All Questions
292
questions
1
vote
1
answer
11k
views
This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store
I am running a web app on Linux where I dont think anyone will look at it besides myself called node red looking to run the web app on TLS with certs.
Going off this tutorial to generate these two ...
- 245
1
vote
0
answers
670
views
Apache Directives for Apache Reverse Proxy with SSL
I am running Gitea on a Debian 10 LAMP machince with an ISPConfig / Apache2 Reverse-Proxy. I managed to get Gitea working on my test server, that doesn't have SSL, using the apache directives below:
...
- 317
2
votes
3
answers
3k
views
NET::ERR_CERT_DATE_INVALID and certificate is not expired
When I try to access my website using https I receive the below error. This error only occurs from my computer regardless which browser I am using to access the home page. When I try to access the ...
- 119
0
votes
1
answer
3k
views
How to properly make default SSL VirtualHost with apache2?
I have an Ubuntu server with apache2 serving the 2 different domains example.com and test.net with valid SSL certificates. I set up VirtualHosts on port 443 to serve my SSL secured domains and on port ...
- 103
0
votes
1
answer
373
views
Enabling HTTPS on EC2 Instance
I have an elastic public IP for my EC2 instance. I have an Nginx server running on it (and nodejs as a backend server). I'd like to enable HTTPS access to my server.
My questions:
Can I create an SSL ...
- 1
0
votes
1
answer
6k
views
Can't reach apache server with ssl through haproxy
In my network i have a DNS server, a HAProxy server and 2 webservers.
When i try to go through the haproxy (getting the domain IP from the DNS server) it gives me a different error then when i go ...
- 37
1
vote
1
answer
2k
views
Created self signed Certificate working with curl but not with chrome
Architecture:
VM- 10.0.0.50
local computer
I named the CN www.ben.com and put 10.0.0.50 as the IP of www.ben.com in /etc/hosts.
When I curl https://www.ben.com I get the HTML (if I curl the IP it ...
- 37
10
votes
1
answer
10k
views
In Wireshark where can I find the TLS Server's Certificate
I'm looking at a TLS v1.3 headers in Wireshark and I'm not sure where I would find the server certificate that is used to confirm that the server is who they claim to be.
The Client Sends Hello then ...
- 357
5
votes
1
answer
30k
views
SSL certificate: EE certificate key too weak
$ curl -s https://goolge.ca | wc
0 0 0
$ curl -vs https://goolge.ca
. . .
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT),...
- 8,851
1
vote
1
answer
195
views
Chrome, static PKP sets, and TLS inspect without warning
I'm using chrome in an environment that is employing transparent TLS inspect. There is a private CA that issues the certificates and is available in the trusted authorities store. When I visit mail....
- 13
2
votes
0
answers
620
views
NGINX as TLS-transparent (secure TCP) and a TLS-terminating (TLS offload) reverse-proxy based on sub-domain name
I host a few services from my home network to the internet and I learned recently about reverse-proxy concepts using NGINX. Some of my services (like Home Assistant) have the built-in ability to ...
- 81
1
vote
1
answer
993
views
Checkmate about TLS certificates on local networks, self-signed certificates and CA
I know barely anything regarding SSL and TLS certificates. Sorry about that.
This is what my company asked me:
They need to put a server on the local network that will be accessible through VPN to ...
- 1,777
0
votes
0
answers
4k
views
Unable to establish SSL connection
When I try to download the package from this link I get a error;
In curl;
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
In wget;
--2020-10-27 19:17:40-- https://www....
- 21
-1
votes
1
answer
83
views
Enable SSL for any domain automatically
We are building a site builder and users can set their own domain. Is there any way to enable SSL for their domains automatically?
For example, a wildcard letsencrypt certificate but not just for *....
- 113
1
vote
1
answer
4k
views
Will Chrome fully remove TLS 1.0?
As of Chrome 84, support for TLS 1.0/1.1 has been "removed" although you can still bypass the warning:
In the error message it states:
The connection used to load this site used TLS 1.0 or ...
- 768