SSL / HTTPS

8K

Solutions

10K

Contributors

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.

Share tech news, updates, or what's on your mind.

Sign up to Post

Getting a TLS error on a particular web site when connecting via a Fortinet VPN connection. Error is "Can't connect securely to this page. This might be because the site uses outdated or unsafe TLS security settings".

The site works fine when connecting from the local LAN.
0
CompTIA Security+
LVL 13
CompTIA Security+

Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.

Hi Experts,

We have on our IBM iSeries Server (as/400), some https: connections, that make use of the default kesystore:
/QIBM/USERDATA/ICSS/CERT/SERVER/DEFAULT.KDB

Now we have several environments Development, test1, test2, acceptation, production1 etc.
Is is advisable to make a keystore for each environment with each their own authorization?)
0
We have to be PCI compliant and on the PCI comliance report, I have an issue with port 465 and my exchange cert.  Not sure why it's throwing an error, but
it's complaining about a self signed cert.  I'm running exchange 2016, and in my certs section, there are 4 certs, one is invalid, expired.

The multiple names certificate is my good, or real, valid cert, from Godaddy. The report is complaining about either the  wmsvc-sha2 cert or the other,
my question is, can I delete every cert here except my multiple name certificate?   Will that cause any issues to mailflow, or OWA?

Not sure how to resolve this issue?  Any thoughts?

elisha is the name of my exchange server.

Exchange certs
cert

PCI error
PCI error
0
I have an  ssl certification with crt format and i need to convert it to .pfx (to use it to Azure apps)

How to do this conversion?
0
Hi Experts

i ordered wildcard cert from global sing

they send to me the cert as txt

Now I have the certificate  but I still need the intermediate  cert and root cert

I can myself via exchange wizard export the cert with pfx extension  but I don’t know how to create the intermediate  cert and root cert

If you know any tool which will help me to to create these files please let me know


thanks
1
In an internal PKI environment which there is just a Offline root and an issuing CA, is the Issuing CA acting as a root?

Meaning in a certificate chain, having the ISSUING CA is like the root and there is NO intermediate CA?
0
I was able to add the GoDaddy to Exchange 2019 but and it has been about 2 hours and it still says pending request.
0
I'd like to have a subdomain or something similar(CNAME?) of a domain that I own redirected to an Amazon S3 htm file without the user seeing the name of the S3 file in the address bar when the user is redirected. (Godaddy called this "masking"). all while the subdomain address shows SSL Encryption.

i.e. I would like:
https://vtours-salonstyle3.urbsee.work 

to redirect to:
https://s3.amazonaws.com/v-tours/Canton+Museaum+of+Art/Salon+Style+2/Tablet+%26+Web+Files/index.htm 
..........................

I've attempted:
Creating a custom bucket in S3 that is the same name as my domain name, then going to Route 53 to get the naming servers, and changing the nameservers for urbsee.work in Godaddy to Route 53 nameservers so I can point Route 53 to S3 files.

This didn't work for me. So I...

Looked at setting up CloudFront to serve HTTPS requests to my Amazon S3 buckets...
.................................................................................
I've been instructed to to this:
"- Since your files in bucket "v-tours" reside inside folder "Canton Museaum of Art/Salon Style 2/Tablet & Web Files", you should use this as value for 'Origin Path'.

In step 5, you should choose 'redirect HTTP to HTTPS' so that HTTP requests from client will be redirected to HTTPS by CloudFront.

As you are using custom domain "vtours-salonstyle3.urbsee.work ", you must use this value for 'Alternate Domain Names (CNAMEs)'. Also, kindly install a custom certificate on CloudFront…
0
After installing ssl  certificate on a glassfish server and  intermediate and root certificates  we are unable to validate the certificate chain.

We get this error

The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following DigiCert's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.
0
Attempted to enable HTTPS connections in SCCM. Now I have lost client connectivity though I believe every step is accurate. I cannot figure out what is causing the issue.

CCMMessaging log (constant error, Hood is server name)
Successfully queued event on HTTP/HTTPS failure for server 'HOOD'.
Post to http://HOOD/ccm_system/request failed with 0x87d00231.

[CCMHTTP] ERROR: URL=http://HOOD/ccm_system/request, Port=80, Options=224, Code=0, Text=CCM_E_BAD_HTTP_STATUS_CODE
[CCMHTTP] ERROR INFO: StatusCode=403 StatusText=Forbidden      CcmMessaging      3/7/2019 11:05:15 AM      8308 (0x2074)
0
Become a Microsoft Certified Solutions Expert
LVL 13
Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Going to be migrating to Exchange 2016 (from EX2010) and need some advice on External URL's and SSL Certs.  On my Exchange 2010 I was using the host name of both my Internal & External URL's for Virtual Directories (ActiveSync, OWA, AOB, ..etc).  I was told that it is recommended to not use the host name on these external url's.  I should use ex.: mail.mydomain.com (use just general mail name instead of my host name).  So should i just use this on my External URL's or both Internal and External?

When creating my new SSL Cert for EX2016 would I still need to put my host name on this Cert?  My current SSL Cert (EX2010) has the following: hostname.mydomain.com; autodiscover.mydomain.com, legacy,mydomain.com; mydomain.com.

I would like to use as minimal amount of SAN names as possible.
0
Please explain the workflow of a Certificate Signing Request

How does this request originate? What does it consist of? What kind of signing authority responds to this request?

And how does it relate to SSL?

And what about the latest update to the.NET Framework? 4.7.2?

Thanks.
1
I use below codes to determine ssl is existed or not. For some reason, it is always "off" and we use CloudFlare free SSL. I just hope to know is there any difference.
This is our first time to use CloudFlare.

Response.write(GethttpType(Request.ServerVariables["HTTPS"],"").
0
i use cloudflare free ssl for my website. and the steps are successful. and i can see valid ssl on my website in the browser.
my next task is to ensure all image, a href and etc. using https. so I use the following codes, and it always return "off"
meaning the ssl is not there. so I now do not know what's wrong. In addition, cloudflare free ssl is not necessary to be installed into my IIS server. I just want to ensure i am correct.

Response.write(GethttpType(Request.ServerVariables["HTTPS"],"").

 
public static string GethttpType(string httpType,string httpHost)
        {
            string strReturn = "http://"+httpHost;
            if(httpType=="on")
            {
                strReturn = "https://"+httpHost;
            }
            return strReturn;
        }

Open in new window

0
How do I install TLS version 1.3 on server 2012 R2?
What steps do I need to follow
0
Hi ,
Advance thanks!
Am using .net framework 4.6.1 and class library project using c#. This project doesn't have config, startup.cs or global.ascx where i enforce string transport security (hsts ) on endpoints.
How to add the header  to configure Strict Transport Security (HSTS). I think i should do something like below in the application but not sure how to do that. Please help....
Response.AddHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");

Kind regards,
Pooja
Response.Headers.PNG
0
Hi,
Am using .net framework 4.6.1 and the class library project using C#. Need to enforce HTTP Strict Transport Security (HSTS) in all public facing http endpoints.I did configuration settings but it doesn't help me. Please help me about how to enforce HSTS on project and how to verify the site has hsts settings.
Have attached Properties window of the project, web.config, startup.cs .Please help...


Kind regards,
Pooja
Properties.PNG
Startup.cs
Web.config
0
Is certificate compromised if someone downloads the p7b file of the certificate? For example if they login to your godaddy or digicert and get the p7b file downloaded, does that jeopardize all the websites that the SSL certificate within was installed on?
0
Hello Friends, I need your help, We have our main website www.pleugerindustries.com, this website already installed SSL certificate. We also have registered other domain like pleuger.com, pleuger.us, pleuger.info and pleuger.org. Now all these domain are just registered, nothing is there, there is no SSL certificate as well. When I redirected these website to our main website www.pleugerindustries.com it successfully redirected but its need SSL certificate. Although the main website already have SSL certificated installed. Do I need SSL for all other domain? If I leave it like this it will insecure for my main website?? kindly though some light on it. Many thanks in advance.
0
HTML5 and CSS3 Fundamentals
LVL 13
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

We are having an issue with an app that allows users to work on their timesheet in the accounting software remotely from their phones.

 It used to work fine until there were OS updates to the phones.

I was told by the accounting program's support that I had to do the following for the phone app to work.

Customer will need to do the following for the SSL certificate on their server:
Disable SSL2, SSL3, TLS1
Enable TLS 1.1 and 1.2:



What I do not understand is where to make these changes.  I tried using a program called Crypto which allows you to enable and disable protocols on the server from a GUI but when I made the suggested changes we could not login to the accounting software from our desktops, and the app still did not work.

My question: Is there a difference with disabling the listed protocols in Server 2012 vs. doing it in the SSL certificate that is installed for the app?

If so, where do I go to make the protocol changes in the SSL certificate?

The server running the accounting program and the SSL certificate is a 2012 R2 server.

Any help is appreciated.
0
Experts,
 We are planning to Implement SSL on our Sharepoint 2013 environment. Since i don't have deep knowledge about it , I would like to have your help to identify the advantage , Dis advantage and challenges for SSL Bridging , SSL Offloading and   SSL Passthrough.

Can you please help me to compare?
0
I got rate limited by letsencrypt and i had to change a domain from olddomain.ca to newdomain.com.

I now have everything working on newdomain.com and im trying to redirect traffic from newdomain.ca to newdomain.com so on cloudflare i created a page rule to redirect all traffic to olddomain.ca to newdomain.com but when users go to olddomain.ca they get a certificate warning for privacy error.

I have this redirect setup on the DNS, how is it even showing this error if i want to bypass it completely and just redirect to the new site?

I get this error in my browser:

NET::ERR_CERT_COMMON_NAME_INVALID
Subject: newdomain.com

Issuer: Let's Encrypt Authority X3


EDIT -- so i guess the issue is certificate handshake happens BEFORE redirect, sh*t how can i get rid of this message if i got rate limited by LetsEncrypt??? Should i purchase a valid SSL and apply it to this domain?

EDIT AGAIN -- can i just add the old domains to the new certificate?
0
Hello,
I have a rdweb service that is  published over the interent I want to secure the authentication with client certificate so the user can't access without it.
so how I can do it ?
can I make it on usb flashdisk and secure it ?
thanks.
0
apache rewrite rules to redirect http(s) olddomian.com to newdomain.com
i made a custom  VirtualHost .conf file for apache for my old domian to redirect every request to httpS new domain but it isn't working...?
i get either the old host or some an invalid URL... both FireFox and Chome show errors like this:
The owner of OldDomian.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. The certificate is only valid for NewDomain.com.

a copy of the apache.conf VirtualHost config:
<VirtualHost 129.125.125.128:80>
ServerName  OldSiteHost.com
ServerAlias www.OldSiteHost.com
ServerAlias OldSiteHost.com

RewriteEngine on
RewriteCond %{SERVER_NAME} =OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =www.newcorp.OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =newcorp.OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =www.OldSiteHost.com
RewriteRule ^ https://NewSiteHost.com/ [END,NE,R=permanent]

</VirtualHost>

Open in new window

0
How to  enable https only for a web API instead of entire application hosted on IIS ? I dont want to enable for entire web application which is in ASP.NET .
0

SSL / HTTPS

8K

Solutions

10K

Contributors

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.