All Questions
7,775 questions
1
vote
0
answers
80
views
apache SSL error after boot, but ok after systemctl restart
This is a weird one, I have a custom compiled apache 2.4 on an old CentOS 8 box, and I'm seeing odd behaviour at boot time.
I have a systemd service file :
[Unit]
Description=Apache 2.4 for Moodle
...
- 31
1
vote
0
answers
47
views
NGINX SSL configurations sometimes point to the wrong domain with multiple virtual hosts
Question:
I am running an NGINX server with approximately 150 virtual host configurations. Occasionally, clients report that their SSL certificate is incorrect, and their domain points to another ...
- 11
0
votes
2
answers
79
views
How to make Edge and Chrome trust self-signed certificate?
Background:
I’m hosting a local server with multiple services on a Linux machine (Ubuntu 20.04) at myIP.
My NGINX configuration uses a self-signed SSL certificate to serve the following domains:
...
- 1
1
vote
0
answers
51
views
MariaDB: Hostname verification failed on startup
Running MariaDB11.5.2 on Debian 12.
I configured TLS which works perfectly. To make it work from shell, I configured
[client-mariadb]
host = dbhost.domain.tld
Now, I can connect from shell without ...
- 485
0
votes
0
answers
63
views
monit states that certificate is expired but its not
I use M/Monit to monitor my servers. For a few days, this test is broken. It seems the test uses another certificate than I see in the browser.
check host cloud.example.com
with address cloud....
- 485
-1
votes
1
answer
70
views
Running https on non-standard port with NGINX returns ssl too long
I want to run an instance of redmine on port 5020 of my VPS
This is my nginx site-available config:
server {
listen 5020 ssl default_server;
listen [::]:5020 ssl default_server;
...
- 99
0
votes
0
answers
31
views
Email service error SMTP Error (454): Connection to server failed, virtualmin panel
I have error with SMTP setup with roundcube.
When i send the message this message show to me:
SMTP Error (454): Connection to server failed
I checked every things like:
check the config.inc.php for ...
- 1
-1
votes
0
answers
10
views
SSL Errors when Accessing Cloudflare Sites through Wireguard VPN [migrated]
I'm running Pi-hole, PiVPN, and Unbound on an ARM Compute Instance from Oracle Cloud. My client is a Windows machine behind CGNAT. When connected to PiVPN, I'm experiencing issues accessing websites ...
- 1
0
votes
1
answer
117
views
OpenSSL routines:ssl3_read_bytes:tlsv1 alert internal error with kubernetes and caddy
My domain androz2091.fr is pointing to a single-node kubernetes cluster. Caddy is installed on the node (on the host, not inside k8s), and uses the cluster DNS to redirect to the right service.
Here ...
- 101
0
votes
0
answers
27
views
SSL Error connecting to Azure SQL
A connection was successfully established with the server, but then an
error occurred during the pre-login handshake
I am getting this error when testing from SSMS and also from linked servers and ...
1
vote
0
answers
20
views
Data Size difference Between Client-Proxy and Proxy-Server Connections with CONNECT Proxy
I have a small setup which I have a wss server running on port 4433. I also have a client trying to access the wss server via a CONNECT proxy. My understand of CONNECT proxy is that proxy will create ...
- 111
1
vote
2
answers
141
views
Varnish redirect Issue
I have an nginx vhost for a magento instance in a dedicated server
nginx.conf
user www-data;
worker_processes auto;
worker_rlimit_nofile 50000;
error_log /var/log/nginx/error.log notice;
pid ...
- 155
1
vote
0
answers
88
views
How to resolve nginx SSL error
I'm running nginx on a Raspberry PI which has reserved & allocated LAN address of 192.168.2.10 on router 192.168.2.1. When I put http://192.168.2.10 into Firefox, I get SSL handshake Failure in /...
- 11
1
vote
1
answer
70
views
Dovecot is not complaining about self-signed certificate while connecting to PostgreSQL over SSL
I enabled SSL on my PostgreSQL database and enforced it using pg_hba.conf with the following line:
hostssl all all 0.0.0.0/0 md5
From the PostgreSQL connection logs and network traffic captured via ...
- 121
0
votes
0
answers
60
views
Website with SSL running on Ubuntu with Apache which serve Mattermost, give "Server Not Found" error after using Mattermost App on desktop
After installing Ubuntu Mattermost, the application gives the error "address not found" shortly after using Mattermost App on Desktop.
Notes:
SSL is installed for sub.domain.com and domain....
0
votes
0
answers
37
views
Nginx using same port to redirect HTTP to HTTPS [duplicate]
I am making web app using Docker, and nginx as reverse proxy. I have problem with custom port in docker. I would like to redirect user who use HTTP:// instead of HTTPS:// using only one port.
It's ...
- 13
-3
votes
1
answer
57
views
Can you replace the characters of an ssl certificate on-screen with all stars'***********' so they cannot do a print screen or hidden camera pic? [closed]
Can you replace the characters of an ssl certificate on-screen with all stars'***********' so they cannot do a print screen or hidden camera pic to duplicate your ssl cert and gain access to your ...
0
votes
1
answer
44
views
Is it good practice to substitute an organization SSL certificate into an HTTPS connection?
I run a scientific web site, call it site.org, that is mirrored at three locations, all listed in DNS as site.org so that clients will choose a specific mirror at random. The individual mirrors are ...
-1
votes
1
answer
142
views
Reverse Proxy infront of Reverse Proxy (domain based routing)
Here comes a probably strange question that is probably also wrongly asked.
I have the following network structure/plan...:
enter image description here
The idea is that someone who is responsible/...
0
votes
0
answers
43
views
haproxy as reverseproxy ssl offloading with two apllications on port 443
I am experiencing some issues with HAProxy running as a reversproxy and redirecting traffic to two different applicarions on port 443.
Application2 is working fine with the configuration below.
...
0
votes
0
answers
60
views
Apache SSL crash after some time, doesn't serve the SSL cert
I'm currently experiencing a weird issue with Apache 2.4, after some time (like 1 day), my apache doesn't serve the SSL certificate that is installed in the virtualhost. I have to restart apache in ...
- 11
0
votes
1
answer
56
views
IIS 10: renewal CSR invalid?
When I use "Create a renewal certificate request" in IIS 10 (to try and renew an existing and expired certificate issued by Sectigo), the external CA (Sectigo) says that the resultant CSR is ...
- 336
0
votes
0
answers
410
views
Can't connect to MariaDB after enabling TLS on localhost
MariaDB 11.5.2 on Debian 12.
I've created certificates for my server, located in /etc/acme and mode 644 (owner root, group mysql)
/etc/mysql/mariadb.conf.d $ cat 99-bsz.cnf
[mysqld]
bind-address ...
- 485
0
votes
1
answer
61
views
nginx stream https passthrough with ip access limitations based on hostnames?
I have just set up stream pass through using ssl_preread in nginx, but I can't for the life of me figure out how to, using this method, ban access to specific upstream servers for certain ip ranges.
...
- 3
0
votes
0
answers
127
views
How can I set up vault with TLS in dev mode via helm
I am trying to test a helm deployment that interacts with Hashicorp Vault. I am currently setting up TLS encryption and want my tests to run using TLS against the vault server while it's in dev mode (...
- 111
0
votes
0
answers
54
views
(Debian) Rsyslog unable to capture tls traffic on rsyslog
I am unable to capture tls/udp syslog (ports 443/514) via rsyslog on my debian bullseye. Appreciate any help regarding this!
I have gone through both Rsyslog through TLS and Rsyslog not capturing ...
- 101
0
votes
1
answer
405
views
Ubuntu 24 certificate error "unknown issuer" using Firefox
My company has implemented an upstream device that does decryption and this requires all boxes to have the root CA certificate installed.
I copied the ca certificate in pem format and did the below. ...
- 103
0
votes
1
answer
255
views
Nginx - Cloudflare ssl handshake failure sslv3
My website is www.maiart.org and I am unable to connect to my website, if I enable proxying on Cloudflare. I have Nginx running on ports 80 and 443, and have installed the Cloudflare origin certifcate....
- 31
0
votes
0
answers
33
views
passbolt can't send TLS mails to postal server
If you think this question is better suited for stack overflow or superuser, then tell me and I will close the question and repost.
I'm having a passbolt server running as docker container.
I'm also ...
- 299
0
votes
1
answer
88
views
Access Aruba S5300 Web GUI with Modern Firefox Browser
Context: We have multiple Aruba S5300 switches on the networks we maintain. After a "factory reset," we usually go to the web GUI at https://172.16.0.254 to do the initial configuration.
A ...
- 35
1
vote
0
answers
362
views
Xray Core does not respond to domain search
Im currently trying to setup Xray-core and 3x-ui to make residential proxies as explained in this SO question. Im on macOS but I downloaded UTM and created a Linux VM. I downloaded both Xray and 3x-ui ...
- 61
0
votes
0
answers
679
views
Nginx Proxy Manager "502 Bad Gateway- openresty"
I've recently set up NPM for some servers on my backend and everything seems to be working just fine for most except for a couple servers that seem to return a "502 Bad Gateway" errors even ...
-1
votes
1
answer
142
views
nginx working on http but on https giving 502 error
server {
listen 80;
listen [::]:80;
server_name pelot.ir; # Replace with your domain name
location / {
proxy_pass http://127.0.0.1:5000;
proxy_set_header Host $host;
...
- 99
0
votes
0
answers
64
views
Using csi secrets store volume mounted cert with ingress controller
As the docs state (https://kubernetes.io/docs/concepts/configuration/secret/) kubernetes secrets are not too safe to use and one should strive to use external stores.
But I am struggling to understand ...
- 221
0
votes
1
answer
177
views
Trouble to setup tls with kubernetes: "ERR_SSL_PROTOCOL_ERROR"
I'm trying to setup tls/https for my kubernetes-pod. I configured an ingress rule and I've a got service as loadbalancer. I obtained my certificate from my provider. Not sure, how important that is: ...
- 101
0
votes
2
answers
69
views
Configuration to get web server to use certificates mounted in kubernetes deployment
Im looking to have my application running in a kubernetes cluster use the certificate mounted in a volume defined in my deployment.yaml file.
I am not using ingress, instead I have my service set up ...
elementmg
0
votes
1
answer
143
views
Need help to edit NGINX config for SSL
I keep getting errors when adding SSL syntax.
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate /etc/nginx/ssl/example.crt;
ssl_certificate_key /etc/nginx/ssl/example.key;
...
0
votes
1
answer
250
views
Serving two Docker containers with SSL using Nginx
EDIT: I forgot to mention that both flutter.example.com and nodejs.example.com need to be available externally- as a website and api service for a mobile app respectively.
Edit 2: I feel a bit silly, ...
1
vote
0
answers
80
views
Ansible Automation Platform not Syncing with Gitlab project
AAP 2.4 Project not syncing GitLab using PAT and my error is
SSL certificate problem: self signed certificate in certificate chain.
I really don’t want to disable https and not sure if I download the ...
- 21
0
votes
1
answer
53
views
Redirection www to non-www on Nginx gives me 400 bad request
I'm trying to redirect all www to non-www domain address. I have installed my LetsEncrypt SSL for non-www domain. non-www domains are working fine. I have configured www to non-www redirection on my ...
- 11
0
votes
0
answers
185
views
Installing SSL + HTTPS using a reverse proxy like caddy on Android to enable secure connections for my server Emby
I want to install a reverse proxy useful because I want to put online my emby server on top of Android 14 using https on port 8920.
I have fixed the 443 error in this way :
sudo setcap ...
- 143
0
votes
0
answers
38
views
Transfer a domain from namecheap to cloudflare
So I have a .com domain deployed on digitalocean with https - certbot. After i make the transfer do I need to change anything https wise? I see cloudflare has its own https process which needs some ...
- 103
0
votes
0
answers
1k
views
CURL : (35) OpenSSL SSL_connect
I'm making a GET request to an endpoint. It returns the following error.
The URL is reachable from a browser, and the request is executing in a docker container behind corporate proxy.
Command:
curl -...
- 1
3
votes
2
answers
918
views
Is it a good practice to share a certificate between two applications
I have a mail server and a postfixadmin application sharing the same certificate for https and postfix TLS encryption.
Is it a good practice?
Thanks in advance for your Help.
- 29
0
votes
2
answers
181
views
Kubernetes on aws ec2 - private registry certificate signed by unknown authority
Issue Summary
I have a Kubernetes cluster 1.30 running on 3 AWS EC2 servers, 1 master node, and 2 worker nodes. I am trying to deploy a private container registry using the registry:2.8.2 image of the ...
piyush sachdeva
0
votes
0
answers
173
views
Can I use haproxy to load balance QUIC/HTTP3 connections without terminating TLS
I have ingress-nginx running on a 3-node k3s cluster. In front of that, I have haproxy running, attached to my public IP and using proxy protocol to send HTTP/S (et al) connections to the cluster, and ...
- 351
-1
votes
1
answer
100
views
eclipse-mosquitto ED25519 ca md too weak
I'm finding it very difficult to get the right combination of elements to have python paho-mqtt communicate securely with an eclipse-mosquitto container, although this question is only about the ...
- 97
0
votes
0
answers
45
views
Apache Reverse Proxy - prevent AutoSSL from following redirects in Apache includes?
I have a cPanel server in which I wrote an include config file with a reverse proxy to point it to a react application hosted on the server.
Here is an example:
ServerName my.website
ProxyRequests ...
- 103
0
votes
1
answer
265
views
Openssl cannot verify CA cert and then it can verify it all in the same operation?
Open ssl debug reports first that it cannot verify the CA cert, and then that it can verify it during the course of just one command, why?
openssl s_client -connect 3d.example.com:443 -debug
depth=0 ...
- 340
0
votes
1
answer
113
views
Nginx one client always gets 503 and the error is never logged
Why would nginx be not logging the request for some failed requests?
eg There are 2 clients x.x.x.1 and y.y.y.2 both hitting the exact same URL on my site: "/foo/bar". In the logs I see the ...
- 340