All Questions
Tagged with openssl ssl-certificate
394
questions
1
vote
0
answers
103
views
wget / openssl : Unable to locally verify the issuer's authority
I have wildcard certificate (*.example.com) from DigiCert
Have following files in the zip file from DigiCert portal
DigiCert Global Root G2.pem
DigiCertCA.crt
star_example_com.crt
TrustedRoot.crt
I ...
- 101
1
vote
1
answer
1k
views
OpenVPN "error=CA signature digest algorithm too weak"
After upgrading our OpenVPN server from Debian Buster to Bookworm, which also upgraded OpenVPN from 2.4.7 to 2.6.3, we're now getting this when any client tries to connect:
error=CA signature digest ...
- 427
0
votes
0
answers
293
views
curl: (60) SSL: unable to obtain common name from peer certificate
I'm trying to create self-signed certificates for my webserver but it's not going well. The title is the error message curl gives me when I run
curl --noproxy "*" https://example.com
(with ...
0
votes
1
answer
417
views
Importing SSL certificate in browser does not prevent the secure warning
I have an embedded device (ESP32) that runs an HTTPS server.
I generated the certificates in this way:
openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out cacert.pem -subj &...
- 163
1
vote
1
answer
2k
views
Use openssl 3 to create a self-signed certificate just like what "New-SelfSignedCertificate" can
First of all, I did googling about openssl, such as this one, and also tried dozens of time on creating a valid self-signed certificate.
But I guess asking on serverfault would be much quicker.
My ...
- 83
4
votes
6
answers
16k
views
HTTPS compatibility issue with Chrome 116/117 ERR_SSL_PROTOCOL_ERROR
I'm having error ERR_SSL_PROTOCOL_ERROR since 2 day on my website for some reason.
Browsers tested
Windows Chrome 117.0.5938.132 : ERR_SSL_PROTOCOL_ERROR
Android Chrome 117.0.5938.61 : ...
- 212
1
vote
1
answer
264
views
Warning with sending emails from Thunderbird to Postfix using its own CA
I'm asking for help because I simply don't have the strength anymore, I've spent a lot of time and I'm still left with an unsolved puzzle.
My problem: I keep getting "Wrong Site" warnings ...
- 31
0
votes
1
answer
184
views
Identify SSL certificate type for apache configuration
I have SSL certificate files:
Root2023.crt
t1.crt
t1.pem
t1.pk8
on my apache How can I determine which of these files should be used for SSLCertificateFile, SSLCertificateKeyFile, and ...
- 151
0
votes
2
answers
519
views
curl with --cacert fails on almalinux8 but works on ubuntu
We try this:
curl -v --cacert cert.pem https://example.com/path.asmx
on ubuntu its working, we're getting:
successfully set certificate verify locations:
* CAfile: cert.pem
CApath: /etc/ssl/...
- 3
0
votes
1
answer
896
views
Disable TLSv1.0 and TLSv1.1 when generating certificates using openssl 1.1.1
I am struggling to implement a feature for my certificates. I am generating my certificates with OPENSSL 1.1.1.
I want to allow only TLSv1.2 and TLSv1.3. The other protocols should not be possible (...
0
votes
1
answer
2k
views
Can't get .pfx file to work on Linux
I am writing a C# program that has to call an API endpoint that requires authentication via certificates.
I have got a .pfx file, which I can import in Windows and everything works fine, however the ...
- 3
0
votes
0
answers
729
views
.p12 certificate not working on mac (Ventura 13.4.1) but works on windows
I generated ssl certificates for (Nifi Registry https://nifi.apache.org/registry.html) I installed them in Windows.. it worked and i get a prompt to select certificate when i open the website https://
...
- 103
3
votes
1
answer
2k
views
Import-PfxCertificate not importing to correct certificate store
I am trying to import a PFX using PowerShell, that has been created by OpenSSL from a cer and key file (the key was generated by OpenSSL along with a CSR, which was submitted to internal AD CA to ...
- 1,753
2
votes
1
answer
4k
views
OpenSSL Does not Create Subject Alternative Name (SAN)
I have been trying to create a self-signed certificate with subject alternative name; however, although the cretifcate was created successfully, SAN was not added to its details.
Here's the command I ...
- 121
0
votes
1
answer
61
views
What does "priv" in a encrypted ECC key mean?
I generated a password protected key by command openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:P-256 --out ca.key -text -aes-256-cbc. The passphrase is "rrrr" (this example is a ...
- 103