Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl]

SSL and its successor, TLS, are encryption and authentication protocols that encrypt the full contents of a TCP connection, as well as potentially verifying the identities of the devices making the connection.

SSL and its successor - TLS - is primarily used to encrypt the connection between two applications at the presentation layer. It is most often used to secure websites in the form of HTTPS protocol but can also be used for other protocols and applications.

7024 questions
9
votes
2 answers

How do you configure Apache/Tomcat to trust internal Certificate Authorities for server-to-server https requests

I need to perform web service calls from within my own web server running on Apache/Tomcat. Apache/Tomcat running on Linux needs to make calls out to a Microsoft server running IIS over HTTPS that uses an internal Certificate Authority (CA) for…
Kirk Liemohn
  • 593
  • 3
  • 8
  • 18
9
votes
5 answers

cURL or SSL problems, how to solve?

I keep getting this error: No cURL data returned for https://XXX.XXXX.XXX:XXXX [0] SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed I am not sure, or…
deadman
9
votes
2 answers

Two SSL certificates with same key

If I generate two SSL certificates using the same key, am I diluting the strength of the certificates? (does it open the door for cryptanalysis or a possibility of compromising data across that channel)? Thanks
Wadih M.
  • 1,032
  • 1
  • 10
  • 18
8
votes
2 answers

Which ssl certificates go where on an reverse proxy? - nginx

Need clarification for upstream SSL on an nginx reverse proxy server I've been reading the nginx docs regarding reverse proxy and securing ssl connections to upstream servers but I'm still confused about which ssl certificates go where. Many of the…
Altimus Prime
  • 364
  • 2
  • 7
  • 22
8
votes
1 answer

SNI for a SMTP server

Let's say I have a dedicated server with some IP (IP1). I'm redirecting multiple domains (say example.com, example.net) to that IP via DNS. I've a single nginx server running here, and I've set up SNI correctly here and it works for HTTPS. I've also…
xryl669
  • 238
  • 1
  • 8
8
votes
3 answers

MariaDB MySQL shows have_ssl disabled when certs are installled

Trying to enabled SSL on my mariadb-server. I have followed the official mariadb docs to generate a ca-key ca-cert server-key server-cert. My machine is a debian 9 kvm vps with mariadb 10.1.37 When I run SHOW VARIABLES LIKE '%ssl'; as root I get…
Reece
  • 211
  • 1
  • 2
  • 5
8
votes
2 answers

SSL certificate and Azure classic load balancer

I have 2 VMs behind a load balancer on Azure. I created a new SSL certificate via Let's Encrypt on one of the VMs using the domain that is assigned to the load balancer. When I connect to that VM directly via IP I see the certificate loaded, but I'm…
Vedran
  • 183
  • 1
  • 1
  • 5
8
votes
3 answers

How to correctly configure MongoDB to use Letsencrypt SSL on Ubuntu

How do I correctly configure MongoDB to use Letsencrypt SSL on Ubuntu? I have created an SSL certificate using Letsencrypt and combined it via: cat /etc/letsencrypt/live/example.com/fullchain.pem /etc/letsencrypt/live/example.com/privkey.pem >…
Petah
  • 650
  • 2
  • 13
  • 24
8
votes
1 answer

Utilizing SSL on Multi-domain, Autoscaling Elastic Beanstalk Setup

We are creating a Content Management System for our company. It is important that this CMS support dynamic domain names on a dynamic number of servers. After many hours of research we felt that Amazon's Elastic Beanstalk was the way to go. One thing…
Patrick Stephan
  • 211
  • 2
  • 8
8
votes
2 answers

Nginx one ip and multiple ssl certificates

Example case. I have a web-server with one IPV4 address. I am hosting ~50 web sites and just two of them have ssl certificates. I have configured vhosts for 2 ssl websites and everything is OK, except one big problem - if i visit other 48 sites…
Alexander Kim
  • 597
  • 3
  • 8
  • 21
8
votes
4 answers

Lets Encrypt OpenVPN AS

I've got an OpenVPN AS running and I am trying to setup SSL certs (running ubuntu) from letsencrypt. I've managed to get my certificates from letsencrypt (using letsencrypt standalone) and I was hoping to make a symlink to the certificates in the…
Ben Flowers
  • 301
  • 1
  • 2
  • 9
8
votes
5 answers

NGINX Reverse proxy not loading resources

I'm trying to put a reverse proxy in front of a few internal web services. Nginx is setup and working properly to serve request. If I only serve one location / in my conf file, it loads that proxy_pass target successfully ie: location / { …
PenguinCoder
  • 529
  • 2
  • 6
  • 17
8
votes
3 answers

How to run Gunicorn upstream with an Nginx SSL configuration?

I have an nginx server with an SSL certificate installed. I want to pass any requests upstream to my Gunicorn server running at 0.0.0.0:8000. However, whenever I run the Gunicorn server, it gives me an error saying that there's too many redirect…
Dorian Dore
  • 211
  • 1
  • 2
  • 7
8
votes
2 answers

Is there an equivalent to SSLLabs' SSL test for SSL/TLS that is not HTTPS?

I've used SSL Labs' SSL Server Test for testing SSL setup for HTTP servers, but it doesn't support other situations in which SSL is used, such as IMAP. Is there an equivalent detailed test for non-HTTP servers using SSL? I've used SSL Shopper's SSL…
Mark Raymond
  • 199
  • 1
  • 2
  • 8
8
votes
3 answers

CA Certificate not trusted by Firefox

My domain bytecode77.com (analytics) is using a RapidSSL certificate. Firefox doesn't trust that one, so I installed a CA certificate. I used the one below. I placed it in /usr/local/share/ca-certificates/ca.crt and I ran update-ca-certificates.…
bytecode77
  • 253
  • 4
  • 11
1 2 3
99 100