Questions tagged [ssl]
SSL refers to Secure Sockets Layer, a security protocol that has been replaced by Transport Layer Security (TLS). TLS is still commonly referred to as SSL.
1,817
questions
0
votes
0
answers
15
views
SSL Error: ERR_SSL_PROTOCOL_ERROR - only happening with Chrome -- all other browsers fine
I get the following error in Chrome:
ERR_SSL_PROTOCOL_ERROR when trying to connect to a client website.
This only happens in Chrome and for everyone.
The "website" is hosted in IIS and is ...
0
votes
0
answers
27
views
Wget show error certificate of <domain> name was signed using an insecure algorithm, while curl works
We are trying to check domain
wget domain <like httpx://abc.com>
we are getting error "The certificate of domain(abc.com) was signed using an insecure algorithm. But SSL certificate is ...
0
votes
0
answers
9
views
how to configure Piped for https on local network with self signed certificate?
I'm configuring Piped on my RPI home lab.
In my router I created DNS records youtube.home, api.youtube.home and proxy.youtube.home with the IP of my RPI.
I download Piped and execute the configure ...
- 55
0
votes
0
answers
21
views
How to setup SSL certification for host inside CGNAT accessed via ddns
I am just learning networking (absolute noob, still) and NAS managing. I have a media server running an interface app with no security measures so far, and want to implement SSL certification through ...
- 101
-1
votes
1
answer
39
views
How to add Private key to SSL Cert
I have been supplied a certificate file; CSR; Public Key and Private key by my SSL Cert reseller, all in txt files with ciphertext inside. I have to renew a ssl cert hosted on a IIS server, and the ...
- 3
0
votes
1
answer
26
views
openssl certificate signing: subject line not copied
When I create CSR, I have the subject line specified.
$ openssl req -in csr -noout -text
...
Certificate Request:
Data:
Version: 1 (0x0)
Subject: CN = 12345-67890, serialNumber = ...
- 135
3
votes
1
answer
295
views
How do I obtain a trusted, signed, client certificate for use with an FTPS site in IIS and tied to a Windows user?
I've been asked by a third party to setup an FTPS site for them to connect to.
I am doing this on IIS 10.
It is required that the third-party client uses a client certificate which is tied to the FTP ...
1
vote
1
answer
60
views
Trying to create a .crt and .key for apache using certutil/certreq end up with empty files
I have this cert_functions.ps1 file
$ErrorActionPreference = "Stop"
$PSDefaultParameterValues['*:ErrorAction']='Stop'
function New-WorkstationCertificateRequestConfiguration {
param(
...
- 118
1
vote
1
answer
153
views
The Windows trusted the self-signed certificate but Google Chrome returned the NET::ERR_CERT_AUTHORITY_INVALID error
I created a self-signed Root CA certificate, then created an IA certificate signed with Root CA, and finally created a server certificate signed with IA certificate.
These are the commands that I use:
...
- 43
0
votes
0
answers
80
views
An error occurred while reading data from the provider: The remote certificate is not valid according to the validation procedure, PowerBI Postgresql
I wanted to use PowerBI to view and manage things on my Postgresql Database server, but when I select obtain data from another source and select Postgresql DB and enter the credentials (server, DB ...
1
vote
0
answers
70
views
Cannot connect to GitHub on Mac
I'm using Mac Ventura 13.6.6 and git version 2.39.3 (Apple Git-145). Due to my location, I have to use VPNs to use Google, GitHub, etc. It has been working well.
Since several days ago, I realize that ...
- 1,277
0
votes
0
answers
25
views
Broke my mac network after apache/ssl changes
I tried to configure Apache2 with SSL for local web development on my Mac (MacOS Ventura).
What I did with apache/ssl was : install httpd and make some basic configuration. Enable mod_ssl module, ...
1
vote
2
answers
43
views
SSL in private network
My network contain one windows PC and dozens of embedded PCs running linux.
Customer requires that communication between PC and all endpoints will be secured.
In the endpoint I'm running python HTTP ...
- 113
0
votes
1
answer
169
views
Exchange showing local fqdn certificate warning after installing second exchange
hello and thanks in advance,
following problem: we installed a second exchange 2019 server in a network to slowly migrate mailboxes etc. as of know it is just a blank installation. after said ...
- 1
0
votes
1
answer
241
views
rootless podman container needs access to host's SSL cert and key - what's the correct thing to do here?
As the title says, I need a rootless podman container to have access to SSL keys (created with certbot, of course) from the host (Fedora CoreOS, SELinux active) machine, since the main server on the ...
- 141
0
votes
1
answer
37
views
How do I set up HTTPS across my entire server?
I am running a few different websites on my server.
a general webpage using Apache (port 80)
Cockpit Web Console (port 9090)
Home Assistant (port 8123)
an open-source database system called Teable (...
1
vote
1
answer
185
views
Windows SSL cert file (.crt, .cer, .pfx, etc.) association with Crypto Shell Extensions is broken
When right-clicking an SSL certificate file in Windows Explorer, you would normally see the option to Install Certificate in the context menu, and you could also view the cert by double clicking the ...
- 21
0
votes
1
answer
147
views
Where to put cacert.pem certificate file so that ddev composer will use it? Getting "self signed certificate in certificate chain" error
I am using WSL2 with Ubuntu, following the procedure here: https://ddev.readthedocs.io/en/stable/users/quickstart/#__tabbed_2_2
When I get to the line ddev composer create "drupal/recommended-...
- 97
1
vote
0
answers
388
views
k3s/kubernetes add additional IP to cluster TLS/SSL certificate
I setup a k3s/kubernetes cluster with 3 nodes.
All node have the roles control-plane,etcd,master.
So far so good, and everything works like expected.
For testing/playing around, i installed on all 3 ...
- 393
1
vote
0
answers
119
views
Unable to cURL on some platforms, in particular DigitalOcean VPS
I am on Ubuntu 23.10 (GNU/Linux 6.5.0-27-generic x86_64) is not working, curl is 8.2.1 suspect is there is something on the machine.
I have two Virtual Private Servers (VPS) based on Digital Ocean ...
- 185
0
votes
0
answers
180
views
Windows 11 network connection error. I think something with ssl/tls
I came across with the network problem on Windows Home 23H2. One day, my Outlook 2010 has break to receive letters. In the log, I got the message error 0x8004210A.
I tried all the methods pointed here,...
1
vote
0
answers
70
views
I've tried preventing TLSv1.0 and TLS1.1 in Apache, but the protocols are still active
I have a web site (one of a few) on a server. I'm trying to up the score of my domain in https://www.ssllabs.com/ssltest - but it doesn't seem to be working.
Contents of:
/etc/apache2/sites-available/&...
- 201
0
votes
1
answer
31
views
Connect to a device on another subnet using 3rd device as a proxy
I have a device with a HTTPS web portal that only has an ethernet port. However I am unable to get an ethernet cable to the where the device lives, it is however able to receive WiFi.
I was planing on ...
- 303
1
vote
1
answer
1k
views
Debian: how to resolve "unable to get local issuer certificate" and "unable to verify the first certificate"?
I have a problem with curl downloading an image from a webserver.
curl: (60) SSL certificate problem: unable to get local issuer certificate
So I tried to investigate with openssl
$ openssl s_client -...
- 620
0
votes
0
answers
117
views
Client Side Cannot Find Client Cert in TLS Mutual Authentication
This is a windows .NET application. Am working on the client side. Increased SSChannel logging and discovered ... .
Creating a TLS client credential.
The remote server has requested TLS client ...
0
votes
2
answers
639
views
Make a site hosted in IIS server use https and access it within the intranet
I have a site hosted on my IIS server and I can access it on http:localhost. I made a self-signed certificate and added it to the site and can access it via https:\\localhost. I want the site to be ...
0
votes
0
answers
78
views
Finding CA Cert from a Synology NAS to use it with curl --cacert
My Synology uses self-signed certificate, so I need to include it with curl --cacert /path/to/cert.pem to connect safely from a terminal to NAS using https. How can I find this certificate on my ...
- 1
0
votes
1
answer
34
views
Does Chrome support OID Filters in the TLS handshake
Cite from rfc8446
The "oid_filters" extension allows servers to provide a set of
OID/value pairs which it would like the client's certificate to
match. This extension, if provided by the ...
- 101
1
vote
1
answer
80
views
Failed to generate a Let's Encrypt certificate on Asustor NAS with error Ref. 5402
While trying to generate a Let's Encrypt certificate for my Asustor NAS through Settings -> Certificate Manager (following the instructions), the process repeatedly failed with error Ref. 5402. ...
- 191
0
votes
0
answers
220
views
Inconsistent SSL connection error when using wget
I'm trying to download some .nc files from a secure online database.
It seems like for roughly every other attempted file download, I get an 'Unable to establish SSL connection' message, and then wget ...
TML
1
vote
0
answers
288
views
Chrome network requests stall for exactly 10 seconds when using custom local SSL hostnames and certificates
I develop websites locally with mkcert tool to create SSL certificates for my domain (eg project.local). Then I point project.local to 127.0.0.1 in my hosts file (/private/etc/hosts for me on Mac). I ...
- 141
0
votes
1
answer
890
views
openssl s_client -connect errorno=111
Hi I got problem with openssl connection. I have java application which connects from server1 to server2 I made clone of server2 and upgraded it from Debian 9.7 to Debian11. The connection to ...
- 1
0
votes
1
answer
23
views
Need advice regarding setting up SSL on my webserver
I just acquired an SSL Cert for our domain tspack.us - so I am assuming that the Cert is ONLY good for that exact name correct? I technically can't use www.tspack.us because it won't match exactly ...
0
votes
1
answer
133
views
Use NGINX to serve as both webhost + direct subdomain request to dockerserver:port
First, I struggled hard with the title. I've been trying back and forth, googling like mad and the resources I find are most likely way to complicated for me.
But I find it so unbelievable that it's ...
- 1
2
votes
4
answers
3k
views
Nginx without public certificate
Is there any way that we can configure an Nginx without a public certificate?
The objective here is, I want to publish an API on public internet, but all the API client (whitelisted clients) should ...
- 51
1
vote
0
answers
52
views
What is the proper way to host multiple websites from the same machine and same ip address? [closed]
I have two Flask websites running on an ubuntu machine running on my home server. Both of them are running as a service with Gunicorn, one is on port 9000, the other is on 9001. I have registered a ...
- 11
0
votes
0
answers
91
views
Website loading difficulties after TLD change from .com to .promo
We recently changed the URL of our website from eyevertising.com to bold.promo, and we now hear from a few random customers that they can't access the new website!
The only thing we really did, was ...
- 1
0
votes
0
answers
80
views
Selective TLS connection fail
I have a VB.NET application that connects to a remote server, which I have no authority whatsoever, via a username/password, retrieves some data and populates a local database.
Lately the application ...
- 491
0
votes
0
answers
52
views
TLS termination of NLB
Objective:
I would like to achieve the following with AWS and understand how to configure it:
AWS Configuration:
ACM certificate (associated with NLB listener).
NLB (in a public subnet, accepting TLS ...
0
votes
0
answers
805
views
Error with SSL and TLS on Windows server 2019
After I updated the windows server 2019, it is not possible to connect to the server using remote desktop connection. Also the sites which are hosted on https on this server can't be opened and the ...
Dadkhah
1
vote
1
answer
584
views
Initial connection takes too long only on a specific browser/network
I'm having a frustrating issue that I have no idea why it happens or how to fix it.
My initial connection (the "SSL handshake") is taking a minute to some websites only on Chrome browser (...
- 113
0
votes
0
answers
17
views
How do I refresh an page automatically every time an net::(ANY ERROR) is detected on the inspect console on Chrome?
So I have an question. The most annoying error I have in Chrome is the net::ERR_SSL_PROTOCOL_ERROR, which occurs for broken images. I used Codepal to help me make this script, but it does not work. I ...
0
votes
1
answer
2k
views
Certificate is valid, but website shown as not secure on some browsers
So I'm currently trying to set up a website over https. I have a webserver running Ubuntu and Apache2, and DNS records are set to direct example.com and www.example.com traffic. I have a valid ...
- 115
0
votes
0
answers
71
views
Home Network, How to install SSL XAMPP Self-Hosted Website
I use laptop IP Lan 192.168.88.248.
I opened port 80 on this IP. Hairpin NAT in LAN.
I registered the domain abc.mooo.com at freedns.afraid.org and assigned it to my WAN IP.
I install default XAMPP (C:...
- 76
0
votes
0
answers
11k
views
FortiClient VPN stuck at 48% with error code -7200 - Credential or SSL VPN connection issue
I've been facing an issue with my FortiClient VPN connection, and despite trying several troubleshooting steps, I'm still unable to resolve it. The problem is that the connection consistently gets ...
- 1
1
vote
2
answers
162
views
Invalid SSL certificate for Wikimedia, only on my PC and only on LAN; resolves correctly on Wi-Fi
Since yesterday I'm having trouble with anything related to the https://upload.wikimedia.org/ URLs, they all give an ERR_CERT_COMMON_NAME_INVALID error.
I tried some troubleshooting and I noticed that ...
- 111
0
votes
0
answers
155
views
Certificate Authority works in Linux but fails in MacOS
I want to create a self-signed root certificate authority, such that the certificates signed by this CA are trusted by the OS which trusts the CA.
After following a couple different guides, I managed ...
- 101
0
votes
1
answer
1k
views
How to disable SSL checking on Nginx?
I have some QA server for my website.
A year ago I've tried to make SSL connection to my production website so I've implemented it on the QA by nginx too.
Now it's expired and I don't want to renew it ...
- 121
0
votes
2
answers
1k
views
https url not found on ubuntu apache2
Trying the configure SSL on Apache2 on Ubuntu server installed Apache
sudo apt install apache2
Opened ufw firewall
sudo ufw allow 'Apache'
ufw allow https
Installed SSL files in /root/cert
chmod ...
- 61
1
vote
0
answers
74
views
Forcing Firefox to validate SSL certificates from Sophos
A network I'm often connected to uses a Sophos network block on many sites. I would like to try to get around this. I looked at the solution from how to make firefox ignore all ssl certification ...
