Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl]

SSL and its successor, TLS, are encryption and authentication protocols that encrypt the full contents of a TCP connection, as well as potentially verifying the identities of the devices making the connection.

SSL and its successor - TLS - is primarily used to encrypt the connection between two applications at the presentation layer. It is most often used to secure websites in the form of HTTPS protocol but can also be used for other protocols and applications.

7024 questions
10
votes
2 answers

nginx fails to load a file - ssl certificate - even if its clearly there

I want to use ssl with nginx. I create the necessary certificates: [root@arch ssl]# pwd /etc/nginx/ssl [root@arch ssl]# ls -l total 12 -rwx------ 1 root root 1346 Aug 3 14:36 server.crt -rwx------ 1 root root 1115 Aug 3 14:36 server.csr -rwx------…
Jenia Ivanov
  • 203
  • 1
  • 3
  • 6
10
votes
1 answer

Internet Explorer cannot display page from apache with single SSL virtual host

I have a question that has come up somehow in different questions but I still can't find the solution, yet. My problem is that I'm hosting a site on apache 2.4 on debian with SSL and Internet Explorer 7 on windows xp shows Internet Explorer cannot…
pscheit
  • 101
  • 1
  • 6
10
votes
2 answers

using nginx with SNI

By now I've not used SNI with nginx yet. But as IP address pools are quite filled and commercial XP support is about to cease (finally) I'm thinking about converting a few sites to SNI. I'm aware of the general limitations and pitfalls that might…
justlovingIT
  • 475
  • 3
  • 11
10
votes
4 answers

curl succeeds on an https request, wget does not

When I run curl from the command line curl "https://example.com" It succeeds immediately, returning the result of the request. When I run the same wget command wget https://example.com It eventually times out with "Unable to establish SSL…
Resorath
  • 323
  • 1
  • 3
  • 13
10
votes
2 answers

Install a root certificate in CentOS 6

I know it has been already asked, but despite many hours of research I couldn't find a working solution. I am trying to install my root certificate in my server, so internal service can bind to each other using SSL. What should know about the new…
John White
  • 236
  • 1
  • 3
  • 10
10
votes
1 answer

Disable SSL / TLS compression in Apache 2.2.x

Is there a way to disable SSL/TLS Compression in Apache 2.2.x when using mod_ssl? If not, what are people doing to mitigate the effects of CRIME/BEAST in older browsers? Related Links:…
DevGav
  • 325
  • 2
  • 3
  • 8
10
votes
2 answers

Nginx ssl - SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line

I am trying to enable ssl on a server using a certificate from 123-reg but I keep getting this error: nginx: [emerg] SSL_CTX_use_certificate_chain_file("/opt/nginx/conf/cleantechlms.crt") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no…
Alex
  • 405
  • 1
  • 5
  • 14
10
votes
1 answer

SSL certificate: unable to get local issuer certificate

I'm running Debian (Lenny). When I run this: curl --ssl https://www.google.com I get this error: curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL…
celwell
  • 203
  • 1
  • 2
  • 6
10
votes
3 answers

Is it a good idea to use cacert SSL certificates instead of self signed one in production?

At work, I have a bunch of web interfaces that use plain http or self signed certificates (load balancer management interface, internal wiki, cacti, ...). None is reachable from outside specific vlans/networks. For home usage, I use cacert SSL…
user130370
10
votes
3 answers

Install SSL on Amazon Elastic Load Balancer with GoDaddy Wildcard Certificate

I'm a bit stuck installing an SSL Cert on an AWS Elastic Load Balancer. I have a wildcard certificate from GoDaddy and need to point it at the ELB. I have run the command (I ran it on one of the servers behind the load balancer): openssl req -new…
Peter
  • 250
  • 1
  • 4
  • 11
10
votes
5 answers

IIS gives wrong certificate for an HTTPS request

I am stuck in a situation which I cannot figure out. Here is my issue. I got an SSL certificate from a trusted authority and installed it in my server. Then, I configured my website to use that certificate in port 443 with an IP address which is…
tugberk
  • 937
  • 4
  • 13
  • 30
10
votes
2 answers

Redirecting SSL without raising an alert

A client has an SSL certificate only for the www.site.com version of the domain, not site.com. Redirecting for regular HTTP was not a problem via mod_rewrite. However, this method seemed to fail for us for HTTPS. We want to redirect https://site.com…
djdy
  • 583
  • 2
  • 4
  • 15
10
votes
3 answers

Stunnel won't work with SSLv3 from some hosts

WARNING: SSLv3 is obsolete. Consider disabling it altogether. I'm trying to set up Stunnel to server as SSL cache. Everything was smooth, and mostly it works as designed. Then I encountered errors in log files: SSL_accept: 1408F10B:…
Sergey
  • 948
  • 5
  • 10
  • 22
10
votes
4 answers

haproxy + stunnel + keep-alive?

I'd like to put stunnel in front of haproxy 1.4 to handle HTTPS traffic. I also need stunnel to add the X-Forwarded-For header. This can be achieved by the "stunnel-4.xx-xforwarded-for.diff" patches from the haproxy website. However, the…
Chris Lercher
  • 4,152
  • 9
  • 35
  • 41
10
votes
3 answers

error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure(35)

We have online shopping site. When I am going to checkout page i am getting a error like this "error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure(35)" From the apache error log i can see some attempts to connect to…
ArunS
  • 315
  • 1
  • 5
  • 16
1 2 3
99 100