Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl]

SSL and its successor, TLS, are encryption and authentication protocols that encrypt the full contents of a TCP connection, as well as potentially verifying the identities of the devices making the connection.

SSL and its successor - TLS - is primarily used to encrypt the connection between two applications at the presentation layer. It is most often used to secure websites in the form of HTTPS protocol but can also be used for other protocols and applications.

7024 questions
9
votes
1 answer

Starfield Wildcard SSL Certificate Not Trusted in All Browsers

I am at a loss as to what else I might try in order to debug this issue with a Starfield Wildcard SSL Certificate. The problem is that in certain browsers (Safari or the most-updated chrome you can get for OS X 10.5.8 for example) the certificate…
Austen Cameron
  • 193
  • 1
  • 5
9
votes
1 answer

How do I transfer an SSL certificate from an Apache server to an NGINX server

How do I transfer an SSL certificate from an Apache server to an NGINX server? Any help is much appreciated.
Lucas Scholten
  • 203
  • 1
  • 2
  • 4
9
votes
2 answers

Is there a security reason not to use a wildcard cert other than manageability and exploitation if used on multiple servers?

I have a security advisor that is telling me that we can't use wildcard SSL certs for security reasons. To be clear I much prefer using single certs or multi-domain certs (SAN). However we have a need for the server (plesk) to server 100s of…
Gray Race
  • 853
  • 3
  • 11
  • 22
9
votes
2 answers

Https for embedded devices, local addresses

I am trying to add https to the embedded devices I am working on. These devices are generally assigned local ip addresses and so cannot get their own ssl certificates. So essentially my question is how does one get a certificate for a device without…
Shiftee
  • 193
  • 1
  • 5
9
votes
4 answers

HTTPS is over 50 times slower then HTTP

I have a website that uses https to transmit a javascript file to the client. The website is getsimpleapps.com. It turns out that this file is loading 52 times slower with https (20.08s - 29.08s) that with http (380ms). The homepage of the site…
ThomasReggi
  • 621
  • 2
  • 10
  • 25
9
votes
3 answers

Self generate SSL Certificate for IIS6?

Hi guys is it possible to create your own SSL cert for IIS 6? If so does anyone have a link to a good guide on the web? Thank! John
John
  • 343
  • 2
  • 6
  • 13
9
votes
3 answers

apache2 - SSLSessionCache running but not working

I run a debian squeeze standard Apache installation (2.2) and make use of SSLClientCertificates to authorize users. This works fine so far. But we noticed a slow down of some parallel requests and tried to check if my SSLSessionCache is working. So…
Janning
  • 1,421
  • 2
  • 21
  • 38
9
votes
3 answers

Do I have to have an ssl certificate for my mail server?

Question is really simple. If I want to setup a mail server, do i have to have it or is it just a security issue? What kind of problems can it cause?
previous_developer
  • 193
  • 1
  • 1
  • 4
9
votes
1 answer

How do I match a certificate file to a key file?

I have a SSL certificate that the former sysadmin was issued (crt file.) Searching the filesystem I found several .key files. How do I match the crt to the key file and confirm that they match? This is Ubuntu Server 11.10 with Apache2 modssl.
Malocchio
  • 101
  • 1
  • 5
9
votes
2 answers

How can I make apache request a client SSL certificate without needing to verify it against a known CA?

I'm using apache2 (2.2.3) to serve a site where I'd like to have clients authenticate with certificates. Since I only need to verify that a user presenting a particular certificate is the same user who has presented that certificate in the past,…
Isaac
  • 534
  • 2
  • 11
  • 24
9
votes
3 answers

Is there anywhere that I can get a valid , signed, SSL cert to the "localhost" domain for testing?

Is there anywhere that I can get a valid , signed, SSL cert to the "localhost" domain for testing? Does anyone anywhere offer a download of something like this that I can use in testing? I know how to use openssl to sign a key with a CA, but…
djangofan
  • 4,182
  • 10
  • 46
  • 59
9
votes
2 answers

Replace old SSL certificate in IIS6

I have to update my SSL certificate for IIS6 on Windows 2003 Server. The vendor (Thawte) tells me that my Certificate Signing Request is non-resignable, which I take to mean that I need to generate a request for a brand new certificate. In the IIS…
kcrumley
  • 249
  • 2
  • 5
  • 8
9
votes
4 answers

transparent SSL proxy myths and facts

I've been searching for many hours now about a way to setup a transparent proxy for SSL (not Squid). The general answer is that I can't, but I know there are some ways, though. My purpose is only the following: Blacklist/whitelist domain names (not…
admirabilis
  • 1,605
  • 3
  • 11
  • 10
9
votes
2 answers

mod_ssl SSLCACertificatePath Proper Usage or What is the Best way to Handle Multiple Acceptable Client Certificate CAs

I am attempting to use the mod_proxy SSLCACertificatePath directive, but I'm a tad bit confused on how to use it properly. Here are two links explaining the SSLCACertificatePath…
hooknc
  • 235
  • 2
  • 3
  • 7
9
votes
2 answers

Does an SSL certificate work on CNAME'd urls?

Suppose I create sub domain per user, something like mysite.test.com which is secured under a wildcard ssl certificate. If I allow users to have their own custom url via a CNAME would the new url still be covered under the certificate or would I…
whatWhat
  • 529
  • 2
  • 5
  • 9
1 2 3
99 100