I am creating https server side that I am using to practice OAuth to Instagram which requires https. I generated a certificate using ssl by running the script from the following link: https://gist.github.com/bjanderson/075fadfccdd12623ab935e57eff58eb4 The script ran just fine and I received all the expected files. I’ve imported the ca.crt to my chrome under the trusted … Read more
I have nginx and want it to verify client certificates. So I bought commercial certificate for server, and non-commercial for clients. Basically I’ve generated client certificates with easy-rsa scripts. Connecting with client certificates validation disabled works as expected. Connecting with “ssl_verify_client on;” fails with code 400 and no information in error or access log. nginx … Read more
For development environment, I can create create self-signed certificate in IIS7.5. But that certificate is SHA-1 and recently browsers are complaining about it. When I open FireBug I see following warnings: “This site makes use of a SHA-1 Certificate; it’s recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.” So … Read more
I was just wondering. We use a lot of SSL certificates. Nowadays, we almost exclusively use letsencrypt (thanks!). The bottom line of these certificates is, that proof of ownership of the domain name(s) on the certificate comes from the power to manipulate either the DNS records or the website under these domains. The DNS proof … Read more
I have a bash script that generates a self-signed certificate and works perfectly fine: #! /bin/bash # Generate self signed root CA cert openssl req -nodes -x509 -days 358000 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj “/C=IR/ST=TEH/L=Torento/O=CTO/OU=root/CN=es.example.com/emailAddress=info@example.com” # Generate server cert to be signed openssl req -nodes -newkey rsa:2048 -days 358000 -keyout server.key -out server.csr … Read more
