All Questions
50
questions
0
votes
1
answer
3k
views
How to add a custom OpenSSL engine with OpenSSL and use from apache server?
I have a custom-built OpenSSL engine. I'm trying to make changes to openssl.cnf to load this engine automatically. My ultimate goal is to use this engine for Apache mod-ssl.
Apache mod_ssl to use ...
- 101
0
votes
1
answer
708
views
Mod SSL compiled against server
I have an issue with www+https redirection and I saw this error in logs:
[ssl:warn] [pid 204:tid 412] AH01916: Init: (localhost:443) You
configured HTTP(80) on the standard HTTPS(443) port!
So I ...
- 49
0
votes
1
answer
1k
views
Apache not finding the HSM-protected private key over PKCS#11
I have installed Apache on my Centos7 virtual machine together with mod_ssl. I'm trying to make TLS working with the private key protected by an HSM over PKCS#11, but when I try to start Apache it ...
- 119
2
votes
1
answer
5k
views
OpenSSL error when compiling Apache HTTPD - undefined reference to `SSL_in_init'
We run Apache HTTPD as a production load balancer using mod_ssl with OpenSSL. I'm trying to recompile Apache HTTPD on the latest version (2.4.41) and am encountering the following error when running ...
- 43
0
votes
1
answer
3k
views
Apache 2.4 compatibility with OpenSSL
We run Apache HTTPD as a load balancer in production, using mod_ssl with OpenSSL. Whilst trying to compile the latest Apache version (2.4.41) we've hit problems with OpenSSL whilst building.
My ...
- 43
1
vote
0
answers
2k
views
Server saying no TLS/SSL protocols available even though mod_ssl/openssl installed and enabled
I am trying to add SSL certs to my server but when I connect via a browser it throws an error (ERR_SSL_PROTOCOL_ERROR in Chrome).
This is confirmed using testssh (https://testssl.sh/)
Testing ...
- 513
0
votes
3
answers
21k
views
Apache: SSLCertificateFile: file does not exist or is empty
I created a Private Key, CSR, and CRT using the below commands to run a Website using HTTPS on Apache 2.4.6. And the Operating System is Cent OS 7.
// To generate a Private Key
1. openssl genrsa -...
- 121
0
votes
0
answers
590
views
apache2 segmentation fault on https requests
I am trying to configure an old OpenSuse server with https.
The http virtualhost seems to work fine, however when I try to load the https url from my browser I get a:
This site can’t be reached
...
- 111
0
votes
1
answer
1k
views
HTTPD + OpenSSL - Long time to connnect to port 443 then ssl_handshake_failure
I know that ssl_handshake_failure is a generic error, however this is my last resort, since I've been investigating this issue for three weeks.
I'm deploying Apache HTTPD server on an AIX Server. AIX ...
1
vote
1
answer
1k
views
Apache client authentication: browser not sending certificate when CA name not matching by case?
Using Apache 2.4.
We have two valid CA certificates whose distinguished names differ only by the case of one character (say CA1 with dn: cn=MyCA,O=myOrg and CA2 with dn: cn=MyCA,O=MyOrg).
These two ...
- 11
-2
votes
1
answer
2k
views
Apache recompile with mod_ssl and openssl
I have a Nagios (dev) server built on AWS EC2. The server had preinstalled:
OpenSSL 1.0.1k-fips
Apache/2.4.25
Qualys scan notified that there are vulnerabilities. The package available on AWS ...
- 128
0
votes
1
answer
927
views
Repairing Apache after OpenSSL update
I made an OpenSSL upgrade on ubuntu server (14.04 LTS) via apt to 1.1.0f. After the upgrade was finished, I tried to (re)start apache2. Then this appears:
* Starting Apache httpd web server apache2
...
- 1
1
vote
1
answer
3k
views
Apache2.4.25 using system default openssl instead of new version provided during compilation
Trying to compile apache2.4.25 from source on Fedora 15 with dynamically linked mod_ssl. Fedora15 server has a default openssl version (OpenSSL 1.0.0j-fips 10 May 2012) and newer openssl library (...
- 21
4
votes
1
answer
12k
views
How to check apache for SNI (Server Name Indication ) availability?
I have a centos 7 server. I switched from apache 2.4.6 to apache 2.4.25 using IUS repository (https://ius.io/). My goal is to support multiple SSL certificates with a single IP.
I have installed:
...
- 175
0
votes
1
answer
15k
views
Upgrade OpenSSL (mod_ssl) on WIndows Apache 2.2.18 to v1.1.0b
I am running Apache 2.2.18 on my work machine and have a dedicated IP and paid SSL certificate. Since this server should be secure, I only use HTTPS when I access it. To do a test I went to ssllabs....
- 103