All Questions
Tagged with windows-server-2012-r2 ssl
69
questions
0
votes
1
answer
2k
views
Hourly fatal windows alert
On one of my windows server 2012 R2 (going to upgrade), my event logger has been filled with
Event ID 36887 A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert ...
0
votes
1
answer
168
views
Apache Server security issues
our security auditor scanned our system and here is what come up on the apache server :
-Server header: Apache exposed on port: 80
-Server header: Apache exposed on port: 443
Here are some lines in ...
3
votes
2
answers
19k
views
Windows Server 2012 R2 TLS 1.2 Issue
I am facing issues with TLS 1.2 on my Windows Server 2012 R2 (application web server,IIS), where I am unable to access https://api.nuget.org/v3/index.json via Internet Explorer even after I see that ...
1
vote
3
answers
3k
views
SSL certificates apparently confusing different websites
My VPS contains a dozen or so websites, with several SSL certificate including the following.
*.railtrax.com
*.insiderarticles.com
Currently, all the *.railtrax.com websites are working fine. But ...
4
votes
2
answers
987
views
Chromium Browsers TLS1.2 Fails with ADCS issued certificate on Server 2012 R2
tl;dr: TLS 1.2 between Server 2012 R2 and Chromium based browsers fails when using AD CS issued certs. Works fine on Server 2016+, and on 2012 R2 with Firefox/IE/Cygwin-curl.
We have several internal ...
1
vote
1
answer
1k
views
Adding registry entry for TLS 1.2 did not work
The client always communicates using TLS 1.0
, On the Client side, I am having Windows Server 2012 R2 ( which as per the documentation it supports TLS 1.2 ) After going through many forums I realized ...
0
votes
1
answer
673
views
Cannot open https://www.rba.gov.au from Windows 2012 [closed]
We have an application that downloads https://www.rba.gov.au/rss/rss-cb-exchange-rates.xml daily to get exchange rates. It stopped working a few days ago, we found that above URL doesn't open in IE ...
0
votes
0
answers
991
views
Could not create SSL/TLS secure channel error when both client and server support TLS 1.2
We have upgraded our server to only accept TLS 1.2 and disabled SHA/MD5. Now from this server, we are calling a third party API that supports TLS 1.2, TLS 1.1 and TLS 1.0. Now, whenever I call this ...
2
votes
2
answers
5k
views
How do you disable TLS 1.0 for a specific website in IIS 7?
Everything I can find on disabling TLS 1.0/1.1 and SSL 3.0 involves editing the registry to disable it at the server level.
Unfortunately our website communicates with a vendor application that still ...
2
votes
2
answers
534
views
Are SHA-1 client certificates unsupported in W10 Edge/IE11?
I'm aware that SHA-1 server certificates that chain to Root CA certificates within Microsoft's Trusted Programme are unsupported by Edge and IE11 on Windows 10, as of a couple of years ago.
We have ...
1
vote
1
answer
580
views
Getting CA signed SSL certificates for Windows servers on internal network
I'm hitting a wall here so need some help.
I am currently involved in a project that will require use of a third party software installed on one of our internal servers.
The software in question ...
-1
votes
1
answer
370
views
Secondary SSL Certificate on same IIS application
On Azure web apps, there is a default SSL certificate signed by Azure. If you add a custom domain and a certificate for that domain the Azure certificate still exists and it is visible with ssl ...
0
votes
0
answers
227
views
Cannot connect to server over SSL/IMAP from some machines, but others work fine
Since this morning, a few of the machines in our office have been unable to fetch e-mail from our domain over IMAP. The server (Windows 2012 R2, IIS 8, MailEnable) is set up to listen on ports 143 and ...
1
vote
1
answer
5k
views
Windows 2012 R2 Server - How to safely delete files from C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
On a Windows 2012 R2 Server with IIS, we have a web application which was generating certificates in C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys and persisting the keys. We have fixed the issue ...
7
votes
2
answers
2k
views
Revoked SSL certificate
We're using Paypal SDK here:
https://github.com/paypal/PayPal-NET-SDK
To help handle our webhooks. We've started receiving the exceptions:
PayPal.PayPalException: Unable to verify the certificate(s)...
0
votes
1
answer
50
views
can't bring https protocol to running
I have a wordpress website, hosted on Windows Server 2012. http is working, but https is not!
I got a SSL certificate from the provider (via digicert), and installed in into the Certificate Store in "...
2
votes
1
answer
11k
views
IIS ARR Error 502 - Web server received an invalid response while acting as a gateway or proxy server
I have an ARR IIS with a server farm that contains only one server.
the site has http and https binding. SSL certificate which installed on both ARR and content server are same and imported and also ...
1
vote
0
answers
248
views
Server 2012 R2 SMTP service not sending mail to non TLS servers
We have SMTP virtual server on server 2012 R2 server. I have configured it to use TLS connection. We do have real sertificate etc. Everything works fine except mail that is going to mail server which ...
9
votes
3
answers
63k
views
How install SSL certificate for RDS on windows server 2016?
I installed windows server 2016 for a small company, so I don't need to have domain controller on this installation and for RDS I only need RD Licensing and RD Session Host roles. But only with that ...
0
votes
1
answer
107
views
SSL Certificate installed successfully but website not accessible
I have installed Let's Encrypt SSL Certificate on a windows-server-2012-r2 machine running iis-8.5. It is an ASP.NET 4.5 website running on an Azure VM.
The installation was successful and I can see ...
2
votes
1
answer
20k
views
How to query LDAP via port 636 from powershell?
I use adsi to connect to AD and measure the latency of the connection. For same query when i replace server with server:636 , it fails. What is the easiest way to do a ldap "find" through 636 port?
0
votes
2
answers
4k
views
How to handle cipher suite mismatch between two servers
I have an IIS website running on two servers. One server is Windows Server 2016, the other Windows Server 2012. Under certain circumstances these two servers need to talk to each other.
The ...
3
votes
3
answers
15k
views
RDP presents Self-Signed certificate instead of Certificate Authority's one
Few days ago I witnessed a strange problem within my domain:
During RDP connection I see warnings about certificate being not trusted (and I see self-signed certificate, not issued by domain CA)
I ...
4
votes
1
answer
24k
views
SSLSTREAM - An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the server
i looked around a lot of similar question but none of this fixing my issue. We are upgrading to TLS 1.2 and am getting the below error which i got from Windows event log
An TLS 1.2 connection request ...
0
votes
0
answers
2k
views
SSL/TLS on IIS 8 for intranet
I am trying to setup Windows 2012 servers running IIS 8 to use https. I am running into an issue where I can get Google Chrome and IE 11 to accept the ssl certificate but Microsoft Edge and Firefox do ...
3
votes
1
answer
9k
views
GCM cipher suites are enabled but not discovered by SSL Labs test
I have the following cipher suites enabled on Windows Server 2012 R2 server.
However, when I run SSL Labs test, the test discovers only the following cipher suites and the test reports This server ...
2
votes
2
answers
10k
views
Disable TLS 1.0 and 1.1 on WIndows 2012 R2 ADFS and WAP
We have ADFS and WAP environment for publishing internal Urls on which we want to disable TLS 1.0 and TLS 1.1 as the browsers will stop accepting TLS1.0 from next year July.
As per my understanding ...
1
vote
0
answers
1k
views
IIS 8.5 403.16 Untrusted Client Certificate
I'm in the process of moving some sites from an IIS 7.5 web server (2008 R2) to an IIS 8.5 server (2012 R2) and one in particular is giving me a fit.
The site uses client certs for authentication. ...
0
votes
2
answers
5k
views
Windows, IIS, Remote Desktop: after disabling insecure ciphers for ssl, I cannot login with remote desktop [closed]
In the process of setting up an HTTPS website and in the best practices of it, firstly I disabled ssl v3 (no problem with that) and then I disabled older insecure ciphers and only enabled:
...
0
votes
2
answers
1k
views
Windows 2012 R2 - Intermediate cert keeps reappearing in root store
I have an issue with a particular Windows 2012 R2 server. For some reason, the Comodo intermediate cert keeps getting automatically installed in the root store instead of the intermediate store (where ...
0
votes
0
answers
474
views
Link CSR to certificate without IIS
I'm on a Windows Server 2012 R2 Standard server and I have a CSR that I've created and I've got the GoDaddy issued cert. But when I go to "Certificate Enrollment Requests" I don't see anything except ...
1
vote
1
answer
3k
views
SSL Cipher Suite Order GPO
Thanks in advance for reading. I'm using Win Server 2012 R2 to dish out group policies.
I've created a GPO to define the SSL Cipher Suite Order under Policies > Admin Templates > Network > SSL ...
7
votes
1
answer
40k
views
TLS Error 70 issues
I have a web application (IIS 8) on one server (Windows Server 2012) connecting to SQL Server Reporting Services 2012 on another server (Windows Server 2008) that until recently was working fine. ...
2
votes
1
answer
8k
views
SSL Security error with SQL Server 2016 sp1
I'm running SQL Server 2016 sp1 on a Windows Server 2012 r2 box. Supposedly, unlike earlier versions of SQL Server, SQL Server 2016 is compatible with TLS 1.2 right out of the box.... Right? Anyway,...
0
votes
0
answers
122
views
Server ONLY connects via TLS 1.0
I have a server running Windows Server 2012 R2. It has TLS 1.2, 1.1, and 1.0 configured. However, when making outgoing/remote connections it only seems to want to connect to other servers via TLS 1.0. ...
2
votes
2
answers
5k
views
Site stoppped working on http after adding ssl/https
My site, lets say abc.com was working on http and not on https. After adding these lines to httpd.conf,
ServerName abc.com
DocumentRoot "c:/wamp/www/"
Listen 443
SSLEngine on
SSLCertificateFile C:/...
3
votes
2
answers
19k
views
Install SSL certificate on Apache Windows Server 2012 R2
I am a developer. Our server admins have given me 3 files. .cer, .pfx and .p7b and told me to install SSL in Apache Server. I have Wamp with Apache version 2.4.9. I have search and found something. I ...
1
vote
1
answer
18k
views
"Can't contact LDAP server (-1)" error for LDAPS to Server 2012
When attempting to connect to Active Directory on Window Server 2012 (possibly R2) over LDAPS, ldapsearch produces one of the following errors (at the end of a longer output):
$ ldapsearch -H ldaps://...
1
vote
1
answer
2k
views
SSL Certificate Is Not Installing Properly in IIS 8
I am trying to install .cer format SSL Certificate in Windows Server 2012 and IIS 8 using the Complete Certificate Request wizard.
After that, the certificate cannot find under the server ...
-1
votes
2
answers
91
views
New certificate only served if domain is trusted
The SSL certificate for one of our sites expired and I've been given the task of renewing it despite not being a server admin of any sort. I've completed the certificate request and added it to the ...
0
votes
1
answer
716
views
Which is the correct port for a SMTP Server with certificate in Windows 2012?
I managed to create and install a SMTP Server under IIS 6 in Windows Server 2012 R2. I set the port to 25 and I created a Windows account to authenticate to it before sending emails. Moreover, this ...
0
votes
2
answers
9k
views
Is there a way to test a SSL certificate for a SMTP server?
A couple of months ago, my company bought a Rapid SSL Certificate which supports until 256-bits cryptography and which is used both for communication between our mobile apps and our server and to send ...
3
votes
3
answers
23k
views
How to disable TLS 1.0 without breaking RemoteApps on server 2012 R2
Please note, this scenario is different from asimilar one:
How do I disable TLS 1.0 without breaking RDP?
The linked question is about RDP and disabling TLS 1.0.
This question is about RemoteApp's ...
2
votes
1
answer
28k
views
How to enable TLS for SMTP in II6 on Windows Server 2012 R2
I correctly bought a SSL certificate for my domain www.omniservice2.it from Aruba Business on my server with Windows Server 2012 R2.
I correctly installed the certificate in IIS 8 on every site and ...
-2
votes
1
answer
37
views
How to determine what Microsoft kb is at fault (no https connection to legacy devices) without uninstalling them all?
I just inherited a 2012 r2 server that is having issues accessing legacy https devices. I know it is due to kb articles due to previous experiences.
I don't want to do regression testing, is there a ...
1
vote
1
answer
781
views
Associate new PKCS #7 Certificate (.p7b) with old/existing private key
I have been issued with a new PKCS #7 Certificate (.p7b) file, with which I need to replace the current soon-to-expire certificate on my server and assign to a binding in IIS.
I imported the file ...
2
votes
3
answers
4k
views
IIS 8.5 server not accepting a TLS 1.0 connection from Windows Server 2003
(If you're wondering why I'm trying to enable cipher suites that are deprecated, the short answer is that it's for the few people who really can't use anything newer because they're stuck on Windows ...
2
votes
0
answers
140
views
Internal EV SSL From A Windows Server 2012 R2 Root CA Shows Up As A Normal Certificate
I am trying to setup an internal ev ssl server for all of my internal applications giving ie the little green bar and chrome displaying my company name. It works fine in IE displaying the green bar as ...
2
votes
0
answers
426
views
Audit RDP security layer used for each logon
I'm looking for a way to monitor the security layer used when a user log on a windows 2012 R2 server with RDP (SSL or RDP, encryption level).
I haven't found anything useful in "Advanced Audit Policy ...
1
vote
3
answers
14k
views
TLS 1.2 client hello triggers TCP Reset from 2012 R2
Struggling with a PKI implementation in my lab (ADCS 2012 R2) and cannot for the life of me figure out where I have gone wrong.
Got all the way to the point of being able to generate SSL/TLS certs ...