Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl]

SSL and its successor, TLS, are encryption and authentication protocols that encrypt the full contents of a TCP connection, as well as potentially verifying the identities of the devices making the connection.

SSL and its successor - TLS - is primarily used to encrypt the connection between two applications at the presentation layer. It is most often used to secure websites in the form of HTTPS protocol but can also be used for other protocols and applications.

7024 questions
14
votes
1 answer

Passing SSL protocol info to backend via HTTP header

After Poodle vulnerability was revealed recently, our team decided to move on from SSLv3. But before complete removal, they want to warn the daily users that their browser use deprecated SSLv3. So, we came up the idea to Detect the protocol…
tpml7
  • 479
  • 1
  • 5
  • 21
14
votes
2 answers

Outlook security alert - The name on the security certificate is invalid or does not match the name of the site

SBS 2008 running Exchange 2007 and IIS6.0 CompanyA has two other companies that operate under the same roof. To accommodate email, we have 3 Exchange accounts per user to manage this. All users use their CompanyA account to log into the…
Mike66350216
  • 277
  • 1
  • 5
  • 12
14
votes
1 answer

Unable to generate certificate with Subject Alternate Name using Java 1.7 keytool utility

I'm having an issue generating a keypair with subject alternate name using the Java keytool utility from Java 1.7. I'm attempting to follow the instructions found here. An example of the command I'm using follows (this example has been…
Deacon
  • 243
  • 1
  • 3
  • 9
14
votes
1 answer

How to install multiple Intermediate CA Certificate files on Apache?

I just bought a SSL certificate, and here are all the certificate files i got: Root CA Certificate - xxCARoot.crt Intermediate CA Certificate - x1.crt Intermediate CA Certificate - x2.crt Intermediate CA Certificate - x3.crt Your EssentialSSL…
pdeva
  • 2,447
  • 5
  • 18
  • 15
14
votes
1 answer

Apache AB (ApacheBench) : -no-check-certificate option available?

It seems there is no option to avoid this error : "Verify return code: 20 (unable to get local issuer certificate)". Is there a way to avoid issuer ssl check with AB (like wget's -no-check-certificate option) Thanks in advance
hotips
  • 533
  • 4
  • 8
  • 19
14
votes
3 answers

How to manually create Puppet CA and certificates?

I am wondering how to manually (using openssl instead of puppet ca command) create CA that would be usable by Puppet? The goal would be to script creation of such CA's to deploy them on multiple puppetmasters, instead of certificates being created…
SpankMe
  • 251
  • 1
  • 2
  • 4
14
votes
4 answers

OpenSSL: how to generate a CSR with interactively solicited Subject Alternative Names (SANs)?

I wish to configure OpenSSL such that when running openssl req -new to generate a new certificate signing request, I am prompted for any alternative subject names to include on the CSR. I have added this line to the [req_attributes] section of my…
Maxy-B
  • 243
  • 1
  • 2
  • 7
14
votes
4 answers

Can I define HTTP and HTTPS in the same VirtualHost in Apache conf?

I've got quite a big VirtualHost definition which I don't want to duplicate just so the site will also run over HTTPS. Here's what I want to do: ServerName example.com SSLEngine on …
Jake
  • 619
  • 4
  • 7
  • 18
14
votes
3 answers

Is SSL data still encrypted if there is a certificate error?

If there is a certificate error on a website (such as the domain not matching what is stated in the cert) and I continue to view the site anyway, is data over the HTTPS connection still encrypted? My understanding is that the SSL certificate simply…
silent__thought
  • 321
  • 1
  • 5
  • 12
14
votes
2 answers

How to setup SSL on Amazon EC2?

I have just hopped over to Amazon for serving my .net sites and one site requires SSL. I have an elastic IP pointing at my EC2 instance, and I have my site setup in IIS 7 all working fine. I also have an SSL cert from a vendor. I have installed the…
Anthony
14
votes
4 answers

Why does Window's SSL Cipher-Suite get restricted under certain SSL certificates?

Problem: Windows Server 2008 R2 will only support the following ssl cipher suites when using certain certificates on the server: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA This prevents XP clients from connecting to…
Gary
  • 301
  • 1
  • 2
  • 7
14
votes
4 answers

HTTPS not working; binding set, certificate installed

I've installed the certificate and set up the HTTPS bindings. However, when I load the site on HTTPS it does not load. I've looked at all the settings but everything seems correct. I've restarted the server numerous times. The certificate is stored…
rksprst
  • 445
  • 1
  • 6
  • 9
14
votes
3 answers

How can I use the same key for SSH and SSL (https)

I'm trying to install the development tools for a small team, and I can't get the authentication right. Since we are a distributed team, the server is on the internet. And I'd like to have SSO+zero client configuration. So basically git over…
nraynaud
13
votes
3 answers

curl fails to retrieve HTTPS content: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

I'm trying to access the website https://www.lawsociety.com.au with curl on Windows 10 and Ubuntu 16.04. It works on Ubuntu, but fails on Windows with the message error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure. I'm not…
Alex Blekhman
  • 233
  • 1
  • 2
  • 7
13
votes
5 answers

convert .p7b key to a .pfx

I have an SSL certificate in .p7b format that I need to convert to .pfx. If I try this through the windows certificate managment the option to expert as a .pfx is disabled. Trying with openssl I have found the following two commands to do the…
DrStalker
  • 6,946
  • 24
  • 79
  • 107
1 2 3
99 100