Search Results

Search found 21250 results on 850 pages for 'client certificates'.

Page 318/850 | < Previous Page | 314 315 316 317 318 319 320 321 322 323 324 325  | Next Page >

• SSL Ajax type of certificate for the static domain (image + js)

  - by Alexl

  Hi, I have a page that is SSL and has a valid certificate extended. (mainpage.com) But this page request some static content to another domain(page-static.com), basicly images and js. Actually i have only a certificate for my mainpage.com. So now when i request this page i get invalid ssl page because it contains invalid encrypted data (the one provided by the www.page-static.com) What kind of certificate do i need for the www.page-static.com. Do i need the same one as the mainpage.com, because this certificate are expensive (it's a extended certificate). Or a cheap certificate from godaddy will do the trick. This is another question do both certificates have to be signed by the same root provider and/or the same encryption key length (or it can be only 128 bits)? Thanks for your help

  Read the article

• postfix, TLS and rapidssl - "verify error:num=19:unable to get local issuer certificate"

  - by technobuddha

  I have been googeling for days! I have a cert from rapidssl. I read up that the problem with num=20, is that indicates it doesn't know the issuer, or doesn't know the ROOT Cert, right? I run this command: openssl s_client -showcerts -connect smtp.server.com:465 I get this error: verify error:num=19:self signed certificate in certificate chain Here is what i have in my postfix main.cf, and what i have done: smtpd_tls_key_file = /etc/postfix/ssl/smtp.server.com.rsa.key (this is the private key) smtpd_tls_cert_file = /etc/postfix/ssl/smtp.server.com.PUBLIC.key (this is the public key given to me by rapidssl) smtpd_tls_CAfile = /etc/postfix/ssl/combo.csr.key This key has both the intermediate keys ON TOP, and the ROOT KEY on the bottom. Here is the Intermediate keys: https://knowledge.geotrust.com/library/VERISIGN/ALL_OTHER/geotrust%20ca/GT_QuickSSL_and_Premium_and_Trial_intermediate_bundle.pem and here is the root CERT: http://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer anyone know how to use rapidssl certs?

  Read the article

• Upgrading OpenSSL in CentOS 5.3

  - by Lin

  I want to use one IP to host many domains with individual SSL certificates (requires SNI). In CentOS 5.3, the latest version of OpenSSL I can find an RPM for is 0.9.8e, which does not support SNI. I want to upgrade to 0.9.8k but I can't find an RPM. I could compile from source, but if I try to remove the existing OpenSSL package through yum, it wants me to remove all packages that depend on OpenSSL (100+ packages). EDIT: I ended up installing 0.9.8k without overwriting the previous version. Now I both avoid breaking dependencies and can use SNI. Was this the best action?

  Read the article

• Should I anticipate any problems trying to use the same SSL Cert on 2 computers (primary, backup)?

  - by Matt

  We have a production machine running IIS6 with a wildcard SSL certificate. The certificate that was installed is not exportable. We want to upgrade the system to IIS7. As part of this venture, we're creating a backup/failover server that will serve the exact same websites - when we take the primary down for upgrade, the secondary will take over. As such, the secondary also needs the SSL certificate. However, since the certificate was not exportable, this means re-keying it from Go Daddy. Per http://help.godaddy.com/article/867, I know that by re-keying the certificate the original will stop working. I'm still pretty new to SSL certificates, so are there any problems I should anticipate when installing the same SSL certificate on 2 different machines?

  Read the article

• Exchange 2013 - DNS Records for Accepting Multiple Domains

  - by William

  I have an Exchange 2013 server accepting two domains: domain1.com and domain2.com. All of the exchange services (OWA, ECP, POP3, SMTP, etc.) can be found via the address mail.domain1.com. So, in the DNS records for domain1, I have the following entries: MX Record mail.domain1.com A Record mail.domain1.com - (IP Address of Server) CNAME Record autodiscover.domain1.com - mail.domain1.com Now, for domain2.com, how would I set up the DNS records? Would I have the autodiscover just be a cname for autodiscover.domain1.com? Would this allow me to leverage the certificates that I have installed for domain1?

  Read the article

• Setting Up SNI with Apache 2.2.12 and openssl

  - by CCG121

  I am running Apache 2.2.12 and openssl 0.9.8g all of my Apache are in /etc/apache2/sites-available/default and i have 2 domains with certificates www.site.com & d7.site.com my <VirtualHost *:443> DocumentRoot /var/www/domain.com ServerAdmin [email protected] ServerName www.name.tld SSLStrictSNIVHostCheck off SSLVerifyClient None SSLEngine on SSLCertificateFile /var/www/sslcerts/name.tld/www_name_tld.crt SSLCertificateKeyFile /var/www/sslcerts/name.tld/private.key </VirtualHost> <VirtualHost *:443> DocumentRoot /var/www/d7 ServerAdmin [email protected] ServerName d7.domain.tld SSLStrictSNIVHostCheck off SSLVerifyClient None SSLEngine on SSLCertificateFile /var/www/sslcerts/d7.domain.tld/server.crt SSLCertificateKeyFile /var/www/sslcerts/d7.domain.tld/private.key </VirtualHost>

  Read the article

• Adding a second IP address for IIS - static vs dynamic A records

  - by serialhobbyist

  I'm looking to add a second IP address to IIS so that I can run two sites with different SSL certificates. When I added one on my play box and ran ipconfig /registerdns both addresses were registered in DNS with the server's name. So, I deleted the A record for the new IP address and rebooted. That also registered both names. So, then I went into the network config for the adapter and, on the DNS tab, unchecked "Register this connection's addresses in DNS". I deleted the A record for the new IP address again and re-ran ipconfig /registerdns. This time, it deleted the A record for the old IP address and didn't created one for the new address. Neither of these is what I want: I want the main IP address to be registered and refreshed automatically as a dynamic DNS record and the second IP address to be registered and managed as a static address. Is there any way to achieve this?

  Read the article

• Naming standard for additional A records/IP addresses for IIS servers?

  - by serialhobbyist

  When you're adding another IP address to and IIS server, what naming standards do you use for the A records? Background: I've a bunch of sites on an IIS server which use (CNAME'd) host-headers and a single IP address. Server names (and A records) adhere to unfriendly (as in difficult-to-remember) naming standards whereas CNAMEs, and therefore host-headers, can be friendly. Now I've a need for several SSL certificates for different sites. I was thinking about using an additional IP address for each to-be-SSL'd site but still using friendly CNAMEs. So then I come to what to call the A record. What do you do? Related to this question.

  Read the article

• Testing php mail() in localhost problem

  - by Samir Ghobril

  Hey guys, recently I just installed msmtp in linux and I even send a mail from the terminal and it worked: echo -e "Subject: Test Mail\r\n\r\nThis is a test mail" |msmtp --debug --from=default -t [email protected] But in php, after editing the php.ini file to have this: sendmail_path = '/usr/bin/msmtp -t' and using this piece of code: <?php if ( mail ( '[email protected]', 'Test mail from localhost', 'Working Fine.' ) ){ echo 'Mail sent'; } else{ echo 'Error. Please check error log.'; } ?> I get the Mail sent message but don't receive a message in my inbox. Not even in the spam folder. Anything wrong I'm doing? msmtp configuration file: defaults tls on tls_starttls on tls_trust_file /etc/ssl/certs/ca-certificates.crt account default host smtp.gmail.com port 587 auth on user [email protected] password password from [email protected] logfile /var/log/msmtp.log

  Read the article

• Outlook Security Alert following Exchange 2007 upgrade to SP2

  - by desiny

  Following an update to Exchange 2007 sp2 (yes I know very belated) I have an issues when logging onto Outlook. I see the below message... I also had a simlar issues with web access and as I am at home with IIS, this was easily solved. However I did notice that the server contains a number of keys for autodiscover.mycompamy.com, exchange.mycompamy.com etc and it seems that the SP2 upgraded didnt know how to deal with this. As I have a wildcard ssl, I think it would be prudent to remove all other certificates, however in order to stop the nag when opening outlook - what can I do?

  Read the article

• SSL Certificate Stops Working after Server Reboot on IIS7, W2K8

  - by Zac

  We recently upgraded from W2K3/IIS6 to W2K8/IIS7 and have been having problems with our SSL Certificate (Thawte 123 SSL certificate) ceasing to work after rebooting. Initially, the intermediate certificates would stop working and we could repair the problem by reinstalling all of them after the reboot (annoying, but not the end of the world). Unfortunately, this is no longer working. The certificate chain has been doublechecked by several tools and people with decent knowledge but no one has been able to identify the cause of the problem. The bindings in IIS have been checked as well The cert itself is also still valid. NOTE 1: I have seen THIS question which seems to be very similar, but there is no satisfactory answer in that post and it's a year old so not likely to get one any time soon. NOTE 2: I'm asking this on behalf of a co-worker so won't be able to provide instant feedback to any questions/suggestions but I will pass it on. The url is: http://www.flirtalike.com / https://www.flirtalike.com Screenshots:

  Read the article

• Windows 7 will not install a root certificate

  - by Farseeker

  I have a web service that uses a self-signed certificate, so I need to install the certificate as a Trusted Root so that I can avoid all the security errors that having a self-signed certificate brings with it. Using Windows 7, I'm going to: Start > Internet Explorer > Run as Administrator > Tools > Internet Options > Content > Certificates > Trusted Root Certification Authorities > Import > (select file) > Next > OK, and Windows reports Import Successful However, the import is NOT successful. The certificate does not show in the list of trusted roots, and certificate errors still show up. If I import the certificate into the Trusted Publishers container, it imports correctly, but this does not solve my security errors. Any ideas?

  Read the article

• Recommendation for a non-standard SSL port

  - by onurs

  Hey guys, On our server I have a single IP, and need to host 2 different SSL sites. Sites have different owners so have different SSL certificates, and can't share the same certificate with SAN. So as a last resort I have modified the web application to give the ability to use a specified port for secure pages. For its simple look I used port 200. However I'm worried about some visitors may be unable to see the site because of their firewalls / proxies blocking the port for ssl connections. I heard some people were unable to see the website, a home user and someone from an enterprise company, don't know if this was the reason. So, any recommendations for a non-standard SSL port number (443 is used by the other site) which may work for visitors better than port 200 ? Like 8080 or 8443 perhaps? Thanks!

  Read the article

• Attach certificate to remote desktop connection - not gateway services

  - by Jordan S

  I have a Windows server that I want to attach a 3rd party signed certificate for remote desktop connections. This is not a remote desktop services server, i.e. it is just remote desktop administration. There is lots of info on the internet about attaching a certificate to remote desktop services, but I want to attach mine to just plain remote desktop connection for administration purposes. If anyone know how to do this, please holler! I have imported the certificate into the Remote Desktop store in the certificates mmc snap in, and have tried running the wmic command in this question (Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode?) but this fails. THANKS!

  Read the article

• Microsoft CA certificate templates expires sooner than expected

  - by Tim Brigham

  The certificates my Microsoft CA is generating do not match the time period indicated in the template used. How can I resolve this? I recently created a new certificate template for use on my Linux boxes on my Microsoft CA (2008 R2 Enterprise). This template is approved for server and client authentication purposes with a validity period of 10 years - the expected lifetime of our Linux boxes - and the subject name supplied in the request. I have checked both the intermediate and offline CA - both have more than 10 years of life listed. Is there some kind of hard limit I'm hitting here?

  Read the article

• How ssl is usually set up on shared hosting (newbie question)?

  - by spirytus

  I am quite unclear on how ssl is usually set up on shared hosting. I have account with justhost.com and they provided me with public_html folder and (its sibling) ssl folder. When I create ssl certificates via cPanel it appears in SSL folder. Now, where I should put my html files to be accessible via https:// rather than http? normal files go into public_html (I figured this out ;) what about secure bunch? Also how can I specify that secured folder shouldn't be the ssl folder (if its the one in fact) but rather some other folder I specify? Is it possible at all with shared hosting? Thank you all for your help, I googled for hours and still am heavily confused as you see :)

  Read the article

• apache, shibboleth, load balancing aliase, ssl

  - by Nikolaidis Fotis

  Good morning folks Could you give me a bit of help with the following problem ? I have a dns load balancing mechanism and an alias (hostAlias) which may point to host01, or host02 I want to configure apache and shibboleth to work with that alias. What happens is ... User types : https://hostAlias (it points to host01) apache host01 : redirect to shibboleth shibboleth host01 : redirect to **https://hostAlias.cern.ch/Shibboleth.sso/ADFS** Now, there are two cases. Either this time hostAlias will point again to host01 , or it will point to host02. If it points to host02, host01 will not get the anwser and the authentication fails. Also, about ssl certificates, I guess that each host will need its own certificate. right ? Should I need a certificate with DNS aliases ? Thanks in advance !

  Read the article

• Windows Advanced Firewall certificate based IPSEC

  - by Tim Brigham

  I'm working on migrating from using IPSEC settings stored under the 'IP Security Policies on Active Directory' to using the 'Windows Firewall with Advanced Security' for my 2008+ boxes. I have successfully been able to get this set up using Kerberos authentication, however my openswan implementation on my Linux boxes is using certificates. Whenever I try changing the authentication method to computer certificate (using RSA and my root CA) the connection is bombing out. I've made this change at both a connection request policy and on the IPSEC settings on the root Windows Firewall with Advanced Security node. The windows event log shows the authentication request is taking place but failing negotiating a mode. What am I missing here?

  Read the article

• Good way to store domain CSR and KEY files

  - by Bert Goethals

  For my company I'm starting to manage more and more domains; and with that more and more certificates for those domains. What is a good way to store the basic KEY and CSR files generated? I was considering a git repo on our private code server. This does not seem secure enough though. Would you suggest and other system, or how this can be done securely with a source control system like git? Also: Does it make sense to store the CRT files and CA files in use?

  Read the article

• how to master in Windows administration [closed]

  - by Mateusz

  what is, in your opinion, best way to become real Windows, advanced administrator? Of course it's possible to obtain MS Certificates, but they're rather very expensive. Almost two years of everyday working on Linux machine, teach me, that it's very important to read system logs. Anyway, I assume that it's enough - I think that you must be familiar with almost any hive in you registry and each trick in Windows CMD and VBS- although it's high time for PowerShell, still on many maschines, you have only an opprotunity of using CMD by default (and their owners are reluctant to install anything else). How I can accomplish this task? Which groups follows (superUser - it' obligatory), which articles read?

  Read the article

• How does pptpd (poptop) or pppd work with eap-tls and mppe-128?

  - by Henk

  To create a VPN I've installed pptpd on an Ubuntu domU (Debian domUs can also be created). MSCHAPv2 isn't a very strong authentication protocol so I'd like to use EAP-TLS. I've set up a FreeRADIUS server and certificates for EAP-TLS before (for use with WPA), and I've also set up a pptp server with mschap-v2 auth, but I can't figure out how to combine the two. Maybe pppd can use EAP-TLS on its own, but I can't find support for it in the Ubuntu package. If I need to patch the package, that's fine, I know how to patch Debian packages (provided the patch applies cleanly). Also, can MPPE still be used when pppd is configured to use EAP? Because it says in the manual several times that MPPE requires MSCHAP. However, other docs like this one: http://www.nikhef.nl/~janjust/ppp/ seem to refute that. The clients are running Mac OS X Leopard and GNU/Linux, there's no need to fix anything for Windows.

  Read the article

• Error When Trying to Exchange Encrypted Emails with Sender Outside Domain

  - by LucidLuniz

  I have an end user who is trying to exchange encrypted messages with a person outside of our company domain. When receiving emails from the user they receive a message that says: Signed By: (There were errors displaying the signers of this message, click on the signature icon for more details.) However, when you click on the signature icon it says: The digital signature on this message is Valid and Trusted. Then when you look at the "Message Security Properties" it shows two layers, each with a green checkmark beside them. The layers are presented as below: Subject: Digital Signature Layer It also has: Description: OK: Signed message The end result with all of this is that when the user on my side tries to send this user an encrypted message it says: Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities: Continue will encrypt and send the message but the listed recipients may not be able to read it. However, the only options you are actually given is "Send Unencrypted" and "CanceL" (Continue is grayed out). If anybody can assist I would greatly appreciate it!

  Read the article

• Two SSL certs for a domain in DirectAdmin

  - by Bart van Heukelom

  If I were to get 2 SSL certificates, one for example.com and one for www.example.com, is there a way to install them both on the site example.com in DirectAdmin? The default interface only allows installing one for both versions. If not, can I separate the 2 domains into 2 sites? One of them would only be a redirection, so there wouldn't be any duplication of site files. (Please don't answer with "one certificate should work for both". It doesn't always. This is a DirectAdmin question)

  Read the article

• Tunneling HTTPS traffic via a PUTTY/SSL tunnel with SOCKS

  - by ripper234

  I have configured a SOCKS ssh tunnel to a remote proxy, and set my Firefox to use localhost:<port> as a SOCKS proxy. My intention is to tunnel outgoing HTTP/S connections from my machine via a specific 3rd party server I own (on AWS). In my testing, HTTP UTLs are forwarded properly (e.g. when I access http://jsonip.com/ from my computer I do get the server's IP) However, whenever I try to reach an HTTPS address, I get this error: The proxy server is refusing connections How do I debug/fix it? My PUTTY tunnel config is simply (some random source port number + dynamic checked): P.S. I'm aware I might need to manually accept SSL certificates. The reason I'm doing this is to resolve problems using gmail as an outbound SMTP service.

  Read the article

• HAProxy and Intermediate SSL Certificate Issue

  - by Sam K

  We are currently experiencing an issue with verifying a Comodo SSL certificate on an Ubuntu AWS cluster. Browsers are displaying the site/content fine and showing all the relevant certificate information (at least, all the ones we've checked), but certain network proxies and the online SSL checkers are showing we have an incomplete chain. We have tried the following to try to resolve this: Upgraded haproxy to the latest 1.5.3 Created a concatenated ".pem" file containing all the certificate (site, intermediate, w/ and w/out root) Added an explicit "ca-file" attribute to the "bind" line in our haproxy.cfg file. The ".pem" file verifies OK using openssl. The various intermediate and root certificates are installed and showing in /etc/ssl/certs. But the checks still come back with an incomplete chain. Can anyone advise about anything else we can check or any other changes we can make to try to fix this? Many thanks in advance... UPDATE: The only relevant line from the haproxy.cfg (I believe), is this one: bind *:443 ssl crt /etc/ssl/domainaname.com.pem

  Read the article

< Previous Page | 314 315 316 317 318 319 320 321 322 323 324 325  | Next Page >