Highest Voted 'tls' Questions - Server Fault Stack Exchange

7

votes

2 answers

Display a TLS icon for messages that are TLS secured (Outlook)

One of my colleagues at a large financial institution has customised Lotus Notes to show a TLS icon for messages that are TLS secured. I'm interested in imitating this feature in Outlook, and believe this requires VBScript, custom forms, and…

asked Nov 20 '13 at 15:54

makerofthings7

8,911
34
121
197

7

votes

4 answers

Disable SMTP AUTH on Port 25

Due to PCI-DSS, we are required to disable plaintext authentication. We've achieved this by encapsulating communications between our mail server and clients with TLS on port 465. The problem lies in that port 25 must remain open and unencrypted for…

smtp tls pci-dss

asked May 14 '12 at 22:06

mossymaker

103
1
2
6

7

votes

1 answer

Third Party Wildcard Certificates for use with Microsoft NPS / RADIUS / PEAP

I want to replace the SSL certificate that is used for PEAP on our NPS server that is doing RADIUS authentication for our Cisco WLCs. The current certificate is a SSL certificate that does Client Authentication and Server Authentication. We want to…

windows-server-2008-r2 tls radius nps peap

asked Oct 05 '11 at 20:15

MDMarra

100,734
32
197
329

7

votes

1 answer

Safest ciphers to use with the BEAST? (TLS 1.0 exploit) I've read that RC4 is immune

Now that the BEAST is public knowledge, TLS 1.0 is NOT safe to use (nor is SSL 3.0). I have seen reports that the RC4 cipher is unaffected (and is widely supported). Is that true? I know that TLS 1.1 is immune. But out of the 1,000,000 most popular…

ssl tls exploit security

asked Sep 24 '11 at 00:48

unixman83

1,932
8
25
33

7

votes

3 answers

What percentage of web users are running on browsers/OSes that support SNI?

Has anyone done any analysis (or know where I can find some!) on what proportion of internet users are using a browser/operating system combination that support SNI (Server Name Indication) SSL/TLS certificates? I know for example that IE on XP…

ssl https tls sni

asked May 17 '11 at 11:18

Paul Russell

257
1
3
7

7

votes

2 answers

Overhead of TLS/SSL on a TCP socket connection?

Is there any bandwidth overhead on using SSL on a TCP connection? I understand, of course, the processing/memory usage overhead in encrypting and decrypting packets, but as far as bandwidth is concerned, what is the difference, if any? For example,…

ssl tcp tls

asked Mar 18 '11 at 21:38

Naftuli Kay

1,708
6
24
44

7

votes

2 answers

lost connection after STARTTLS: Postfix

I've setup a Postfix + Courier server and have a Rails app configured with the SMTP server settings. Whenever the Rails app tries to send an email, this is what appears in the Postfix log (additional log verbosity set in master.cf) Feb 22 03:57:24…

ssl postfix ruby-on-rails tls starttls

asked Feb 22 '11 at 04:00

webo

183
1
1
5

6

votes

5 answers

Is the world ready for name based HTTPS vhost service?

Possible Duplicate: Multiple SSL domains on the same IP address and same port? I'm developing a web app that MUST MUST MUST use HTTPS. It's kinda developed on the cheap though, and I really don't need (or want to pay for) my own dedicated IP…

web-hosting tls virtualhost

asked Dec 19 '09 at 23:12

billpg

585
1
5
17

6

votes

3 answers

Require TLS on RDP for all connections

I have a 2008 DC and a 2008 AD CS server and a Windows 7 client. What I would like is to require the certificate to be used when RDPing to the server. The certificate is valid, and if I connect using the FQDN I am shown that i was authenticated by…

windows-server-2008 rdp tls

asked Nov 12 '09 at 04:26

MDMarra

100,734
32
197
329

6

votes

1 answer

WebDeploy 3.6 won't connect with TLS 1.0 disabled

Recently I had my servers audited for PCI compliance. As part of this I was picked up for not having TLS 1.0 disabled as…

tls iis-8.5

asked Feb 13 '16 at 23:23

Doug

283
2
10

6

votes

2 answers

How to fix the Logjam vulnerability in OpenVPN server config?

As of this writing (Day-2), there are quite few accurate guidelines as to how to mitigate Logjam for Apache and other web servers, such as this page: https://weakdh.org/sysadmin.html What are the similar instructions for OpenVPN servers? Is OpenVPN…

openvpn tls logjam

asked May 22 '15 at 07:34

Serge Wautier

419
1
5
16

6

votes

1 answer

Enable TLS 1.2 in Windows Server 2012 running Exchange 2013 via IIS 8.0

I got some issues getting the TLS 1.2 protocol running on one of our Windows Server 2012 machines. I checked this using ssllabs.com by Qualys and also tested with a powershell script and the linux tool "cipherscan". The server hosts one Exchange…

windows-server-2012 tls exchange-2013

asked Feb 16 '15 at 12:51

Kevin

441
2
6
10

6

votes

1 answer

Postfix SMTP client not verifying against system-wide CA certs with tls_append_default_CA

On my internet-facing Postfix SMTP server running Debian Wheezy, I'd like to set up a secure connection with some known servers. Some are my own, running my own PKI/CA, some are public SMTP servers like Google's Gmail servers. To check the…

postfix tls

asked Jan 18 '15 at 22:57

gertvdijk

3,504
4
30
46

6

votes

2 answers

Perfect Forward Secrecy (PFS) for mail servers

Perfect Forward Secrecy is an important enhancement to SSL/TLS communications, helping prevent captured SSL traffic from being decrypted even if the attacker has the private key. It's easy enough to support in web servers, but it's also applicable…

security email ssl email-server tls

asked Dec 19 '14 at 09:43

Synchro

3,148
6
27
38

6

votes

1 answer

Is it possible to configure IIS to redirect based on the SSL cipher suite used for the connection?

With the announcement of POODLE, I would like my servers to accept SSL3.0 connections but have them serve a page which indicates that the user should update to a newer browser with TLS support. It seems like this should be possible as IIS should…

ssl iis-7.5 tls

asked Oct 15 '14 at 18:19

AJ Henderson

369
3
15

Questions tagged [tls]