Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl]

SSL and its successor, TLS, are encryption and authentication protocols that encrypt the full contents of a TCP connection, as well as potentially verifying the identities of the devices making the connection.

SSL and its successor - TLS - is primarily used to encrypt the connection between two applications at the presentation layer. It is most often used to secure websites in the form of HTTPS protocol but can also be used for other protocols and applications.

7024 questions
42
votes
1 answer

Can not get rid of `net::ERR_CERT_COMMON_NAME_INVALID` error in chrome with self-signed certificates

There are numerous question on the web where people are having difficulty setting up self signed certificates for use on internal network. Just to link a few: Getting Chrome to accept self-signed localhost certificate Chrome accept self-signed…
Ashesh
  • 525
  • 1
  • 4
  • 7
42
votes
6 answers

View the SSL certificate of a page that immediately redirects to another

So I've googled quite a bit for this but it appears that my google-fu fails me - apologies if this is a trivial and already answered question, I could not find anything about this I'm trying to diagnose an SSL certificate hostname mismatch. When I…
Robert Petz
  • 545
  • 1
  • 5
  • 9
41
votes
3 answers

Setting ssl_prefer_server_ciphers directive in nginx config

This question is about setting the correct value of ssl_prefer_server_ciphers while configuring nginx. According to a fairly typical config suggested by Mozilla, the value should be off (source:…
Hassan Baig
  • 2,325
  • 12
  • 29
  • 48
41
votes
2 answers

Error code: ssl_error_rx_record_too_long

I have nginx with the following setup: server { listen 80; server_name site.com www.site.com; root /home/site/public_html; listen 443; #server_name site.com www.site.com; #root…
Tiffany Walker
  • 6,681
  • 14
  • 56
  • 82
41
votes
3 answers

nginx as reverse proxy with upstream SSL

I'm building a proxy for an internal API to allow clients to connect without having to have the self-signed certificates installed. Clients (built, owned and used only internally) will connect over SSL to the nginx box, where I'm using XSendfile to…
simonmaddox
  • 560
  • 1
  • 4
  • 7
41
votes
4 answers

How to use Jenkins with SSL / https

I have a Fedora server running Jenkins which I install via yum. Everything is okay, I can access it with http://ci.mydomain.com. But now, I want to access it with https://ci.mydomain.com so the login with username and password is encrypted. How can…
Tim
  • 600
  • 2
  • 8
  • 15
40
votes
5 answers

SSL & Ngnix: no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking

I have managed to create my certificates with LE with not errors, I have also managed to redirect my traffic from port 80 to port 443. But when i reload my nginx server I am unable to access my website. The Ngnix error logs show this line: 4 no…
0xtuytuy
  • 523
  • 1
  • 4
  • 6
40
votes
5 answers

What are the exact protocol level differences between SSL and TLS?

This is a technical deep dive after this overview question was asked. What are the protocol differences between SSL and TLS? Is there really enough of a difference to warrant a name change? (versus calling it "SSLv4" or SSLv5 for the newer versions…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
39
votes
7 answers

Poodle: Is disabling SSL V3 on server really a solution?

I've been reading all day about the Poodle vulnerability and it I am bit confused now vs Security and Revenue. If I disable SSL V3 on Server (SSL V2 and V3 both will be disabled for Apache) clients (browsers) who don't support any protocol but SSL…
sandeep.s85
  • 2,119
  • 1
  • 18
  • 27
38
votes
2 answers

nginx permission denied to certificate files for ssl configuration

I'm installing an nginx ssl proxy on my Fedora server. I've created a cert and key pair under /etc/nginx. They look like this: ls -l /etc/nginx/ total 84 ... -rw-r--r--. 1 root root 1346 Sep 20 12:11 demo.crt -rw-r--r--. 1 root root 1679 Sep 20…
numb3rs1x
  • 513
  • 1
  • 4
  • 6
38
votes
3 answers

Setting up default SSL site on IIS8

I have setup few websites on IIS8 all using the same wildcard SSL certificate. Some of the sites need to be accessible to older browsers and operating systems, therefore I cannot use the "Require Server Name Indication" option. Since SNI is not…
Emil
  • 481
  • 1
  • 4
  • 6
37
votes
14 answers

ssl certificates disappear IIS

I'm trying to import a certificate to IIS. Everything is ok on the MMC (Windows Console). I finished the wizards and seems that is all right. But, when I refresh the certificate list or move to other screen of IIS, the certificate disappear from the…
user22258
37
votes
7 answers

IIS 7 Still Serving old SSL Certificate

I installed a new SSL certificate into IIS7, removed the old certificate and setup the bindings for the new certificate - so https is now bound to the new certificate only. I restarted IIS7 (and the Windows 2008 Server itself) and checked the…
joechip
  • 401
  • 1
  • 4
  • 5
36
votes
3 answers

SSL routines:SSL23_WRITE:ssl handshake failure

I'm trying to use OpenSSL to connect to an SSL server. When I run: openssl s_client -connect myhost.com:443 The following SSL client configurations work just fine: Windows (OpenSSL 0.9.83e 23 Feb 2007) Linux (OpenSSL 0.9.8o 01 Jun 2010) Linux…
Jaakko
  • 427
  • 2
  • 5
  • 14
35
votes
2 answers

SSL password on apache2 restart

I setup wildcard SSL certificate from Godaddy on Apache2. Whenever the server restarts it asks for the passphrase for the SSL certificate's private key. What's the best way to remove this obstacle to restarts, because when logfile rotation restart…
ryw
  • 461
  • 1
  • 4
  • 6
1 2 3
99 100