Search Results

Search found 3673 results on 147 pages for 'pop3 ssl'.

Page 13/147 | < Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >

• HAProxy not passing SSL traffic in TCP mode (unknown protocol)

  - by David

  Hi, I've got a HAProxy LB solution setup and working correctly. All HTTP traffic on port 80 is being passed through succesfully. I'm now trying to get SSL traffic to work (in TCP mode and on just one server for now) however I keep getting the following error when testing via openssl: 26396:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:588: However, when I try the same test (openssl s_client -connect) on the web servers IP address and hostname, everything seems to look OK. I can setup a hosts record locally and confirm that the browsers are picking up the SSL certificate succesfully for the domain. I guess this has led me to the conclusion that there is a problem at the HAProxy setup I have, so would really appreciate some advice here. frontend https-c-in bind 178.79.xxx.xxx:443 mode tcp default_backend c-https backend c-https balance source option ssl-hello-chk option httpclose server c-web-01 192.168.xxx.xxx:443 check inter 2000 rise 2 fall 5

  Read the article

• SSL, Nginx, X509_check_private_key:key values mismatch error

  - by Dmitry T

  I have nginx server with the SSL. I'm trying to submit ssl sertificate. After I restart nginx I'm getting error: SSL_CTX_use_PrivateKey_file(".../example.com.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch) I found some solution here: http://nginx.org/en/docs/http/configuring_https_servers.html#chains but i'm not using of any bundles, Any ideas on what is the issue ? Thank you in advance, Dmitry

  Read the article

• Debian Apache2 and SSL

  - by Topher Fangio

  Hello all, I recently took over a server that is using Apache2 with SSL. I have setup a new server to which I am migrating all of the old websites so that we can more easily scale (it's a cloud server) and so that I can set everything up correctly (or at least with some sort of convention). I have read quite a few articles on setting up Apache2 and SSL with virtual hosts, but I'm a bit confused because all of the examples show three files and I only seem to have two. To compound the problem, they are all named differently (do the file extensions actually make a difference?). The examples show something to this effect: <VirtualHost X.X.X.X:443> ServerAlias something.mydomain.com ServerAdmin [email protected] DocumentRoot /var/www/project/client/site SSLEngine on SSLCertificateFile /etc/ssl/certs/mydomain-cert.pem SSLCertificateKeyFile /etc/ssl/private/mydomain-key.pem SSLCertificateChainFile /etc/ssl/certs/mydomain-ca.crt </VirtualHost> However, the files I have are: _.mydomain.com.crt gd_bundle.crt It is a wildcard certificate that we purchased through GoDaddy I believe. I believe that the first file is the actual certificate file and the gd_bundle.crt is the chain file, but that leaves me without a key file. There is also a random mydomain.csr file lying around on the old server, but it wasn't one of the files bundled with the download from GoDaddy, so I'm not really sure as to what it is. Any help in figuring out what I need to do would be greatly appreciated. I am software developer, so I know my way around computers, but I have only dabbled in server setup/maintenance. Much Thanks!

  Read the article

• Jetty - Virtualhosting - SSL Certificates

  - by Walter White

  Hi all, I want to have different SSL certificates for different domains that I am hosting in a single Jetty instance. I do not want to front my Jetty application server with Apache. I am running Jetty 6.1.22. So far, I have only seen configurations with a single SSL certificate, and the configuration for SSL happens within server which leads me to believe that Jetty was designed to support a single SSL certificate. Please let me know if I can use Jetty with more than 1 certificate. I am considering migrating to JBoss Application Server 6.0 since it is closer to a real application server. Is this something that can be done there, and is it a supported feature? Walter

  Read the article

• Last (I think and hope) problems configuring SSL certificate with Apache and VirtualHosts

  - by user65567

  Finally I set apache2 to get a single certificate for all subdomains. [...] # Go ahead and accept connections for these vhosts # from non-SNI clients SSLStrictSNIVHostCheck off # Apache setup which will listen for and accept SSL connections on port 443. Listen 443 # Listen for virtual host requests on all IP addresses NameVirtualHost *:443 # Because this virtual host is defined first, it will # be used as the default if the hostname is not received # in the SSL handshake, e.g. if the browser doesn't support # SNI. <VirtualHost *:443> ServerName domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/domain/public" <Directory "/Users/<my_user_name>/Sites/domain/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> <VirtualHost *:443> ServerName subdomain1.domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/subdomain1/public" <Directory "/Users/<my_user_name>/Sites/subdomain1/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> <VirtualHost *:443> ServerName subdomain2.domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/subdomain2/public" <Directory "/Users/<my_user_name>/Sites/subdomain2/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> So, for example, I can correctly access https://subdomain1.domain.localhost https://subdomain2.domain.localhost ... Now, anyway, I have problems on accessing http://subdomain1.domain.localhost http://subdomain2.domain.localhost ... Since I use a Mac Os, on accessing the "http: version", I get a default page "Your website." (instead of a error). Why does it happen?

  Read the article

• How to configure apache and mod_proxy_ajp in order to forward ssl client certificate

  - by giovanni.cuccu

  I've developed a java application that need a ssl client certificate and in the staging environment with apache 2.2 and mod_jk it is working fine. In production the configuration is not using mod_jk but mod_proxy_ajp. I'm looking for an apache configuration example that configure ssl and mod_proxy_ajp for sending the ssl client certificate to the java application server (which listens with the ajp protocol). Thanks a lot

  Read the article

• Can IIS (Ideally Azure) do SSL Proxying?

  - by Acoustic

  My team has been asked to add a new feature to a project we're working on, and none of can find authoritative details on whether it's possible with Windows/IIS. The short of it is that we're hoping to have customers update their DNS with a CNAME record to point their website to our server instead of theirs (they why's are trivial - it's what the app does on behalf of your site). We're using a reverse proxy with several custom modules to serve particular content from the original servers. So far everything works perfectly until we encounter SSL. Is there a way to have IIS serve up an SSL certificate from another server? In other words, is there a way to be a trusted man in the middle? I'm hoping that's possible so that we don't have to require all our clients to re-issue their SSL certs. Frankly, we don't want to have to manage hundreds of certs. I'd also like to avoid a UCC situation if there's a way to because it seems to require re-creating the cert each time a client is added. So, any pointers on proxying/hosting SSL (or even dynamic SSL hosting like http://www.globalsign.com/cloud/) would be appreciated.

  Read the article

• Need help trouble shooting Https webserver error - SSL Handshake failed

  - by DerNalia

  I followed this guide: http://hints.macworld.com/article.php?story=20041129143420344 Here is my virtual host definition <VirtualHost *:443> SSLEngine on SSLProxyEngine On RequestHeader set Front-End-Https "On" CacheDisable * SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL DocumentRoot "/Users/me/projects/myproject/public" ServerName ssl.mydomain.com ServerAlias *.ssl.mydomain.com SSLCertificateKeyFile "/private/etc/apache2/certs/webserver.nopass.key" SSLCertificateFile "/private/etc/apache2/certs/newcert.pem" SSLCACertificateFile "/private/etc/apache2/certs/demoCA/cacert.pem" SSLCARevocationPath "/private/etc/apache2/certs/demoCA/crl" ErrorLog "/Users/me/Desktop/ssl.log" ProxyPass / https://localhost:3002/ ProxyPassReverse / https://localhost:3002 ProxyPreserveHost on </VirtualHost> And when I try connecting to the sevre viov the web browser, I get this error: [Thu Feb 02 16:50:40 2012] [error] (502)Unknown error: 502: proxy: pass request body failed to 127.0.0.1:3002 (localhost) [Thu Feb 02 16:50:40 2012] [error] [client 96.11.81.39] proxy: Error during SSL Handshake with remote server returned by /session/new [Thu Feb 02 16:50:40 2012] [error] proxy: pass request body failed to 127.0.0.1:3002 (localhost) from 96.11.81.39 () how do I debug / fix this?

  Read the article

• Migrating to CF9: trouble getting JRun working with SSL

  - by DaveBurns

  I have a client on MX7 who wants to migrate to CF9. I have a dev environment for them on my WinXP machine where I've configured MX7 to run with JRun's built-in web server. I've had that working for a long time with both regular and SSL connections. I installed CF9 yesterday side-by-side with the existing MX7 install to start testing. The install was smooth and detected MX7, adjusted CF9's port numbers for no conflict, etc. Testing started well: MX7 over regular and SSL still worked and CF9 worked over regular HTTP. But I can't get CF9 to work with SSL. I installed a new certificate with keytool, FireFox (v3.6) complained about it being unsigned, I added it to the exception list, and now I get this: Secure Connection Failed An error occurred during a connection to localhost:9101. Peer reports it experienced an internal error. (Error code: ssl_error_internal_error_alert) I've been Googling that in all variations but can't find much help to get past this. I don't see any info in any log files either. FWIW, here's my SSL config from SERVER-INF/jrun.xml: <service class="jrun.servlet.http.SSLService" name="SSLService"> <attribute name="enabled">true</attribute>` <attribute name="interface">*</attribute> <attribute name="port">9101</attribute> <attribute name="keyStore">{jrun.rootdir}/lib/mykey</attribute> <attribute name="keyStorePassword">*deleted*</attribute> <attribute name="trustStore">{jrun.rootdir}/lib/trustStore</attribute> <attribute name="socketFactoryName">jrun.servlet.http.JRunSSLServerSocketFactory</attribute> <attribute name="deactivated">false</attribute> <attribute name="bindAddress">*</attribute> <attribute name="clientAuth">false</attribute> </service> Anyone here know of any issues re setting up SSL and CF9? Anyone had success with it? Dave

  Read the article

• Setting up SSL for phpMyAdmin

  - by Ubuntu User

  I would like to run phpmyadmin using my SSL certificate. I read that if I placed the following within the file: /etc/phpmyadmin/config.inc.php, it would force it to use SSL. And now it does... $cfg['ForceSSL'] =true; However, my issue is when I did this, now I get an error stating "cannot connect to server." I do a port scan and my port 443 is closed for one, but I am connecting via https:// for my secure web based email admin panel. This tells me this may not be the issue. Second, is that I have a SSL certificate I purchased but I am not sure how to apply this cert. mydomain.com.crt is sitting on my desktop, how should I be utilizing this? I remember creating a self signed cert for my web-email access. Do I have to do this for phpmyadmin as well? At least this way, since I am the only one who will ever access the DB, it will never expire. Also the phpmyadmin used to come up as: http://mydomain/phpmyadmin/ of course I am now trying to get to https://mydomain.com/phpmyadmin/ however, I do not have any pages on my website that requires https:// currently. In the future I may add this. But for now, I only want to access phpmyadmin via ssl. I can use my own -- but if this causes problems with future ecommerce apps under mydomain.com I would rather use the SSL cert I already purchased. Thank you!

  Read the article

• How to configure apache and mod_proxy_ajp in order to forward ssl client certificate

  - by giovanni.cuccu

  Hi, I've developed a java application that need a ssl client certificate and in the staging environment with apache 2.2 and mod_jk it is working fine. In production the configuration is not using mod_jk but mod_proxy_ajp. I'm looking for an apache configuration example that configure ssl and mod_proxy_ajp for sending the ssl client certificate to the java application server (which listens with the ajp protocol). Thanks a lot

  Read the article

• Hostname and SSL (apache) issue on Debian

  - by user105566

  I have been trying to setup SSL virtual host ServerAdmin [email protected] ServerName moclm.tap.pt DocumentRoot /var/www/tapme/ <Directory /> Options FollowSymLinks AllowOverride All Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> <Directory /var/www/tapme/> Options -Indexes FollowSymLinks MultiViews AllowOverride All #Order allow,deny #allow from all </Directory> SSLEngine on SSLCertificateFile /etc/ssl/moclm.cer SSLCertificateKeyFile /etc/ssl/moclm.pem </VirtualHost> For some reason, the server automatically redirect to SSL (http:// to https://). The apache is not configured to redirect and application was working fine on port 80 only. I have no knowledge how the internal network works as i am working remotely. The SSL error logs show: [Tue Oct 02 22:40:32 2012] [error] Hostname linemnt01.tap.pt provided via SNI and hostname moclm.tap.pt provided via HTTP are different I thought may be the hostname has some issue and have changed the hostname of the server from "linemnt01.tap.pt" to "moclm.tap.pt" but the issue is still there. I am getting the following error on browser: Bad Request Your browser sent a request that this server could not understand. i have /etc/hosts: 127.0.0.1 localhost.localdomain localhost moclm.tap.pt moclm and openssl returns: openssl verify -CAfile cert-CA.cer moclm.cer moclm.tap.pt.cer: OK I have been trying to troubleshoot the issue but no luck. Need help Thanks

  Read the article

• AWS SSL Load Balancer

  - by Jay Francis

  OK, I am looking for some pointers. Basically I have a white-label app/site that will allow users to setup their own domain to use for their customer front-end. We have 2 dedicated servers and a load balancer. The problem is SSL, we were thinking about using AWS ELB to handle the SSL loadbalancing, but cant seem to figure out if it will properly handle it, it seems to be setup to work with EC2 instances, but we are using externally hosted servers via a loadbalancer. A blog post by AWS looks similar to what we need but it only seems to work with EC2 instances. http://aws.typepad.com/aws/2011/08/elastic-load-balancer-ssl-support-options.html Anyone had experience setting ELS SSL load balancers up to work with external servers?

  Read the article

• Migrating to CF9: trouble getting JRun working with SSL

  - by DaveBurns

  I have a client on MX7 who wants to migrate to CF9. I have a dev environment for them on my WinXP machine where I've configured MX7 to run with JRun's built-in web server. I've had that working for a long time with both regular and SSL connections. I installed CF9 yesterday side-by-side with the existing MX7 install to start testing. The install was smooth and detected MX7, adjusted CF9's port numbers for no conflict, etc. Testing started well: MX7 over regular and SSL still worked and CF9 worked over regular HTTP. But I can't get CF9 to work with SSL. I installed a new certificate with keytool, FireFox (v3.6) complained about it being unsigned, I added it to the exception list, and now I get this: Secure Connection Failed An error occurred during a connection to localhost:9101. Peer reports it experienced an internal error. (Error code: ssl_error_internal_error_alert) I've been Googling that in all variations but can't find much help to get past this. I don't see any info in any log files either. FWIW, here's my SSL config from SERVER-INF/jrun.xml: <service class="jrun.servlet.http.SSLService" name="SSLService"> <attribute name="enabled">true</attribute>` <attribute name="interface">*</attribute> <attribute name="port">9101</attribute> <attribute name="keyStore">{jrun.rootdir}/lib/mykey</attribute> <attribute name="keyStorePassword">*deleted*</attribute> <attribute name="trustStore">{jrun.rootdir}/lib/trustStore</attribute> <attribute name="socketFactoryName">jrun.servlet.http.JRunSSLServerSocketFactory</attribute> <attribute name="deactivated">false</attribute> <attribute name="bindAddress">*</attribute> <attribute name="clientAuth">false</attribute> </service> Anyone here know of any issues re setting up SSL and CF9? Anyone had success with it? Dave

  Read the article

• SSL certificates that works with nginx

  - by jpartogi

  All, After thinking about it, we are planning to buy an SSL certificate. Because an SSL certificate is quite costly, would you be able to share an SSL certificate that works with nginx? I am planning to run Ruby on Rails application. Apache2 will be my last resort. Thank you for sharing. Really appreciate it.

  Read the article

• Compiling PHP with cURL and SSL support on Redhat EC5

  - by Kevin Sedgley

  I don't even know where to begin to be honest. Trying to use an external API that requires SSL connections, I discover that SSL in needed on cURL, but this (apparently) requires PHP to be reinstalled and compiled with cURL / SSL support. Not really experienced with compiling PHP, and I'm not sure if our server even has make or build, the only luck I've had is with rpm's before. This really isn't in my job description. Any help most most welcome!

  Read the article

• ssl port didnt work on nginx

  - by Jin Lin

  I set up the unicorn and nginx on one of my ec2 machine. and my request are loading ok with nginx listen to port 80. but when I enable it to ssl, which listen to port 443. It doesn't work. and it can still work with port 80, https. server { listen 443 ssl; # replace with your domain name server_name domain.com; # replace this with your static Sinatra app files, root + public root /home/ubuntu/domain/public; ssl on; ssl_certificate /etc/ssl/domain.crt; ssl_certificate_key /etc/ssl/domain.key; # maximum accepted body size of client request client_max_body_size 4G; # the server will close connections after this time keepalive_timeout 5; location ~ ^/assets/ { add_header ETag ""; gzip_static on; expires max; add_header Cache-Control public; } location / { proxy_set_header X-Forwarded-Proto https; try_files $uri @app; } location @app { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; # pass to the upstream unicorn server mentioned above proxy_pass http://unicorn_server; } }

  Read the article

• SSL issue with emails

  - by JackWillDavis

  OK, so I have somebody hosting a site on my CentOS 5.8 Plesk 11 control panel. He has a EV SSL which is validating the site fine however he has failed the PCI check because it is saying his email servers (SMTP, IPAM, POP) have the wrong name on the servers. This is because his SSL certificate is not a wildcard certificate and the email servers are flagging the default Plesk SSL certificate. Is there a way to stop Plesk automatically connecting emails via the default SSL? I'm fairly new to things like this so I hope I've written everything I need, let me know if any more details are needed. Jack

  Read the article

• Windows Server 2012 - SSL Cypher Suite Order Not Long Enough

  - by Sam

  I want to re-order the cypher suites on our new Windows Server 2012 box to help mitigate the BEAST vulnerability for our clients. I went to Local Group Policy => Computer Configuration => Administrative Templates => Network => SSL Configuration Settings, opened SSL Cypher Suite Order, enabled it, and copied the values from the SSL Cypher Suites textbox. I pasted them into notepad, re-ordered them, then copied+pasted them back into the SSL Cypher Suites textbox. However, the box isn't long enough to hold them all, despite the fact that the length didn't change. I would have to drop the last 3 cyphers (SSL_CK_DES_192_EDE3_CBC_WITH_MD5,TLS_RSA_WITH_NULL_SHA256,TLS_RSA_WITH_NULL_SHA) in order for it to fit. Should I just drop them? Other ideas?

  Read the article

• How to install SSL on current site?

  - by vpoola88

  So I've looked at a ton of guides, but non of them seem to get our site to work. This is what I was probably following the closest:https://www.digitalocean.com/community/articles/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-12-04 I also wanted to know why there is a default-ssl in apache2/sites-available ? Is this where I would have to put my configuration? This is my first exposure to SSL and site deployment in general. Thanks guys.

  Read the article

• Recommendation for a non-standard SSL port

  - by onurs

  Hey guys, On our server I have a single IP, and need to host 2 different SSL sites. Sites have different owners so have different SSL certificates, and can't share the same certificate with SAN. So as a last resort I have modified the web application to give the ability to use a specified port for secure pages. For its simple look I used port 200. However I'm worried about some visitors may be unable to see the site because of their firewalls / proxies blocking the port for ssl connections. I heard some people were unable to see the website, a home user and someone from an enterprise company, don't know if this was the reason. So, any recommendations for a non-standard SSL port number (443 is used by the other site) which may work for visitors better than port 200 ? Like 8080 or 8443 perhaps? Thanks!

  Read the article

• Switching Servers, SSL domain, one vps?

  - by ThomasReggi

  Feeding off of this post. I have a domain with Dreamhost and i've purchased SSL certificate for it. I am moving over the server files to Linode but and setting the DNS in dreamhost to point over. Linode provides a ip but it's not dedicated. What is going to happen to SSL on that dreamhost IP when I switch over the DNS to linode? I have one virtual host can I host multiple domains while using SSL for one?

  Read the article

• Is SSL to the proxy good enough?

  - by Josh Smeaton

  We are currently trying to decide on how best to do SSL traffic in our environment. We have an externally facing Apache proxy server that is responsible for directing all traffic into our environment. It is also doing the SSL work for the majority of our servers. There are one or two IIS servers in particular that are doing their own SSL, but they are also behind the proxy. I'm wondering, is SSL to the proxy good enough? It would mean that traffic within our network is identifiable, but is that such a big deal?

  Read the article

• Last (I think and hope) problems configuring SSL certificate with Apache and VirtualHosts

  - by user65567

  Finally I set apache2 to get a single certificate for all subdomains. [...] # Go ahead and accept connections for these vhosts # from non-SNI clients SSLStrictSNIVHostCheck off # Apache setup which will listen for and accept SSL connections on port 443. Listen 443 # Listen for virtual host requests on all IP addresses NameVirtualHost *:443 # Because this virtual host is defined first, it will # be used as the default if the hostname is not received # in the SSL handshake, e.g. if the browser doesn't support # SNI. <VirtualHost *:443> ServerName domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/domain/public" <Directory "/Users/<my_user_name>/Sites/domain/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> <VirtualHost *:443> ServerName subdomain1.domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/subdomain1/public" <Directory "/Users/<my_user_name>/Sites/subdomain1/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> <VirtualHost *:443> ServerName subdomain2.domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/subdomain2/public" <Directory "/Users/<my_user_name>/Sites/subdomain2/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> So, for example, I can correctly access https://subdomain1.domain.localhost https://subdomain2.domain.localhost ... Now, anyway, I have problems on accessing http://subdomain1.domain.localhost http://subdomain2.domain.localhost ... Since I use a Mac Os, on accessing the "http: version", I get a default page "Your website." (instead of a error). Why does it happen?

  Read the article

• Intermediate SSL Certificates on Azure Websites

  - by amhed

  I have successfully configured an Extended-Validation Certificate on an Azure Website following this article: http://www.windowsazure.com/en-us/documentation/articles/web-sites-configure-ssl-certificate/ The main (non-technical) stakeholder of the web application went through great lengths to validate that our site is secure. He went to this site to check the validity of our SSL: http://www.whynopadlock.com/ The site throw the following error: `SSL verification issue (Possibly mis-matched URL or bad intermediate cert.). Details: ERROR: no certificate subject alternative name matches`` The certificate is installed using IP Based SSL instead of SNI. This is done this way because some site visitors still use Internet Explorer 8 on Windows XP, which has no support for SNI and throws a security warning. Is my certificate correclty installed? I received three .CRT files from my SSL provider: PrimaryIntermediate.crt SecondaryIntermediate.crt EndCertificate.crt This is how I exported our certificate as a .PFX file to Azure: openssl pkcs12 -export -out myserver.pfx -inkey myserver.key -in myserver.crt

  Read the article

< Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >