Questions tagged [ssl]

SSL and its successor, TLS, are encryption and authentication protocols that encrypt the full contents of a TCP connection, as well as potentially verifying the identities of the devices making the connection.

SSL and its successor - TLS - is primarily used to encrypt the connection between two applications at the presentation layer. It is most often used to secure websites in the form of HTTPS protocol but can also be used for other protocols and applications.

7024 questions

votes

1 answer

How to generate a pem certificate? in an easy way, for testing

A third-party app I have requires a *.pem certificate to be able to open a wss connection. How can I generate a *.pem file, keeping in mind that I need that only for testing, therefore I want an easy, not necessarily a really secure way to do…

ssl ssl-certificate certificate

asked Dec 25 '17 at 15:27

Raj

votes

2 answers

How do I setup multiple subdomains with their own certificate using nginx?

Unless every answer that I've read was plain wrong, SNI should make it possible to do what I want, yet every guide tells me to do exactly what I'm doing. And yet nginx is serving the wrong certificate so I'm clearly doing something wrong. ❯ sudo…

nginx ssl sni

asked Oct 11 '17 at 21:30

Wayne Werner

votes

1 answer

Trying to get 100% in ssllabs.com key exchange

I wanted to know what steps are needed to get 100% on every category in ssllabs.com. I am aware that this could lead to problems in older systems, but I dont care. My letsencrypt.org certificate uses 4096 bits. This is the best score I could get…

ssl https apache2 lets-encrypt

asked Oct 10 '17 at 12:26

feedc0de

votes

1 answer

nginx redirect based on domain name

I have a django web app which run on server with IP address xx.xxx.105.49 and domain as www.example1.com Below is my nginx configuration server { listen 80; server_name example1.com www.example1.com ; location / { return 301 …

nginx ssl domain

asked Feb 14 '17 at 10:38

Shiva Krishna Bavandla

votes

1 answer

Do Postfix and Dovecot support OCSP stapling?

Since I would like to set the "must staple" attribute in my SSL certificates, I was doing some research to find out if all of my services support OCSP stapling. So far I found out, that Apache does which I was able to confirm using SSLLabs.com. But…

ssl postfix dovecot ocsp

asked Feb 03 '17 at 14:50

comfreak

1,501
1
21
33

votes

2 answers

Can the same wildcard SSL certificate be used on different IP addresses and/or boxes?

Example: Wildcard SSL certificate for *.example.com installed on two different boxes. hostEU.example.com A 60.70.80.90 hostUS.example.com A 200.210.220.240 I assume this is a perfectly valid scenario, where the actual hostnames do not reside on…

ssl ip ssl-certificate hostname wildcard

asked Nov 03 '09 at 17:54

mr-euro

votes

2 answers

Do web Servers send the certificate chain to the Web Client?

If my web server (latest Apache) has a valid (not expired or revoked) Verisign certificate chain (root -> intermediate -> leaf/my server), then does the server send the entire(?) chain to the client? Does the web client (e.g., latest Chrome) need to…

ssl apache-2.4 ssl-certificate certificate-authority pki

asked May 02 '16 at 02:57

mellow-yellow

votes

1 answer

Generate subdomain certificate from valid wildcard certificate

Giving the nature of SSL certificates and keys which can be chained, can I (myself) generate a certificate for a subdomain based on the main domain certificate and key which are issued for wildcard subdomains? The practice here is that I have to…

ssl ssl-certificate openssl

asked Jan 17 '16 at 14:27

Tala

votes

4 answers

Webserver randomly serves different vhosts

We've got nginx running on Ubuntu Trusty. It serves several websites over https, running on one ip address. Randomly, although it seems slightly related to work load, sometimes single requests turn up on the wrong vhost. This leads to requests on…

nginx ssl virtualhost php-fpm tls

asked Nov 18 '15 at 19:31

Thom Wiggers

votes

5 answers

Apache SSL error: Private key not found

I'm running apache on Ubuntu 14.04 and trying to implement SSL. Any help would be greatly appreciated. default-ssl.conf has: SSLCertificateFile /etc/apache2/ssl/domain.crt SSLCertificateKeyFile /etc/apache2/ssl/domain.csr When I restart…

apache-2.2 ubuntu ssl

asked Feb 02 '15 at 00:52

mikesynan

votes

2 answers

HAProxy with SNI and different SSL Settings

I have HAProxy for my two sites, one of them public and one private. www.mysite.com private.mysite.com Atm, I'm using haproxy like this: frontend mysite_https bind *.443 ssl crt /etc/mycert.pem ca-file /etc/myca.pem verify optional no-sslv3 mode…

ssl haproxy sni

asked Jan 27 '15 at 11:51

mohrphium

votes

4 answers

Getting SSL certificate chain from jabber server

trying to connect my jabber client (pidgin) to a jabber server with self signed certificate, I am getting an "unable to validate certificate" error. As it is not possible to tell the client not to validate the chain, I would like to get the…

ssl xmpp

asked Jan 14 '15 at 14:08

ProfHase85

votes

4 answers

What's the best way to check if an SMTP server is SSL-enabled or not?

What's the best way to check if an SMTP server is SSL-enabled or not? Follow-up question: How do I make it SSL-enabled if it's not yet SSL-enabled. The OS is CentOS.

ssl smtp

asked Sep 11 '09 at 08:08

Randell

1,173
8
18
26

votes

4 answers

openssl s_client shows alert certificate unknown but all server certificates appear to be verified

I am troubleshooting errors establishing a secure connection to an EPP server. I issue the command below and see that all of the server certificates are verified, but still I get an error (highlighted in bold). Is there still a problem validating…

ssl openssl

asked Oct 27 '14 at 01:26

shampoopy

votes

2 answers

Cipher String Syntax in nginx

In an nginx configuration file, you might configure a list of SSL ciphers like this ssl_ciphers HIGH:!aNULL:!eNULL:!LOW:!ADH:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS; What's the syntax of this cipher string? That is, I know (or think I…

nginx ssl

asked Oct 10 '14 at 21:47

Alana Storm

Prev 1 2 3

…

99 100 Next