 4
  • 10
13
votes
1 answer

Any drawbacks to AWS certificate manager wildcard certificates?

Let's say I'm using AWS Certificate Manager to get a certificate for example.com for use with AWS CloudFront. I can specify an alternate domain of www.example.com and point it to another CloudFront distribution in my DNS. But AWS Certificate Manager…
Garret Wilson
  • 174
  • 3
  • 15
13
votes
3 answers

curl fails to retrieve HTTPS content: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

I'm trying to access the website https://www.lawsociety.com.au with curl on Windows 10 and Ubuntu 16.04. It works on Ubuntu, but fails on Windows with the message error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure. I'm not…
Alex Blekhman
  • 233
  • 1
  • 2
  • 7
13
votes
2 answers

How to generate a Self Signed SSL Certificate bound to IP address?

I have my application hosted in the cloud and while demoing to prospective clients, I would like to make sure that my browser doesn't complain due to the lack of trust. So I want to generate a self signed certificate that is bound to a IP…
acthota
  • 281
  • 1
  • 2
  • 8
13
votes
2 answers

Multiple SSL certificates for a single domain on different servers

Our website is hosted by hosting company HA under domain D on a shared hosting plan. I would like to switch our hosting provider to company HB and I am willing to purchase a new SSL certificate for that purpose. I explicitly do not want to migrate…
Manu
  • 243
  • 1
  • 3
  • 7
13
votes
6 answers

Using a self-signed SSL cert for an HTTPS-based internal APT repository

I've set up a Debian repository (Ubuntu actually) for internal use with some private packages, and now want to make it available over the web to some specific servers. I would like apt-get / aptitude to connect to it using HTTPS, and because I don't…
shevron
  • 326
  • 2
  • 4
  • 10
13
votes
3 answers

How do I ensure that stunnel sends all intermediate CA certs?

A few computers, but not most, are rejecting the SSL certificate from my webserver. The problem seems to be that some computers are rejecting the CA certs. The problem seems to be manifesting on Mac OS X 10.6 when it is not fully updated. According…
Jack Stahl
  • 133
  • 1
  • 1
  • 5
13
votes
4 answers

What is TLS and how does it compare to SSL?

Is TLS the "new" version of SSL? What features does it add, or security issues does it address? Can anything that supports SSL support TLS? What would be involved in making the switch? Is the switch worth it? Why is it that emails are sent over…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1 2 3
99 100