Skip to main content
Server Fault

All Questions

Ask Question
Tagged with
37 questions
Newest Active Bountied Unanswered
0 votes
0 answers
24 views

How to check OpenSSL: alert internal error, handshake failure for CA

Context is our Mosquitto broker, running on a certain domain. User can connect via TLS only. We are using a self-signed certificate for this purpose, because we want to sign client certificates by ...
BairDev's user avatar
BairDev
  • 125
0 votes
0 answers
293 views

curl: (60) SSL: unable to obtain common name from peer certificate

I'm trying to create self-signed certificates for my webserver but it's not going well. The title is the error message curl gives me when I run curl --noproxy "*" https://example.com (with ...
Seal_bebbe's user avatar
Seal_bebbe
  • 1
1 vote
1 answer
2k views

Use openssl 3 to create a self-signed certificate just like what "New-SelfSignedCertificate" can

First of all, I did googling about openssl, such as this one, and also tried dozens of time on creating a valid self-signed certificate. But I guess asking on serverfault would be much quicker. My ...
user53815's user avatar
user53815
  • 83
0 votes
1 answer
277 views

Configure OpenVPN with existing certificate

I want to configure OpenVPN with available certificates, without using easy-rsa. I use openssl to generate private.key and csr.csr. Then I use opensource CA EJBCA to authenticate csr and create a ...
Patrick's user avatar
Patrick
  • 1
0 votes
0 answers
36 views

self signed for a site accessible through VPN

I'd like to know if what I'm doing is right or is there another way to do this? I have this site that is accessible through VPN and i'd like the end users not to see the "not secured" ...
Reefo Relaxo's user avatar
Reefo Relaxo
  • 11
0 votes
1 answer
340 views

self signed certificate for a site that can only be access through VPN

I read a lot of articles about self signed certificates and I'm not exactly sure if I'm getting near to what I want to actually achieve. I'm trying to implement a self signed certificate so that the ...
Reefo Relaxo's user avatar
Reefo Relaxo
  • 11
0 votes
0 answers
729 views

.p12 certificate not working on mac (Ventura 13.4.1) but works on windows

I generated ssl certificates for (Nifi Registry https://nifi.apache.org/registry.html) I installed them in Windows.. it worked and i get a prompt to select certificate when i open the website https:// ...
santhosh's user avatar
santhosh
  • 103
1 vote
1 answer
7k views

Squid! FATAL: No valid signing certificate configured for HTTPS_port

I've been struggling with Squid 4.13 on Ubuntu 20.04 for about a week now. My latest (and hopefully last) problem is this: FATAL: No valid signing certificate configured for HTTPS_port and this is ...
JoBe's user avatar
JoBe
  • 276
1 vote
1 answer
3k views

CA with intermediate certificate for vault

I want to setup Private CA for internal services using Vault (HashiCorp). I am generating Root CA & Intermediate CA certificate outside of Vault. Vault will be generating short-lived (30 days) ...
rp346's user avatar
rp346
  • 101
0 votes
1 answer
8k views

Openssl "Self-signed certificate in certificate chain" when server sends whole certificate chain with the self-signed certificate to the client

I am having the following certificate chain: Self-signed Certificate --> Intermediate --> Client cert, Server cert. I have application for ssl communication and also verify peer setting. I try to ...
ananetworking's user avatar
ananetworking
  • 33
0 votes
2 answers
10k views

error when trying to add custom extensions to X509 certificates using openSSL

I am trying to add custom extensions to my self-signed certificate. I tried the following openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -extfile myconfig.cnf -extensions ...
brain storm's user avatar
brain storm
  • 163
1 vote
1 answer
1k views

OpenSSL invalid revocation date / update CRL?

I have an index.txt file where I changed the value of a certificate - whose certificate file I do not have - from V to R to revoke it. The index.txt looks as follows exemplarily: V 220303095424Z ...
Ferit's user avatar
Ferit
  • 111
2 votes
1 answer
5k views

Generate end-entity certificate with OpenSSL for localhost on IIS

I would like to ask how to generate end entity certificate based on my own CA root certificate? I've generated root CA this way: openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \ -...
bug_2's user avatar
bug_2
  • 31
4 votes
3 answers
18k views

openssl keeps creating v1 certificate instead of v3

Hell everyone, so i'm trying to create a self signed certificate for my domain and for some reason openssl keeps creating V1 certificates for my server instead of V3 and that is causing browsers to ...
Ghaith Haddad's user avatar
Ghaith Haddad
  • 73
11 votes
1 answer
24k views

Self signed ssl I created for localhost cannot be trusted even though I have already imported it to chrome

I am creating https server side that I am using to practice OAuth to Instagram which requires https. I generated a certificate using ssl by running the script from the following link: https://gist....
alexW's user avatar
alexW
  • 111

15 30 50 per page
1
2 3