Questions tagged [ssl-certificate]
The ssl-certificate tag has no usage guidance.
418
questions
0
votes
0
answers
19
views
SSL Error: ERR_SSL_PROTOCOL_ERROR - only happening with Chrome -- all other browsers fine
I get the following error in Chrome:
ERR_SSL_PROTOCOL_ERROR when trying to connect to a client website.
This only happens in Chrome and for everyone.
The "website" is hosted in IIS and is ...
-1
votes
1
answer
49
views
How to add Private key to SSL Cert
I have been supplied a certificate file; CSR; Public Key and Private key by my SSL Cert reseller, all in txt files with ciphertext inside. I have to renew a ssl cert hosted on a IIS server, and the ...
- 3
0
votes
1
answer
66
views
How do we create an SSL certificate on a website hosted on a Mac OS Sonoma system using a third-party SSL provider?
We have a website that we are hosting from a MacBook. We would like to add an SSL certificate to the website itself. Is there a way to do this, or should we just add the SSL to the whole system?
We ...
- 1
0
votes
0
answers
25
views
Broke my mac network after apache/ssl changes
I tried to configure Apache2 with SSL for local web development on my Mac (MacOS Ventura).
What I did with apache/ssl was : install httpd and make some basic configuration. Enable mod_ssl module, ...
0
votes
0
answers
84
views
Finding CA Cert from a Synology NAS to use it with curl --cacert
My Synology uses self-signed certificate, so I need to include it with curl --cacert /path/to/cert.pem to connect safely from a terminal to NAS using https. How can I find this certificate on my ...
- 1
0
votes
0
answers
195
views
Access is Denied - Certreq.exe
I am getting an "access is denied" message when attempting to use the certreq from the commandline.
TLDR; I am a domain admin, and a local admin on the machine (inherited). I am using an ...
- 1
0
votes
0
answers
148
views
SSL certificate mismatch within home network
I use Home Automation to control my heating, lights etc.
I installed a letsencrypt cert and I use a custom domain name to access it securely.
https://home.mydomain.tld/
This uses port 443 natively.
...
- 53
0
votes
1
answer
267
views
Using certutil certificate in apache, missing key
$ConfigContent = @"
; Request.inf
[Version]
Signature="`$Windows NT$"
[NewRequest]
Subject = "CN=$CN,C=ES,ST=Barcelona,L=Barcelona,O=$O"
KeySpec = 1
KeyLength = 2048
...
- 118
-1
votes
1
answer
1k
views
Can AD CA certificates for internally facing sites be inherently trusted?
Is AD CA (AD Certificate Services properly configured) all that's needed for (SSL certs on) internally facing sites to be trusted w/o any additional configuration on domain-joined clients?
Say:
...
- 276
0
votes
0
answers
57
views
Client fails TLS handshake
A client is trying to connect to my website using a client certificate. However, they get a 400 error. They gave me their public certificates excluding root CA in a .crt file.
This is the access log:
...
0
votes
1
answer
54
views
Website refuses to load, but works fine everywhere else. SSL Certificate related
I have a computer which has stopped connecting to a website.
Normally this computer would just get rebuilt with the standard image we have for the computer, but there's a lot of bespoke software which ...
- 3,516
0
votes
0
answers
266
views
How to view subject alternate names in Google Chrome
I am setting up a public-facing web site, that has three domain names:
prod.example.com
test.example.com
dev.example.com
I have the TLS certificate, signed by DigiCert, and when I view the site in ...
- 319
3
votes
1
answer
18k
views
curl: (35) schannel: next InitializeSecurityContext failed - The revocation function was unable to check revocation for the certificate
tl;dr How can I fix "The revocation function was unable to check revocation for the certificate" when using a custom proxy+cert combination? Can I disable this check somehow for the whole ...
- 389
0
votes
0
answers
444
views
Update openssl to 3.1.1 from 1.0.2n in Nodejs
I am working on an old node.js project which is using the Openssl version 1.0.2n. I found only a dll (libeay32.dll) using in this project and in that that dll openssl version is 1.0.2n. Since Openssl ...
- 101
0
votes
1
answer
195
views
getssl cannot reach challenge token url
I am using getssl (https://github.com/srvrco/getssl) to renew my ssl certificate. I get this message when I try to renew my domain:
Check all certificates
Registering account
Verify each domain
...
- 847
5
votes
2
answers
15k
views
Let Firefox accept a website with self-signed certificate
How do I tell Firefox 112 that it is fine to visit a specific site containing a self-signed certificate?
The 'I understand the risk' button is no longer available, clicking 'Advanced' again shows 'Go ...
- 4,247
0
votes
1
answer
188
views
Certbot frequently/always fails in cron with a hostname mismatch
Update 2023-05-06: Yep. Looks like CentOS7's NetworkManager overwriting /etc/resolv.conf. Haven't had an issue since disabling it.
Update 2023-04-20: It looks like CentOS7's NetworkManager is the ...
- 332
0
votes
0
answers
170
views
Network Access Points providing cert on connection, how?
How is it connection providers in public locations are able to send a certificate on connection?
I seem to recall there is a protocol they use, but I read that many years ago.
Or is it as simple as on ...
- 1
5
votes
1
answer
823
views
Change back to old Certificate-Viewer in Chrome
How can I change my Google Chrome/Chromium-based web-browsers to open the old certificate viewer, the one built-in to Microsoft Windows instead of the "new" Chromium one?
Old (goal) Windows ...
- 61
0
votes
0
answers
140
views
How to obtain a certificate request from an existing certificate
I've got a server where a .p12 is on it that has been converted to a .pem (files: certserver.p12, certserver.pem, certserver.pass for the password).
I now got a request to make a new certificate-...
- 445
2
votes
1
answer
13k
views
How to associate a private key (.key) file to a ssl certificate (from GoDaddy) to install on IIS
I have ssl certificate file downloaded from GoDaddy which contains .pem file .crt file and .p7b file. I have a private key generated in .key extension. I need to assign the same to the certificate i ...
- 23
4
votes
0
answers
4k
views
How to renew CA certificate using easy-rsa
I need to renew ca certificate. I use easyrsa. I know there is command easyrsa renew foo
but it works only with regular certificates. I can't see any option like easyrsa renew-ca and easyrsa renew ca ...
- 181
0
votes
0
answers
120
views
Code signing certificates
We recently launched a software application built using electron where the app does check a firebase database upon launch of the app and for some reason, it was triggering the Norton Antivirus ...
1
vote
0
answers
960
views
Using OpenSSH config file with -addext and -subj parameters
I'm trying to create a bash script to manage a PKI. I want to use OpenSSL conf file to specify some parameters for the generated and signed certs using my CA.
I specified default parameters as below:
...
- 11
1
vote
1
answer
3k
views
Chrome saying certificate is not valid even though it's marked as trusted
I'm running on MacOS Ventura 13.1, Chrome version 109. I remember I downloaded the relevant certificates months ago and it used to work fine, but - and I'm not sure it was after I upgraded the OS, I ...
- 13
0
votes
0
answers
950
views
"Insecure origins treated as secure" does not work in Opera
STR:
Go to configuration in Opera: opera://flags/#unsafely-treat-insecure-origin-as-secure
Set URL: https://self-signed.badssl.com/
Reload Opera
Open entered URL from #2.
Results:
Expected: the ...
- 209
1
vote
2
answers
362
views
https from Internet to a private server
I finished a local install of Nextcloud on an old pc I run as a server connected to my LAN.
I can access it directly using the private IP address of the server in my local network.
My question is ...
- 11
1
vote
0
answers
103
views
SSL expired web root certificate for one client, on some computers but not others
I'm a non-network pro who has a situation with one of our largest clients. They get the red Certificate Invalid icon, because of an outdated, expired root certificate. However, our certificate is up ...
- 111
0
votes
0
answers
2k
views
can't initialize iptables table `filter': Table does not exist (do you need to insmod?) - iptables is not present
I am trying to install NGINX and Certificate by following this article in WSL:
How to Install and Configure Nginx on Ubuntu 20.04
But at the Step 5: Allow Nginx Traffic, I am getting error after the ...
- 1
1
vote
2
answers
2k
views
How to get the eduroam network settings right on Linux? With that CA certificate, and without the installer from the eduroam website?
Tried to follow an eduroam guide on a university site. That you can download the public installer from http://www.eduroam.org/, choose the university, and that is all. For Linux, this was a Python ...
- 2,423
1
vote
1
answer
2k
views
how do you trust expired SSL/TLS certificate on Windows?
I have an internal HTTPS-only site with an expired SSL/TLS certificate.
Although I could bypass expired certificates from web browsers, there are other client applications that require a valid ...
- 113
0
votes
1
answer
699
views
Get public key from CSR or CRT
I have certificate request that contains RSA Public-Key. Looks like Modulus part is public key by itself. But according to my understanding it must contain 256 bytes while modulus part contains 257 ...
- 2,593
2
votes
2
answers
449
views
How to teach git to trust github on linux?
Recently on my linux system i have run into an issue of not being able to commit to my own github repository. When i try to do it, that's what i get:
my prompt: > git push --verbose
Pushing to ...
- 361
1
vote
0
answers
424
views
Cloudflare Nginx SSL Not Trusted/400 bad request (No required ssl certificate was sent)
Similar to this the error I am receiving from this thread (https://community.cloudflare.com/t/getting-400-bad-request-no-required-ssl-certificate-was-sent-using-nginx-and-cloudflare-authenticated-...
- 161
1
vote
1
answer
927
views
Replacing SSL certificate via SSH with local files
I need to replace a ssl certificate on an Ubuntu webserver which expires soon. My client sent me some certificate files:
server.key
server.csr
intermedio.pem
CSR_trustico.pem
Certificato.crt.txt
How ...
- 123
0
votes
0
answers
38
views
A single user account on my Windows 10 PC can't access Google
A user account on my Windows 10 PC gets certificate errors when accessing Google from any browser. All other user accounts seem to be able to access it fine. And the problematic user account seems to ...
- 131
0
votes
0
answers
170
views
Switch from Internet Explorer to Edge Chromium / Chrome
I'm working on a legacy application created with HTML 4 and PHP 5, my purpose is to run the application on Edge chromium, the style of the application is good on internet explorer but when I tried to ...
1
vote
1
answer
920
views
Public certificate and Private DNS
Essentially, I have private domain called abc.local and an internal site that I want to be using HTTPS.
I have no Private PKI and planning to create an SSL certificate using Public CA. Let's say I ...
- 13
0
votes
0
answers
461
views
How to fix error ERR_SSL_VERSION_OR_CIPHER_MISMATCH
I'm working on a PHP and while the application works in Internet Explorer, within Edge, where I want to run this application, I get error ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
How to fix this error?
0
votes
0
answers
65
views
installing SSL on 2 exchange servers
I have 2 exchange servers run for one email service, and I need to renew the SSL certificate. Do I need to issue 2 SSL, or one is enough?
If one is enough how can I replicate it between them?
- 21
6
votes
2
answers
13k
views
Make Chrome trust the Linux system certificate store or select certificates via policies
I need to trust a self-signed certificate on a lot of managed Linux desktops.
I have imported them into the trust store of the OS, curl, wget etc. trust them.
However browsers like Firefox and Chrome (...
3
votes
0
answers
2k
views
SSL verification doesn't happen with curl cacert option
This is my understanding of curl --cacert option :
We can make curl perform SSL verification against a custom truststore by providing a PEM file path to this option. It is mostly used when we are ...
- 131
0
votes
1
answer
3k
views
openssl unable to pass -config and -signkey options in the same command
I am attempting to generate a self-signed certificate with my custom config file for openssl. However, the options -config and -signkey are generating errors as below when used in the same command.
...
- 131
0
votes
1
answer
17k
views
How to find the file location of a website's ssl certificate
I am trying to access the SSL certificate for a certain website (textnow.com) but I can't find where it is stored on my computer, even in the certificate manager.
Also, when I click on the lock next ...
- 123
0
votes
0
answers
2k
views
Can I use Nginx to redirect a sub sub domain to a subdomain with wildcards?
I want to be able to redirect domains like https://www.*.whanganuionline.com to the same sub domain of https://*.whanganuionline.com. We have a wildcard SSL for the domain *.whanganuionline.com but ...
- 101
0
votes
0
answers
93
views
mistaccaly created extra ssl certificate generate -> NET::ERR_CERT_COMMON_NAME_INVALID
i am very new to web hosting and
you can check my website https://www.potatino.com/,
it show error : NET::ERR_CERT_COMMON_NAME_INVALID
i am using digital-ocean
my certificates currently are:
...
- 1
1
vote
1
answer
1k
views
Does a reboot of Ubuntu cover all CA actions that an update-ca-certificates would do?
When I copy a new CA certificate, e.g., mycompany.crt into the directory /usr/local/share/ca-certificates, I have to do an update-ca-certificates in order to make this certificate known to the system.
...
- 111
1
vote
1
answer
5k
views
Web browsers say certificates expired or not yet valid, even though the certificate is valid for today's date and system clock is accurate
I just formatted my computer and reinstalled Windows (Windows 7 Home Premium SP1), and when I try to visit certain websites (eg Wikipedia), the sites do not load. The sites fail to load in both Chrome ...
0
votes
0
answers
926
views
Certificate authority (CA) in Ubuntu 21.10 is installed but it does not work
I've installed certificates before within Windows and Ubuntu [server] and it works normally, but today I tried to install certificates on Ubuntu Desktop 21.10 over RDP + AD user, and it does not work ...
- 101
0
votes
1
answer
716
views
Chrome 96 - How to tell if a website is using an EV SSL certificate?
When using Chrome 96, how do I tell if an SSL certificate is an EV SSL certificate? Here's what Chrome does display:
- 321