self-signed-certificate

Self-Signed Certificate working in OS X but not Windows

by

Im trying to create a self-signed certificate to use a HTTPS connection to access my internal site (jira.intranet.com). I have successfully followed this article https://security.stackexchange.com/questions/74345/provide-subjectaltname-to-openssl-directly-on-command-line (3rd answer), to address Google Chrome complaining about no subjectAltName. Here’s the commands I have used. openssl genrsa -out ca.key 2048 openssl req -new -x509 -days 3650 -key ca.key -subj … Read more

How can I generate a self signed certificate that will not fire a SSL_ERROR_BAD_CERT_DOMAIN?

by

I need to generate a self signed certificate for my application and I want to be able to make it valid if a self generated root certificate have been added to the web browser manually. The problem is that my application will be accessed by any IP that the client will assign to the server … Read more

How to add a header to my apache2 server

by

I have an apache2 web server for testing only (not a production server). It is running on Ubuntu 18.04. I have configured it with TLS. I want to add a header. So I navigated to this file: /etc/apache2/sites-available/default-ssl.conf The file content now is: <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin hi@myownsite.com ServerName myownsite.com DocumentRoot /var/www/myownsite.com/html ErrorLog ${APACHE_LOG_DIR}/error.log … Read more

How to avoid HSTS error by hosts redirect with self-signed certificate? [closed]

by

Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it’s on-topic for Server Fault. Closed 2 years ago. Improve this question I created this records in windows hosts file 127.0.0.1 a.domain.name 127.0.0.1 b.domain.name 127.0.0.1 c.domain.name where 127.0.0.1 – ip of my server [a,b,c].domain.name – … Read more

Trusting a Self Signed Certificate on RHEL7

by

I’m running into an issue where I’m trying to import a self-signed certificate of one of our servers to one of our development boxes. I’ve tried adding the .cer file from the server to /etc/pki/ca-trust/source (and have tried /anchor as well) then running update-ca-trust extract but with no success. It feels like I’m missing something … Read more

Requirements for certificates to sign PDFs in Adobe Reader?

by

I’m trying to set up PDF digital signatures using certificates generated by openssl. I have generated a CA certificate, and used that to sign end user certificates, which I archive in PKCS#12 format. I have imported and trusted the CA certificate in Adobe Reader, and it shows that the end-user certificates as being trusted to … Read more

Why does replacing certificate in WebLogic now require TLS1.2

by

We replaced a self-signed certificate JKS with a signed certificate in WebLogic 12.2.1.3.0. The C# desktop applications that connect to a service hosted there now fail with “The request was aborted: Could not create SSL/TLS secure channel”. That can be fixed on the client with ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; for .NET 4.5 or ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072; … Read more

I am unable to provide a valid PEM file to HaProxy despite validating the PEM file and installing the self-signed certificate in the correct places

by

I will post my private key in its entirety because it is an example for development and debugging purposes. This is the process by which I have created my PEM file: https://serversforhackers.com/c/using-ssl-certificates-with-haproxy sudo openssl genrsa -out example.dev.key 1024 sudo openssl req -new -key example.dev.key -out example.dev.csr sudo openssl x509 -req -days 365 -in example.dev.csr -signkey … Read more

Certificates explanation for VPN Server Edgerouter + IPSec/IKEv2 + Active Directory Certification Authority

by

I’m trying to setup a IPSec/IKEv2 VPN Server for roadwarriors on my EdgeRouter 6P which has Linux Strongswan 5.6.3 on board, with Active Directory CA as TRUSTED ROOT CA and Microsoft NPS as Radius for authentication, both installed on Domain Controller with a FQDN. In the last few days I’ve collected some information about the … Read more