All Questions
Tagged with apache-2.4 ssl-certificate
155
questions
0
votes
1
answer
21
views
ssl_issuer_unknown when connecting only to a certain <VirtualHost> with apache
I've this problem with my site configuration and ssl certificates. I've got two websites on the same machine running two different domains. Their respective ssl certificate is issued by Cloudflare and ...
3
votes
6
answers
13k
views
HTTPS compatibility issue with Chrome 116/117 ERR_SSL_PROTOCOL_ERROR
I'm having error ERR_SSL_PROTOCOL_ERROR since 2 day on my website for some reason.
Browsers tested
Windows Chrome 117.0.5938.132 : ERR_SSL_PROTOCOL_ERROR
Android Chrome 117.0.5938.61 : ...
- 202
0
votes
1
answer
236
views
Clients of a site are getting SSL_ERROR_HANDSHAKE_FAILURE_ALERT (Firefox) and ERR_BAD_SSL_CLIENT_AUTH_CERT (Chrome)
I'm running a site in AlmaLinux 8.8 (Centos) and Apache 2.4.56.
The site has a self-signed certificate.
When I access the site, I get the usual warning due to the self-signed certificate. After ...
- 101
0
votes
1
answer
75
views
SSL certificate not working for www subdomain on multiple domain setup
I have a LAMP server running CentOS Stream 8 and Apache 2.4.37. On this I have three domains (let's call them example.com, example.net & example.org). I have SSL certificates for each domain + the ...
- 309
0
votes
0
answers
183
views
wget doesn't accept HTTPS certificate (from letsencrypt) on some computers but does on others
I have the following situation:
On my www server (Apache2, Debian armhf) I have HTTPS certificate from letsencrypt.org by certbot.
When accessing the server from a browser (Firefox, Chromium) ...
0
votes
0
answers
20
views
How can i disable the TLS handshake with 128-Bit-Key from the browser with my apache2 settings? [duplicate]
When I load a website on an apache2 with ssl and look at the settings of the certificate in the browser, it is always a 128-bit key length, only want 256-bit and above to be allowed.
I have that in ...
- 308
0
votes
0
answers
283
views
Can't enable ssl on windows apache24
So, i've already sucessfully installed ssl certificates in apache virtual hosts (2 websites) but i'm unable to access them because every time I activate SSL in httpd.conf apache service wont start
<...
- 1
0
votes
0
answers
55
views
How to use "X509v3 Extended Key Usage" for Control Access in Apache?
I use SSL_Client_I_DN and SSL_Client_S_DN_CN for control Access in Apache:
how can I add the verification of "X509v3 Extended Key Usage" value in the client certificate?
- 692
0
votes
0
answers
96
views
Apache2 SSL certificate error when other website site is enabled , server not picking up the right certification or configuration
I have 2 SSL configuration files for 2 sites. Both SSL are covering www and non-www versions of the sites.
The first SSL one works for SiteA. As soon as I enabled Site B, it looks like my server uses ...
- 169
0
votes
2
answers
929
views
APACHE CERTBOT ERROR
I'm configuring https on a local apache server using certbot but I get the error below:
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -...
- 1
1
vote
1
answer
298
views
TLS 1.2 client ignoring "Acceptable CA" list for Apache ClientCertificateRequest
I have TLS 1.2 mutual authentication working on Apache 2.4.54 with a self-signed CA and test clients on iOS and MacOS. Everything works, except the clients do not recognize the "Acceptable ...
- 131
1
vote
0
answers
261
views
The Let's Encrypt cert doesn't work on Apache and FreeBSD
Our server administrator installed via Certbot the free Let's Encrypt certificate on our server with FreeBSD. But the cert doesn't work and we can't understand how exaclty we should configure the file ...
- 11
0
votes
1
answer
202
views
Apache mod_md: procedure for handling multiple VirtualHosts?
I have a working setup for multiple virtual hosts on the same server, but there's a problem: all the server's SSL certificates are unnecessarily renewed, and moved, whenever a vhost is added.
In this ...
- 433
0
votes
1
answer
2k
views
Apache HTTPS not works, HTTP works
OS: Ubuntu Server 20.40.
WebServer: Apache2
SSL: OpenSSL
SSL Module enabled
SSL files copied on server
SSL site configurated (above the code)
Apache Syntax: OK
Firewall: disabled
HTTP request works
...
- 1
0
votes
0
answers
526
views
Apache SSL renewal keeps using old certificate
I have a website using Apache that runs on a GCP VM instance with a Google load balancer.
In total, I have 3 servers
I have changed the SSL certificate in the Google load balance configuration.
What I ...
google-compute-engine
0
votes
0
answers
356
views
Is it possible to verify TLS if a server doesn't provide an issuer cert?
I'm trying to configure Apache httpd v2.4 for LDAP authentication to AD. LDAPS certificates are issued by the internal CA. For whatever reason (I'm not on the AD team), neither our prod or non-prod ...
0
votes
1
answer
283
views
Apache serves with new and old SSL Root certificate
I am hosting a website at https://www.tabletop.cloud
A while back I switched from the DST Root CA X3 root certificate to the ISRG Root X1 certificate. When I access my website in every browser the SSL ...
- 103
0
votes
0
answers
656
views
Apache VirtualHost not loading correct certificate
We are running into issues with this seemingly simple configuration on Apache 2.4. We can't seem to obtain the correct certificate while using the Virtual Host site2.net. We always get site1.net's ...
- 99
0
votes
0
answers
2k
views
Can't restart apache (httpd.service) after replacing to new SSL cert (wildCard, working on other servers)
I have a wildcard SSL cert that I need to replace in all related servers. It worked fine in all of them but one. I go by the exact same process as in other apache servers, but when I replace the files ...
- 101
1
vote
1
answer
200
views
How many SSL certificates you need - aspnet core + Apache reverse proxy?
When you deploy aspnet core app on Linux you normally do it through reverse-proxy. I.e. Kestrel hosts the app and Apache handles the public internet traffic talking to Kestrel.
So Kestrel and Apache ...
- 752
0
votes
1
answer
2k
views
A valid Root CA Certificate could not be located, the certificate will likely display browser warnings
i'm trying to get Telegram Webhook working with my local machine but it doesn't make requests. I think it's bc of certificate issue
Here's what geocerts.com/ssl-checker says:
screenshot
Here's my ...
- 103
0
votes
1
answer
94
views
Apache SSL Installation [Not Duplicate]
I am trying to install ssl certificate on my ubuntu server 20.04
I have downloaded ssl files and put them in /home/ubuntu (will change once it works):
api_limitlesssoft_com_key.txt
api.limitlesssoft....
- 101
0
votes
1
answer
78
views
Can 2 websites www.example.com and www.example.eu reside on the same server
We have 2 websites and want to get a SSL-certificate for both:
www.example.de
www.otherExample.eu
Both sites reside on the same server under different root with their own config-file. With certbot I ...
- 13
0
votes
1
answer
827
views
apache how configure multi domain https redirection?
I've an apache running under AWS Elastic beanstalk. I've got several different domains and I want all of them to end in a specific domain name, in HTTPS.
The redirection from other domains e.g. https:/...
- 3
1
vote
2
answers
910
views
How does Apache choose which certificate to use?
Currently Apache is hosting several sub domains with host certificates generated with certbot and a http challenge.
Now I want to setup a default virtual ssl host to redirect non-existing subdomains ...
- 113
1
vote
0
answers
383
views
Apache2: RADIUS authentication before rewrite engine HTTPS
I tried to set up a reverse proxy with HTTPS and Radius authentication. Unfortunately, I don't get an authentication query before it redirects to the HTTPS page. What did I do wrong?
<VirtualHost *:...
- 11
0
votes
0
answers
66
views
Strange behavior of Apache with a ssl certificate while DNS are propagating
Is there anywhere a cache for certificates for apache 2.4 under Debian 9 ?
While DNS are propagating on an hosting, I sometimes get wrong certificate (the one of the first hosting of the server in ...
0
votes
1
answer
366
views
Old LetsEncrypt SSL certificate still being served by EC2 instance
I'm working on renewing the SSL certificate for my websites. They are all running on the same EC2 instance with the same Apache server. Two of my domains recently expired so I also tried to remove ...
- 143
4
votes
1
answer
4k
views
Conditionally set SSL certificate request header in Apache
I have an Apache 2.4 server configured as a reverse proxy to accept incoming HTTPS requests and reverse-proxy them to another server over HTTP with custom HTTP headers containing any provided client ...
- 763
0
votes
1
answer
149
views
Single website with multiple certs
I have a website with 2 domain names.
1. name.org
2. server.university.edu/name
I have a wildcard cert to cover server.university.edu/name. If I get one from say, letsencryp.org, I'm not sure how to ...
- 41
0
votes
1
answer
2k
views
How to install letsencrypt wildcard certificates?
I am using certbot/letsencrypt from the EPEL repository with apache on CentOS 7 without any issues on "normal" domain names. The certbot tool recognizes server name aliases from the virtualhost config ...
- 345
0
votes
2
answers
307
views
SSL certificate mismatch, multi vendor website
I have a website hosted on *.mydomain.com, my Apache web server in conjunction with PHP will return/echo some plain text based on the subdomain provided. *.mydomain.com is secured with a wildcard SSL ...
- 21
2
votes
1
answer
265
views
Two VHost with same DocumentRoot but different SSL Certificate. Is that even possible?
I can do this : https://www.digicert.com/kb/ssl-support/apache-multiple-ssl-certificates-using-sni.htm
But I need to do that (note that the DocumentRoot is the same on purpose) :
<VirtualHost *:...
- 132
1
vote
2
answers
1k
views
Different certificates for Let's encrypt
I have an apache webserver that uses certbot for Let's Encrypt SSL certificate.
Is it possible to have many separated certificates for each virtualhost managed?
Currently certbot works with only one ...
- 1,312
0
votes
1
answer
398
views
Apache, sslh, SSL certs, local app, and dockerised app
I've got a server which has been hosting a local app (Nextcloud) for a while with no issues, behind apache (2.4).
I'm also hosting an SSH server on port 443, for which I use sslh.
My LetsEncrypt ...
- 103
-1
votes
1
answer
1k
views
Apache 2.4.29: How to configure multiple
I tried configured multiple SSLCACertificateFile in single vhost but apparently apache is accepting only requests with ca_sha256.cer as root cert, is there a way to support both SSLCACertificateFile ...
- 73
0
votes
1
answer
652
views
apache does not see my new certs, still has expired certs
In typing this question I found this:
Apache seems to be using old expired certificate even though new one is installed
His issue is mine to a T, and all things he tried more or less I did too. The ...
- 139
1
vote
1
answer
3k
views
certbot-auto renew fails
I inherited a web-server that uses letsencrypt with certbot. At first I thought it seemed straight forward, but running certbot-auto renew fails. I then did a certbot-auto certonly --apache and that ...
- 139
1
vote
0
answers
1k
views
Server saying no TLS/SSL protocols available even though mod_ssl/openssl installed and enabled
I am trying to add SSL certs to my server but when I connect via a browser it throws an error (ERR_SSL_PROTOCOL_ERROR in Chrome).
This is confirmed using testssh (https://testssl.sh/)
Testing ...
- 503
1
vote
1
answer
163
views
SSL and www - handling redirect from https://mysite to https://www.mysite
So this is obviously a 2x2 matrix - www and non-www, against SSL and non-SSL.
I want all traffic to be directed to SSL and www.
Getting http://example.com and http://www.example.com over to https://...
- 286
0
votes
1
answer
269
views
managing digital certificates for email (postfix/dovecot) and DKIM
I am seeking to make emails my server sends have a higher reputation by implementing DKIM and DMARC. I already am passing SPF with the proper DNS entries.
I also have a working Postfix/Dovecot ...
- 286
0
votes
1
answer
128
views
Ngnix Reverse Proxy With SSL Certificate
I want to configure a proxy server with Ngnix to redirect to https server. The problem is that I don't have the private key of the .crt file of the web server which I have downloaded from the browser.
...
- 101
1
vote
1
answer
966
views
SSL site is not loaded and no error
I'm trying to install the certificates are purchased from Thirdparty. Received the following error in the log and nothing else. I'm unable to find a similar solution and the ssl site is not accessible....
- 201
3
votes
1
answer
374
views
How does one change the certificate and key for https
We have a server whose original PKI certificate was issued by a discontinued root CA. We have a replacement certificate issued from a different root authority chain. This site was set up some time ...
- 337
0
votes
0
answers
457
views
Let's Encrypt SSL on Google Cloud
I am utterly failing to find a working guide for installing Let's Encrypt certificates on a single Google Cloud virtual machine.
I'm pretty clearly getting the picture that just doing the Apache ...
2
votes
0
answers
139
views
Failed to renew SSL certificates using Certbot's "dry-run" command
I was using apache for my website and created the SSL for Apache. Then for some reason, I have to change my server from Apache to Node.js. To do that I just copied the SSL certificates path from ...
- 121
0
votes
1
answer
91
views
Apply SSL certificate in a bigger context
In my default-ssl
<VirtualHost _default_:443>
ServerName example.co
DocumentRoot /var/www/html/example
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/example.co/cert.pem
...
- 139
-1
votes
1
answer
970
views
CNAME that points domain A to domain B results in a Security Warning
I'm using a service (banana.com) that allows me to use my domain (orange.com) to log in.
They mention to add a CNAME record like so:
an.orange.com. 3600 IN CNAME service.banana.com.
I did that but ...
- 3
2
votes
1
answer
4k
views
Curl verify certificate improperly
I used curl to launch a https request to download the file. I used below command:
curl -v -o Output.pdf
https://otherdomain.com/upload/manual-8mm-f35-csii-vdslr-5.pdf
The result I get is:
...
- 21
0
votes
1
answer
315
views
What will happen if client call Apache server by IP and there are two SNI virtual hosts [duplicate]
We have a Apache 2.4 web server with a couple of virtual hosts with different certificates.
I have set up SNI name based virtualhosts : ap.mmm.com and ac.mmm.com, it's working great. All on same IP (...
- 59