Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssl]

SSL and its successor, TLS, are encryption and authentication protocols that encrypt the full contents of a TCP connection, as well as potentially verifying the identities of the devices making the connection.

SSL and its successor - TLS - is primarily used to encrypt the connection between two applications at the presentation layer. It is most often used to secure websites in the form of HTTPS protocol but can also be used for other protocols and applications.

7024 questions
3
votes
1 answer

Clarification on certificate bundle vs certificate chain

I'm in need of a clarification about SSL certificates, I have the general picture, but I'm not quite sure about all the moving parts. The specific issue I'm dealing with is about an Active Directory server certificate and an appliance that needs to…
Daniel
  • 31
  • 1
  • 2
3
votes
2 answers

Unable to disable TLSv1.0 and TLSv1.1 on nginx

I was having a devil of a time disabling TLSv1 and TLSv1.1 on my nginx server despite following one of the many guides you'll find with a quick google search. Specifically, the recommendation was done by changing this line in your nginx…
darrin
  • 151
  • 4
3
votes
1 answer

In tomcat force http connection to https

I am trying to force a connection to http://localhost:8443 to https://localhost:8443. The site works correctly if they go to https://localhost:8443. In case the user forgets the s in https I would like tomcat to correct it for them. I only have…
Tao Zhyn
  • 187
  • 1
  • 7
3
votes
1 answer

Dovecot proxy with TLS client certificate authentication only fails with "no auth attempts"

Similar to my previous Q&A in which I successfully set up an authenticating Dovecot IMAP proxy with Kerberos/GSSAPI, I want to do the same with TLS client certificates; My upstream (backend) IMAP server allows to authenticate without a password…
gertvdijk
  • 3,504
  • 4
  • 30
  • 46
3
votes
2 answers

SSL Accelerator for SSH server

I understand that web sites which run https may use SSL Accelerator to speed up the expensive public/private key encryption/decryption computations. So if I have a server that needs to support a lot of SSH connections using public key…
escalon
3
votes
1 answer

Powershell self-signed certifcate private key not exportable

Using Powershell, I'm attempting to create a self-signed ssl certificate with a private key that can be exported. I've read and followed various tutorials, however the end result is always that no private is exported. I'm using Powershell because…
Ryan DiFrancesco
  • 35
  • 1
  • 4
3
votes
1 answer

Nginx and https - Specifying an ip address as a server_name gives the correct website but the wrong certificate

I want to run this url: https://192.168.1.254 and get a website with the correct content and certificate in the address bar. I am getting the website but I get an invalid certificate error in the address bar because the cert is taken from a…
FlexMcMurphy
  • 203
  • 2
  • 9
3
votes
1 answer

Primary domain SSL not working, but wildcard subdomains are working

I have a domain through AWS Route 53, the Primary domain was secured via letsencrypt methods, but were not working for any wildcard / subdomains... I tried to redo the cert with the *.example.com domain and the DNS TXT verification method in the…
mrSidX
  • 143
  • 1
  • 7
3
votes
1 answer

Configuring mailiers in Phabricator

After a clean installation using the bitnami image I followed the instructions to set up the mailers. It looks like this: [ { "key": "stmp-mailer", "type": "smtp", "options": { "host": "server", "user": "user" , …
danijepg
  • 81
  • 3
3
votes
1 answer

HAProxy backend server returns "SSL handshake error"

I know it's a frequently asked question which often means there's a problem with certificate validation. It doesn't seem to be the case, because I do not verify the certificate. This is how my server specification looked in the beginning: server…
minaev
  • 1,617
  • 1
  • 13
  • 13
3
votes
1 answer

Thunderbird won't connect to Dovecot server

Since yesterday my Thunderbird client can't connect to my mail server but two other clients I tried have no problem to retrieve email. In my mail log file I have these lines: Nov 26 13:24:46 LinuxWebServer dovecot: imap-login: Error: SSL: Stacked…
sevynos
  • 61
  • 1
  • 7
3
votes
1 answer

Is there a way to get pre-configured OpenVPN-AS connect client (server-locked profiles) work behind a reverse proxy?

The issue We host several services on 1 public IP: OpenVPN Access Server (vpn.ourdomain.com) OpenVPN community edition (old-vpn.ourdomain.com) Nginx web server(s) (subdomain.ourdomain.com) To make this all works with our 1 and only…
CodeNinja
  • 305
  • 1
  • 8
  • 18
3
votes
2 answers

Checking TLS 1.2 enabled or not on my Windows Server

I need to check if TLS 1.2 is enabled on my Windows Server 2019. In the registry the key TLS 1.2 is not present under Protocols But when I browse on a secure website (hosted on this server in IIS) from a client browser I can clearly see that TLS…
Bronzato
  • 155
  • 2
  • 4
  • 7
3
votes
3 answers

Turning an Apache http site into secure https site via Nginx reverse proxy

I have to support an old WordPress site running on Apache web server. To make things safer, this Apache server is in a Docker container, and it is accessible to the world via Nginx reverse proxy configuration. This site is currently served via http,…
Passiday
  • 155
  • 1
  • 6
3
votes
1 answer

Certificate imported into personal store not appearing in MMC -> Certificates

I have a self signed certificate that was generated on a Windows 10 machine using the Powershell command: New-SelfSignedCertificate -DnsName ServerNameHere -NotAfter (Get-Date).AddYears(20) -FriendlyName "Test API Cert" -CertStoreLocation…
CathalMF
  • 131
  • 1
  • 1
  • 4
1 2 3
99 100