Unanswered Questions
1,938 questions with no upvoted or accepted answers
9
votes
0
answers
683
views
Can Asterisk's phoneprov module be used securely?
I'm using Asterisk 13.1.0 as packaged by Ubuntu Server 16.04 to run a pure-VoIP phone system. Asterisk has a module – phoneprov – that allows it to template out configuration files for ...
- 113
8
votes
1
answer
1k
views
Utilizing SSL on Multi-domain, Autoscaling Elastic Beanstalk Setup
We are creating a Content Management System for our company. It is important that this CMS support dynamic domain names on a dynamic number of servers. After many hours of research we felt that Amazon'...
- 1
8
votes
0
answers
8k
views
Apache/SSL: (70014)End of file found: SSL input filter read failed
Figured upgrading on a long weekend was a smart move... Now I'm stuck.
The server is spitting out this error (loglevel info): "(70014)End of file found: SSL input filter read failed" when using the ...
- 375
7
votes
1
answer
5k
views
haproxy ssl password protected private key
Usage: Haproxy as SSL termination
Requirement: Our private keys are password protected and we are not allowed to remove the password for the private key
Problem:
If i run the following command ...
CommunityBot
- 1
7
votes
1
answer
23k
views
Enable TLS 1.2 in Windows Server 2012 running Exchange 2013 and IIS 8.0
I need to enable TLS 1.2 on Windows Server 2012. I checked this using ssllabs.com by Qualys, a PowerShell script, and the linux tool cipherscan.
The server hosts Exchange Server 2013 SP1 (CU4), with ...
CommunityBot
- 1
7
votes
1
answer
299
views
What would be involved in moving a site like stackoverflow to https?
I've seen a lot of requests in the SO Meta asking for StackOverflow to be moved over completely to https.
I've never run a site as large as Stack Overflow, so enabling SSL/TLS has always just meant ...
- 425
6
votes
1
answer
1k
views
IIS 6.0 SSL handshake error
Hi all I installed a trusted certificate in an IIS 6.0 server. I have the port 443 opened in the firewall and I verified the server is listening on that port. However when verifying using openssl I ...
- 1,714
5
votes
0
answers
8k
views
Enabling HSTS header on AWS Application Load Balancer
We have a Spring Boot application behind an AWS Application Load Balancer. The load balancer terminates SSL before forwarding coming requests to our application and also redirects 80 port to 443 port.
...
- 179
5
votes
1
answer
2k
views
How to debug failed checksums/flipped bits in TCP packets?
A web application we maintain recently encountered a very weird problem: three out of four virtual machines on two physical hosts had trouble connecting to the server of our payment provider via HTTPS....
- 643
5
votes
0
answers
12k
views
How is TLS_FALLBACK_SCSV supported on Windows Server?
According to the last SSL Labs report, everything is green on my server, except support for TLS_FALLBACK_SCSV.
Not currently possible with IIS it seems
I've read everywhere that this is not ...
KevinM
5
votes
0
answers
6k
views
LDAP with TLS: connect error(-11)
I configured OpenLDAP and today I've configured the TLS for more security following these guide lines: Configure OpenLDAP with TLS=required
Modifying the cn=config.ldif with config file:
dn: cn=...
CommunityBot
- 1
5
votes
1
answer
2k
views
Outlook refusing to display HTTPS images from server using internally-signed cert
We are currently transitioning our site to use HTTPS everywhere, and this includes the emails that we send to customers. On our internal testing environments, we are using IIS with SSL certificates ...
- 8,431
4
votes
1
answer
4k
views
Let's Encrypt certificate on SQL Server 2019 - "The target principal name is incorrect"
Summary
I'm having trouble getting a certificate issued by Let's Encrypt R3 to work on SQL Server 2019. When using the certificate for SSL but not trusting the server certificate explicitly (In SSMS, ...
4
votes
0
answers
614
views
Drop connections with a mismatching client certificate CN in nginx TCP reverse proxy
I'm using nginx to add TLS functionality on top of an existing TCP server (Redis) by proxying it like so (please read on before saying "Redis has builtin TLS support"):
stream {
server {
...
4
votes
0
answers
7k
views
ngnix php curl old SSL session ID is stale, removing
I am making a php curl request from nginx server to apache server
It shows old SSL session ID is stale, removing
As per the link I have changed the SSLSessionCacheTimeout in bitnami apache server but ...
- 141