Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl-certificate]

SSL certificates are used to encrypt and authenticate connections to network servers, most popularly for web servers but also email, file transfers, and other network connections.

SSL (Secure Sockets Layer) is a protocol that is used to encrypt and authenticate connections between clients and servers. Certificates are configured on the server so that the client can verify that the connection has not been hijacked, as well as verify that the connection is secure from end to end.

3250 questions
1
vote
2 answers

Windows XP invalid certificate on Nginx

I migrated my SSL websites and certificates from Apache to Nginx and from that moment all Windows XP clients does not recognize the SSL certificate (it is a wildcard certificate issued by Trustico). The old configuration on previous Apache servers…
Mat
  • 1,873
  • 7
  • 25
  • 41
1
vote
1 answer

Configuring IIS ARR for backend client certificate authentication

I have an IIS server configured with ARR to reverse proxy requests to a backend server. The backend server requires client certificate authentication, however, it only needs to authenticate the reverse proxy (not the end user). The end user…
ric-salmon
  • 11
  • 1
  • 4
1
vote
1 answer

Easiest way to generate PFX certificate (Windows)

At the moment to generate PFX Certificate, I use openssl and: Generate a CSR with its private key Connect to my CA website (Microsoft CA), and submit CSR along with (san:dns=) additional attribute. From certificate authority I issue the pending…
Florian Bidabé
  • 334
  • 3
  • 10
1
vote
1 answer

Does my SSL cert have anything to do with or say about the symmetric session key?

The answer found on this server fault thread is my jumping off point for this general topic: https://serverfault.com/a/313558 ... and this question can be thought of as a follow-up to that answer. Does my SSL cert have anything to do with or say…
87535
  • 11
  • 1
1
vote
2 answers

NGNIX 1.6.2 on Debian8: Won't start after adding SSL

I can't figure out even the text of the error I get from starting it ● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled) Active: failed (Result: exit-code)…
JasonGenX
  • 522
  • 1
  • 5
  • 16
1
vote
2 answers

Strange SSL certificate and https website

Checking this https://racq.travelinsurancepartners.com.au/, you will find the browser is displaying things OK. However, browsing https://www.travelinsurancepartners.com.au/, you will see the browser reports the SSL certificate is for covermore.com,…
Andy H
  • 127
  • 6
1
vote
1 answer

SSL Configuration failed in Apache after moving keys/certs to another machine

I'm in the process of moving my website to another server, and after moving the SSL key and certs and recreating the same Apache config, I encounter the following in the error logs at the time of Apache servie restart (domain anonymized): [Sun May…
BrokenJazzyBrick
  • 31
  • 2
  • 4
1
vote
2 answers

Is it possible to get 'csr' info from SSL certificate in web browser?

When creating a csr you provide some information about Country,company, email, etc. Then when the certificate files are installed in i.e. apache , you browse to the url and see i.e. in chrome the green lock, you click it and see some registrant…
Kubber
  • 165
  • 1
  • 4
1
vote
1 answer

How to disable catch-all on a ssl virtual host

My virtual host looks like following: SSLEngine on SSLCertificateFile /etc/apache2/ssl-keys/example/example.crt SSLCertificateKeyFile /etc/apache2/ssl-keys/example/example.key SSLCACertificateFile…
Tomasz Ozga
  • 21
  • 5
1
vote
1 answer

The site is using outdated security settings that may prevent future versions of Chrome from being able to safely access it - even with SHA2

I get the above complaint from chrome. I've found The site is using outdated security settings that may prevent future versions of Chrome from being able to safely access it, but this is a non-issue for me, since the certificate is SHA2. What's the…
Robus
  • 141
  • 5
1
vote
0 answers

Linux / Nginx - Centralized SSL Certificate Hosting

I manage about 20 virtual machines all running different web applications. The domain names of these web apps are subdomains of the same domain. I have one wildcard SSL certificate which will work for all these web applications. Now, I can copy the…
Anjan
  • 307
  • 1
  • 2
  • 14
1
vote
2 answers

Do I need to include `.local` addresses when I renew a SSL certificate?

I am about to renew a SSL certificate to be used with Microsoft Exchange Server 2013. I am viewing the current SSL certificate that is about to expire to check what addresses are currently included on it so that I know what to specify in the new SSL…
Jack
  • 111
  • 1
1
vote
0 answers

Squid 3.5.4: ssl bump: error - Error negotiating SSL connection on FD 10: Success (0)

I am trying to install squid 3.5.4 (on docker, running debian 8) and run it in ssl-bump mode. Compilation: ./configure --prefix=/opt/squid --srcdir=. --disable-maintainer-mode \ --disable-dependency-tracking --disable-silent-rules…
ashish behl
  • 11
  • 3
1
vote
0 answers

Apache Signed certificate by know authority and client certificate self-signed

I've been investigating about this and it work with the apache SSL option SSLVerifyClient optional_no_ca I have the following virtualhost configuration. NameVirtualHost *:443 SSLEngine on SSLOptions +StdEnvVars …
Jos3k4
  • 129
  • 5
1
vote
1 answer

the same certificates are sold at different prices?

I've encountered so many times with this situation. For example everybody know if I buy a Positive SSL for a year from a reseller, its price is about $5.95 . If I buy the certificate from CA directly, its price is $49 for a year. I'm really…
efkan
  • 203
  • 3
  • 9
1 2 3
99 100