Skip to main content
Server Fault

Questions tagged [openssl]

Ask Question

OpenSSL: The Open Source Toolkit for SSL and TLS

414 questions with no upvoted or accepted answers
Newest Active Bountied Unanswered
6 votes
0 answers
12k views

SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client:

A few months ago I started getting complaints from dozens of users about getting errors when connecting to my site. When I look into the error.log of nginx I see daily SSL errors: I have no idea what ...
Michiel's user avatar
Michiel
  • 61
6 votes
0 answers
4k views

Remotely Monitoring RDP Certificate

We use OpenSSL on a CentOS 6 server to monitor the certificate on servers for RDP. To do this we use: openssl s_client -connect SERVER01:3389 -prexit This has worked flawlessly until 4 days ago, ...
neildeadman's user avatar
neildeadman
  • 694
6 votes
1 answer
1k views

IIS 6.0 SSL handshake error

Hi all I installed a trusted certificate in an IIS 6.0 server. I have the port 443 opened in the firewall and I verified the server is listening on that port. However when verifying using openssl I ...
victor hugo's user avatar
victor hugo
  • 598
5 votes
0 answers
7k views

How to add a friendly name in a x509 certificate or pkcs#7 with OpenSSL

I would like to know if it is possible to insert a friendly name in a generated certificate, or in a p7 file. I found that is possible with a p12 file with -name option, but it seems to be impossible ...
agentn's user avatar
agentn
  • 51
5 votes
2 answers
6k views

How to verify signature on a file using OpenSSL with custom engine

Update Dec 28, 2017 – 3: The author of OpenSSL DSTU module kindly provided patch to OpenSSL+DSTU implementation with a fix for the issue, and assisted further. I was able to accomplish what I need ...
oldhomemovie's user avatar
oldhomemovie
  • 241
5 votes
0 answers
4k views

Invalid key length error when trying to connect phpmyadmin to remote MySql over SSL

I get these error messages when logging in to phpmyadmin instance Error during session start; please check your PHP and/or webserver log file and configure your PHP installation properly. Also ...
Anadi Misra's user avatar
Anadi Misra
  • 537
4 votes
0 answers
3k views

Is there a way to create a PEM file using PowerShell and only PowerShell?

I'm looking for a way to create an AES-128 key in PEM format (Base64 encoded text file) using PowerShell. All the examples I can find assume the user has OpenSSL installed. The equivalent OpenSSL ...
Mike Christensen's user avatar
Mike Christensen
  • 965
4 votes
0 answers
1k views

Building NTP with OpenSSL

I am trying to build the latest version of NTP (4.2.8p3 released on 2015/06/29) with OpenSSL support. I can definitely build NTP but when I try to use ntp-keygen to create a new certificate it tells ...
Guillaume B's user avatar
Guillaume B
  • 41
4 votes
0 answers
4k views

OpenSSL SHA256 testing

I'm having an issue testing a hardened SSL configuration for pound. One of the requirements is for the inclusion of AES[128|256]-SHA256 ciphers, along with strict ordering of preference. I've ...
Coops's user avatar
Coops
  • 6,125
3 votes
0 answers
2k views

NGINX Client Certificate with Indirect CRL

I'm trying to implement mTLS using Nginx SSL Module. Everything works fine until I give Nginx CRL files concatenated in PEM format because one of the CRL is an Indirect CRL. The chain for a leaf ...
Romain V...'s user avatar
Romain V...
  • 131
3 votes
0 answers
6k views

error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: TRUSTED CERTIFICATE

I am using openssl to sign certificate in CentOS 7.4 like this: [root@ops001 cert]# openssl x509 -req -in client.csr -CA ./kubernetes.crt -CAkey kubernetes-key.pem -days 3650 -CAcreateserial -out ...
Dolphin's user avatar
Dolphin
  • 427
3 votes
1 answer
4k views

nginx config using variable in ssl_certificate path throws permissions error

The nginx configuration server block: localhost:/etc/nginx$ cat nginx.conf | grep -B 3 -A 6 '$ssl_server_name' server { listen 443 ssl http2 default_server; ssl_certificate /etc/...
vy218's user avatar
vy218
  • 151
3 votes
0 answers
4k views

Chrome client certificate prompt doesn't list my certificates

I'm in charge of my organization's certificate scheme, I am trying to conform to the new requirements enforced by Google Chrome regarding RFC2818 (the requirement for "Subject Alternate Name" in a ...
Aviad P.'s user avatar
Aviad P.
  • 115
3 votes
0 answers
2k views

How do I get Prosody to use TLS 1.2?

I have Prosody running on my Ubuntu 14.04 LTS server. I have OpenSSL 1.01f installed, which is confirmed by running openssl version. TLSv1.2 is supported and confirmed by running openssl ciphers -v '...
jeff1234567890's user avatar
jeff1234567890
  • 31
3 votes
0 answers
2k views

Client SSL certificate verify error in Nginx

We have a ROOT CA ( ADCS ) which we use to signed a client certificate which we use for Client Certificate Verification in Nginx. This is the relevant Nginx configuration file :- ...
zealvora's user avatar
zealvora
  • 91

15 30 50 per page
1
2 3 4 5
28