Questions tagged [ssl]

SSL and its successor, TLS, are encryption and authentication protocols that encrypt the full contents of a TCP connection, as well as potentially verifying the identities of the devices making the connection.

SSL and its successor - TLS - is primarily used to encrypt the connection between two applications at the presentation layer. It is most often used to secure websites in the form of HTTPS protocol but can also be used for other protocols and applications.

7024 questions

votes

3 answers

How to fix 'logjam' vulnerability in Apache (httpd)

Recently, a new vulnerability in Diffie-Hellman, informally referred to as 'logjam' has been published, for which this page has been put together suggesting how to counter the vulnerability: We have three recommendations for correctly deploying…

asked May 20 '15 at 09:34

Christophe De Troyer

votes

3 answers

Configure Nginx as reverse proxy with upstream SSL

I try to configure an Nginx server as a reverse proxy so the https requests it receives from clients are forwarded to the upstream server via https as well. Here's the configuration that I use: http { # enable reverse proxy proxy_redirect …

nginx ssl reverse-proxy

asked Mar 20 '14 at 11:18

Alex Flo

1,761
3
18
23

votes

6 answers

Can an SSL certificate be on a single line in a file (no line breaks)?

SSL certificates by default have line breaks after 67 characters. I'm trying to create SSL certificate files using Chef. Essentially I want to create the entire certificate file from a string variable without any line breaks. I've tried this a few…

linux apache-2.2 ssl ssl-certificate mod-ssl

asked Jan 13 '13 at 20:26

wrangler

3,080
5
24
20

votes

9 answers

How do I disable TLS 1.0 without breaking RDP?

Our credit card processor recently notified us that as of June 30, 2016 we will need to disable TLS 1.0 to remain PCI compliant. I tried to be proactive by disabling TLS 1.0 on our Windows Server 2008 R2 machine, only to find that immediately after…

windows-server-2008-r2 ssl rdp tls pci-dss

asked May 11 '15 at 20:15

Mike

1,271
5
18
31

votes

8 answers

On IIS, how do I patch the SSL 3.0 POODLE vulnerability (CVE-2014-3566)?

How do I patch CVE-2014-3566 on a Windows Server 2012 system running IIS? Is there a patch in Windows Update, or do I have to do a registry change to disable SSL 3.0?

windows iis ssl

asked Oct 15 '14 at 15:08

Eric Lathrop

votes

4 answers

Difference between SSLCertificateFile and SSLCertificateChainFile?

Normally with a virtual host an ssl is setup with the following directives: Listen 443 SSLCertificateFile /home/web/certs/domain1.public.crt SSLCertificateKeyFile /home/web/certs/domain1.private.key SSLCertificateChainFile…

apache-2.2 ssl

asked Apr 24 '12 at 15:43

chrisjlee

1,005
2
13
21

votes

16 answers

SSL Error - unable to read server certificate from file

I've been setting up SSL for my domain today, and have struck another issue - I was hoping someone could shed some light on.. I keep receiving the following error messages: [error] Init: Unable to read server certificate from file…

ssl ssl-certificate

asked Sep 29 '11 at 16:56

williamsowen

1,167
3
16
25

votes

5 answers

Failed tls handshake. Does not contain any IP SANs

I'm trying to set up logstash forwarder, but I have issues with making a proper secure channel. Trying to configure this with two ubuntu (server 14.04) machines running in virtualbox. They are 100% clean (not touched hosts file or installed any…

ubuntu ssl ssl-certificate tls logstash

asked Jul 09 '14 at 04:23

connery

votes

3 answers

How can I detect if a server is using SNI for HTTPS?

I'm looking for a simple way to know if a server is using the Server Name Indication SSL extension for its HTTPS certificate on a website. A method that uses either a browser or Unix command line is fine. Thanks!

ssl https sni

asked May 08 '13 at 21:04

spookylukey

votes

3 answers

stop apache from asking for SSL password each restart

Using instructions from this site but varying them just a little i created a CA using -newca, i copied cacert.pem to my comp and imported as trusted issuer in IE. I then did -newreq and -sign (note: i do /full/path/CA.sh -cmd and not sh CA.sh -cmd)…

apache-2.2 ssl ssl-certificate openssl init.d

asked Jul 15 '10 at 15:09

user274

votes

6 answers

SSL for devices in local network

Initial question We make devices which run a webserver and the user can control some functionality of the device by browsing directly to the IP of the device. This can be a fixed IP when a direct WiFi or ethernet connection is used but in most cases…

security ssl web

asked Apr 13 '21 at 15:18

Daan Pape

votes

9 answers

Is there any reason not to enforce HTTPS on a website?

A website I frequent have finally decided to enable TLS to their servers, only not to mandate it as a lot of websites out there do. The maintainer claims that TLS must be optional. Why? On my own website I have long set up mandated TLS and HSTS with…

ssl hsts

asked Apr 01 '17 at 13:46

Maxthon Chan

votes

6 answers

Does HTTPS use TCP or UDP?

ssl https tcp udp tls

asked Jan 03 '10 at 08:36

Steven

votes

7 answers

How to update cURL CA bundle on RedHat?

I am running into issues where the CA bundle that has been bundled with my version of cURL is outdated. curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate…

ssl redhat curl certificate-authority

asked Jun 01 '12 at 17:45

Andrew

3,453
9
33
36

votes

2 answers

Serve http (port 80) and https (port 443) on same VirtualHost

I need to setup my VirtualHost on Apache to serve on both http and https (using standard ports) If I enable the SSL Engine (as per below) - I get an error when on port 80. The reason is, parts of the site need to be SSL but other parts don't. How…

apache-2.2 ssl http https virtualhost

asked Aug 22 '11 at 11:31

kron

Prev 1 2

…

99 100 Next