Search Results

Search found 5507 results on 221 pages for 'mod ssl'.

Page 4/221 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • cURL or SSL problems, how to solve?

    - by deadman
    I keep getting this error: No cURL data returned for https://XXX.XXXX.XXX:XXXX [0] SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed I am not sure, or I could say, I dont know what is this problem. And how to solve this? Please help!

    Read the article

  • How to configure apache and mod_proxy_ajp in order to forward ssl client certificate

    - by giovanni.cuccu
    I've developed a java application that need a ssl client certificate and in the staging environment with apache 2.2 and mod_jk it is working fine. In production the configuration is not using mod_jk but mod_proxy_ajp. I'm looking for an apache configuration example that configure ssl and mod_proxy_ajp for sending the ssl client certificate to the java application server (which listens with the ajp protocol). Thanks a lot

    Read the article

  • How to configure apache and mod_proxy_ajp in order to forward ssl client certificate

    - by giovanni.cuccu
    Hi, I've developed a java application that need a ssl client certificate and in the staging environment with apache 2.2 and mod_jk it is working fine. In production the configuration is not using mod_jk but mod_proxy_ajp. I'm looking for an apache configuration example that configure ssl and mod_proxy_ajp for sending the ssl client certificate to the java application server (which listens with the ajp protocol). Thanks a lot

    Read the article

  • GoDaddy SSL on Shared Hosting

    - by Jon
    So I'm very new to using SSL certificates and I have been trying to install one on a site for a client. He is using shared hosting for multiple domains through GoDaddy, and the site we're working on is not the primary domain. He purchased a UCC certificate for multiple domains and I installed it on the shared hosting account. My thought was that since the domains were under the same hosting account, then they would each be protected under the certificate. This was not the case...apparently. I checked both domains with an SSL checker and the primary domain checked out. The domain that we wanted the SSL on showed the following errors: None of the common names in the certificate match the name that was entered (www.CLIENTDOMAIN.com). You may receive an error when accessing this site in a web browser. I'm not sure how to fix this. It was just purchased yesterday, so if necessary, I guess I could un-install it or re-key it (???). Is there a way to just change the common name to www.CLIENTDOMAIN.com (the correct domain)?

    Read the article

  • Sharing two SSL wildcard certificates in memory in nginx

    - by hvtilborg
    I have an nginx server running with two IP addresses, say 1.2.3.4 and 4.3.2.1. Besides there are two wildcard SSL certificates for *.example.net (i.e. wc1, pointing to 1.2.3.4) and *.sub.example.net (i.e. wc2, pointing to 4.3.2.1). The nginx docs mention that you can share a wildcard certificate between server instances like this: ssl_certificate wc1.crt; ssl_certificate_key wc1.key; server { listen 1.2.3.4:443; server_name www.example.net; ssl on; ... } server { listen 1.2.3.4:443; server_name test.example.net; ssl on; ... } However, I was wondering whether this same construct is possible to use with the second wildcard certificate too. Both domains have around 500 subdomains. Do they not get mixed up, since the ssl_certificate construct is now global?

    Read the article

  • SSL wildcard certificates and trailing 'www'

    - by user173326
    I've got a wildcard SSL certificate for *.mydomain.com. I'm using nginx, and redirecting all traffic for http to https, and also rewriting the URLs without a trailing www (if there is one). So it has, 1) http://subdomain.mydomain.com ---> https://subdomain.mydomain.com 2) http://www.subdomain.mydomain.com ---> https://subdomain.mydomain.com 3) https://www.subdomain.mydomain.com ---> https://subdomain.mydomain.com 4) https://subdomain.mydomain.com ---> https://subdomain.mydomain.com However, since my cert is for *.mydomain.com, case 3 gets an SSL error in chrome ('This is probably not the site that you are looking for!'), but if you click through it gets redirected and all is well. I understand why, since the initial connection is for https with a www (2 levels of subdomains), which doesn't match what is on the wildcard certificate. I thought a solution would be to get an additional cert for *.*.mydomain.com to cover www.*.mydomain.com. But it seems like that won't work. I spoke to agents from namecheap and comodo, and both said *.*.mydomain.com was not possible. I also came across this: https://support.quovadisglobal.com/KB/a60/will-ssl-work-with-multilevel-wildcards.aspx Is there a solution to this? To be able to cover www.*.mydomain.com?

    Read the article

  • Keytool and SSL Apache config

    - by Safari
    I have a question about SSL certificate... I have generate a certificate using this keytool command.. keytool -genkey -alias myalias -keyalg RSA -keysize 2048 and I used this command to export the certificate keytool -export -alias myalias -file certificate.crt So, I have a file .crt Now I would to configure my Apache ssl module. I need to use keytool...At the moment I can't to use Openssl How can I configure the module if I have only this certificate.crt file? I see these sections in my ssl.conf # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a # pass phrase. Note that a kill -HUP will prompt again. A new # certificate can be generated using the genkey(1) command. #SSLCertificateFile /etc/pki/tls/certs/localhost.crt # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt How can I configure the correct section?

    Read the article

  • Add 33 Unique Biomes to Minecraft with the Biomes O’ Plenty Mod Pack

    - by Asian Angel
    Are you tired of looking at the same old biomes in Minecraft? Then add some fresh scenery with the Biomes O’ Plenty mod pack and enjoy a whole new Minecraft world! Biomes included in the mod pack: Birch Forest, Bog, Cherry Blossom Grove, Crag, Deadlands, Dense Forest, Field, Frost Forest, Garden, Glacier, Highland, Mangrove, Marsh, Meadow, Mesa, Mountain, Mystic Grove, Oasis, Ominous Woods, Orchard, Prairie, Quagmire, Rainforest, Savanna, Scrubland, Seasonal Forest, Shrubland, Spruce Forest, Tropics, Tundra, Wasteland, Wetlands, and Woodlands. You can download the mod pack, view the setup instructions, see images of each biome type, and more by visiting the link below. [1.3.2] [MODLOADERMP] Biomes O’ Plenty – Adds 33 Unique Biomes! (SSP/SMP) [via BoingBoing] 8 Deadly Commands You Should Never Run on Linux 14 Special Google Searches That Show Instant Answers How To Create a Customized Windows 7 Installation Disc With Integrated Updates

    Read the article

  • How to install an SSL certificate on an home server with IIS

    - by Rushino
    I have a home server which i would like to add SSL certificate (via IIS). I believe self-signed certificates are a bad idea so i was wondering how this actually work to have one installed on my server. This server is currently being accessed being outside.. this is basically for learning/pratical purpose. So if i understand correctly, it is possible OR do we have to buy an SSL certificate somewhere and install it on the server for use ? (by importing it in IIS) what are the actual brief steps ? Thanks!

    Read the article

  • How to set up an SSL Cert with Subject Alternative Name

    - by Darren Oster
    To test a specific embedded client, I need to set up a web server serving a couple of SSL (HTTPS) sites, say "main.mysite.com" and "alternate.mysite.com". These should be handled by the same certificate, with a Subject Name of "main.mysite.com" and a Subject Alternative Name of "alternate.mysite.com". This certificate needs to be in an authority chain back to a 'proper' CA (such as GoDaddy, to keep the cost down). My question is, are there any good tutorials on how to do this, or can someone explain the process? What sort of parent certificate do I need to purchase from the CA provider? My understanding of SSL certificates is limited, but as Manuel said in Fawlty Towers, "I learn...". I'm happy to work in Windows (IIS) or Linux (Apache) (or even OSX, for that matter). Thanks in advance.

    Read the article

  • Having many subdomains with SSL--best practices?

    - by jnunn
    I have a site that has many subdomains (one for each client). The content for each subdomain will be different, pulling different data, different layouts etc, so I don't think I can just alias one directory to many different sub domains. My question is, what's the best practice for doing this? Each subdomain will need SSL. My setup is Amazon EC2 (ubuntu) Wildcard SSL for my domain (*.mydomain.com) Apache 2 PHP (LAMP) Currently, I'm just creating a new entry into "/etc/hosts" and an appropriate spot in the web root (ie /var/www/abc.mydomain.com, /var/www/def.mydomain.com, etc). I've just discovered that I'll need a unique IP for each subdomain, and that's tricky with EC2 as they limit you to the number you can have (unless you jump through some hoops). Right now I have about 10 subdomains, which is manageable, but theoretically I could have thousands. Am I doing it the only way possible or is there a better way I should investigate?

    Read the article

  • testing ssl cert for smtps => "secure connection could not be established with this website"

    - by cc young
    testing ssl cert on server using a web service. https, imaps and pop3s all check, but smtps yields the message "we advise you not to submit any confidential or personal data to this website because a secure connection could not be established with this website." running postfix tls logging: connect from s097.networking4all.com[213.249.64.242] lost connection after UNKNOWN from s097.networking4all.com[213.249.64.242] disconnect from s097.networking4all.com[213.249.64.242] these work correctly: telnet mydomain.net 587 openssl s_client -starttls smtp -crlf -connect mydomain.net:587 but cannot get email using ssl to log into either 587 or 564 - get same "UNKNOWN" problem. email smtp w/o ssh works fine. the test site is http://www.networking4all.com/en/support/tools/site+check/

    Read the article

  • Apache: Assign SSL server / client certs to directories

    - by Daniel Amaya
    I have multiple directories on my system, e.g., /var/www/dir1 /var/www/dir2 /var/www/dir3 And what I'd like to do is to generate a server/client SSL certificate for each directory, and then set up each directory such that the client cert must match the server cert in order to access said directory. Now, if someone has the client cert for /var/www/dir2 and they try to access /var/www/dir1, they will be unable to do so since those directories use different certs. Each of these directories is hosted on the same domain (i.e., domain.com/dir1, domain.com/dir2). Now, the problem I am having is that I am not exactly sure how to accomplish this in Apache. (Also, I don't really care for domain.com to require SSL, but I do want the directories to require it.)

    Read the article

  • Safari 7 SSL error if using IP-adress

    - by K. Biermann
    I have created my own CA for internal usage and set the root certificate to trustworthy on my machines. With this CA I signed the SSL-certificates for my internal servers. I only address them with their IP and so I used the servers' IP as certificate name. If i connect to the Servers with Chrome or mobile Safari it works without problems, but if I use Safari 7 under Mavericks (on the same machine with the same keychain) i get the following error: "The certificate is not valid (host name mismatch)". I double checked that I entered the correct IP ("https://192.168.2.130"), but I always get the same error. Do I need to enter a different name for the certificate or is it just that Safari doesn't support SSL certificates for IPs? Here is a screenshot of the error message (I can only post images with at least 10 rep): Safari's error message Thanks in advantage and please excuse my bad English :D

    Read the article

  • Getting fingerprint from Apache certificate (combined with key)

    - by Alois Mahdal
    I have just created a certificate for my Apache SSL host using: make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/ssl/private/myhost.crt Now that is the correct way to get the fingerprint out of it? (So I can keep it in other place for visual comparison---in case I need to connect and really don't trust the network?) openssl sha1 /etc/ssl/private/myhost.crt returns different SHA1 than Opera tells me about the cert. Is this because it's combined with the key? (...or am I spoofed already? :-)).

    Read the article

  • SSL certificates - best bang for your buck [closed]

    - by Dunnie
    I am in the process of setting up an online store. This is the first project I have attempted which will require a good level of security, so I recognise that an decent SSL certificate is a must. My current (albeit admittedly basic) understanding of the options are: DV SSL - more or less pointless, as provides no verification. OV SSL - better, as provides a basic level of organisational verification. EV SSL - 'better, full' verification, but much more expensive. As this is a new business venture, and budgets are tight, which option provides the best bang for my buck? I have read questions such as EV SSL Certificates - does anyone care? which suggest that EV certificates are a bit of a con. Does this mean that OV certificates offer better value for money, especially for new businesses with shallow pockets?

    Read the article

  • SSL is not enabled in Heroku

    - by Drom
    Since Heroku has integrated the piggybank_ssl addon by default, trying: heroku addons:add piggyback_ssl or heroku addons:add ssl:piggyback results in: ! This add-on is now a standard Heroku platform feature. ! Your apps can already use piggyback SSL. But, accessing: mywebsite.herokuapp.com results in: SSL is not enabled mywebsite.herokuapp.com does not have SSL enabled. My production.rb has: config.force_ssl = true What am I missing? Update I have read the page SSL on Heroku, but it's obsolete, they suggest to run: heroku addons:add piggyback_ssl Which is no longer necessary. SOLVED ! I don't change anything, and now it's working. It seems that it was a heroku problem.

    Read the article

  • SSL on multiple directories

    - by Shredder
    I have a website that is http, but has a port set up for https for a specific directory that is for the shopping cart. Now I'd like to use our SSL on a different directory in the same site as well. How can I go about configuring that? I have tried looking into all of the config files as well as the docs and cannot figure it out. I tried setting this in httpd.config as well <VirtualHost 127.0.0.1:[ssl port]> #also tried *:[ssl port] and [actual IP]:[ssl port] ServerAdmin [email protected] DocumentRoot "C:/path/sslNeededDir" ServerName www.example.com </VirtualHost> hoping that it would cause pages in this directory to use ssl port and become https, but that didn't do anything. Any help is greatly appreciated. Update: This finally got migrated over. I'm still looking for a solid answer on this. If anyone could help me, it would be greatly appreciated.

    Read the article

  • SSL certificates work fine from command line but fails in script

    - by jrallison
    I'm trying to setup email notifications for my continuous integration server. I have a script which uses nail to send the email when the build works: #!/bin/bash echo "Build Worked!" | nail -A myisp -s 'Build Success' [email protected] When I run this from the command line with sh build-worked, it works and I receive the email. However, when I start the continuous integration server which executes the same script, I get the following error: nail: /opt/bitnami/common/lib/libssl.so.0.9.8: no version information available (required by nail) nail: /opt/bitnami/common/lib/libcrypto.so.0.9.8: no version information available (required by nail) Error with certificate at depth: 0 issuer = /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected] subject = /C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com err 20: unable to get local issuer certificate Continue (y/n)? could not initiate SSL/TLS connection: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed . . . message not sent. I must be messing some configuration, any ideas?

    Read the article

  • SSL stops working on IIS7 after a reboot

    - by Mark Seemann
    I have a Windows 2008 Server with IIS7. Every time the server reboots, SSL stops working. Normal HTTP requests work fine, but any request to an HTTPS address gives the typical error message in the browser: Cannot find server or DNS I can temporarily fix it by opening IIS Manager and bring up the Bindings… window for the website in question. Then I select “https”, click on “Edit” then click “Ok” without making any changes to the settings. After doing this, browsing to https:// works again until the next reboot. This issue look as lot like the one described here, but according to the Certificates MMC snapin, the certificate in question does have a private key. I'm also pretty sure that I never installed the certificate in the personal store, but imported it straight into the machine store, but it's been a while... There's not a lot in the event log apart from the event ID 36870 also described in the post I linked to. Can anyone help me troubleshoot this issue so that SSL will work even after a server reboot?

    Read the article

  • SSL certificates work fine from command line but fail in script

    - by jrallison
    I'm trying to setup email notifications for my continuous integration server. I have a script which uses nail to send the email when the build works: #!/bin/bash echo "Build Worked!" | nail -A myisp -s 'Build Success' [email protected] When I run this from the command line with sh build-worked, it works and I receive the email. However, when I start the continuous integration server which executes the same script, I get the following error: nail: /opt/bitnami/common/lib/libssl.so.0.9.8: no version information available (required by nail) nail: /opt/bitnami/common/lib/libcrypto.so.0.9.8: no version information available (required by nail) Error with certificate at depth: 0 issuer = /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected] subject = /C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com err 20: unable to get local issuer certificate Continue (y/n)? could not initiate SSL/TLS connection: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed . . . message not sent. I must be messing some configuration, any ideas?

    Read the article

  • SSL Returning Blank Page, No Catalina Errors

    - by Mr.Peabody
    This is my second, maybe third, time configuring SSL with Tomcat. Earlier I had created a self signed, which worked, and now using my signed is proving fruitless. I am using Tomcat, operating from the Amazon Linux API. When using the signed cert/keystore, my server is starting normally without errors. However, when trying to navigate to the domain it is giving me an "ERR_SSL_VERSION_OR_CIPHER_MISMATCH" error. My server.xml file looks as follows: <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/home/ec2-user/.keystore/starchild.jks" keystorePass="d6b5385812252f180b961aa3630df504" /> It couldn't hurt to also mention that I'm using a wildcard certificate. Please let me know if anything looks amiss! EDIT: After looking more into this, I've determined there may be nothing is wrong with the Server.xml, or the listening ports. This is becoming more of an actual certificate error, as the curl request is giving me this error: curl: (35) Unknown SSL protocol error in connection to jira.mywebsite.com:-9824 Though, I can't seem to figure out what the "-9824" is. When comparing this curl to another similar setup (using the same Wildcard Certificate) it's turning up the full handshake, which is to be expected. I believe this is now between the protocol/cypher set default on JIRA servers.

    Read the article

  • both ssl and non-ssl on single port

    - by Zulakis
    I would like to make my apache2 webserver serve both http and https on the same port. With the different method i tried it was either not working on http or on https.. How can I do this? Update: If I enable SSL and then visit the with http I get page like this: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /> <blockquote>Hint: <a href="https://server/"><b>https://server/</b></a></blockquote></p> <hr> <address>Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny16 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g Server at server Port 443</address> </body></html> Because of this, it seems very much possible to have both http and https on the same port. A first step would be to change this default-page so it would present a 301-Moved header. Update2: According to this, it is possible. Now, the question is just how to configure apache to do it.

    Read the article

  • Client unable to access OWA website after temporarily changing SSL certificate on the server

    - by Lorenz Meyer
    I have the following issue: One client computer (Windows XP) cannot access the OWA website. All other client computers can (Except another one in the same remote office). How this happened: I temporarily changed the SSL certificate on the Exchange Server yesterday. After a few minutes, I reverted back, an now the same certificate that was installed for years is back again. During these few minutes, they were in OWA on this computer and got a certificate error. What exactly happens: Internet Explorer displays the error Internet Explorer cannot display the webpage, Firefox displays The connection was reset and Crome shows This webpage is not available. The connection to ... was interrupted. What I already did to try to get this working: Restart the client computer Restart the exchange server Deleted Internet Explorer browsing history In IE, Internet Options, tab Content, under Certificates deletes SSL cache Restored Internet Explorer to the default parameters I looked into certmgr.msc, but did not find a certificate related to the issue What could I do else to narrow down the origin of this problem (or better: resolve it) ? Can you give any advice ?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >