All Questions
23 questions
9
votes
5
answers
3k
views
How to upgrade the TLS on old server without reinstalling the core OS?
I'm in a rather sticky situation. Currently my server supports TLS 1.2 but not TLS 1.3 (security protocols).
It has the following installed:
Linux version 2.6.32-431.29.2.el6.x86_64 #1 SMP
OpenSSL 1....
- 91
0
votes
0
answers
164
views
Pure-ftpd set up for TLS "AUth command unsupported"
I enabled TLS on pure-ftpd as per instructions. Created DH file, installed certificates, increased the logging level.
Now, when connecting from filezilla, I receive a hello stating that TLS is enabled/...
- 1
0
votes
0
answers
191
views
Wget show error certificate of <domain> name was signed using an insecure algorithm, while curl works
We are trying to check domain
wget domain <like httpx://abc.com>
we are getting error "The certificate of domain(abc.com) was signed using an insecure algorithm. But SSL certificate is ...
0
votes
0
answers
827
views
Kubectl get pods ERROR: couldn't get current server API group list: Get "LINK": tls: first record does not look like a TLS handshake
My K8s cluster is running on Azure VM. I'm facing with a TLS error when I try to get something from a cluster. However the config of k8s is correct and it has the public IP I need, also it has all the ...
- 1
2
votes
1
answer
538
views
Client-side TLS proxy?
Does a client-side proxy exist that would transform my HTTP request into HTTPS before sending it to the server?
Meaning that my software application sends an HTTP request to this client-side proxy, ...
- 141
0
votes
1
answer
3k
views
Is it possible to use AdGuard Home with DNSSEC to DNS over TLS but with a Bind9 internal DNS Server downstream of AdGuard?
In the diagram I threw together the left hand side shows my current LAN's DNS query path, I would like to have it as shown on the right hand side with AdGuard and DNSSEC or DNS over TLS if possible I ...
4
votes
3
answers
6k
views
Make Thunderbird request certificate on port 993, not 443
I am trying to create a certificate exception in Thunderbird, for a specific server <servername> (I am specifically asking not to be lectured about how it would be better to have an acceptable ...
- 103
2
votes
1
answer
1k
views
nginx data corruption when kTLS is enabled. Any ideas why?
I am using a 5.6 kernel with kTLS feature enabled (shown below):
CONFIG_TLS=y
CONFIG_TLS_DEVICE=y
While installing nginx with OpenSSL support, I have enabled extra feature 'enable-ktls' for OpenSSL ...
- 21
0
votes
1
answer
1k
views
How can I globally restrict OpenSSL from SSL and TLS < 1.2, on Linux?
I've been asked to disable the use of all SSL, and TLS < TLS 1.2, globally on one of my Centos boxes. Its been suggested that I should be able to do this in the openssl library.
I'm reasonably ...
1
vote
0
answers
732
views
How to configure and connect a IEEE 802.1X EAP-TLS wireless network with ConnMan on Debian 10?
I want to connect with ConnMan on a Debian 10 Mate to a hidden wireless network that uses IEEE 802.1X EAP-TLS. I know his SSID. I have a .p12 extension certificate. I can't set the GUI.
So I created ...
- 11
0
votes
1
answer
6k
views
lftp behind firewall – what ports need to be opened?
I need to setup a secure file transfer from Linux client to z/OS ftp server using TLS 1.2 secure protocol. I am trying to use the lftp client for this purpose.
My Linux server is behind a firewall. I ...
- 1
3
votes
1
answer
2k
views
Does a cert's filename matter?
Our product is running postfix and nginx as docker services. We initially deploy with a self-signed cert that is named <our-company>.com.cert along with a .pem and .key. These are mounted as a ...
- 133
0
votes
1
answer
340
views
Force all outgoing HTTP connections to use TLS
Is there a solution for Linux to force all unencrypted HTTP traffic (client side, I'm already aware of server TLS termination) to go through TLS transparently for the HTTP application?
- 111
1
vote
1
answer
613
views
certbot certonly dynu (dynamic dns) timeout during connect even though the URL is accessible
I see other questions with the same error but their answers/resolutions do not work or apply to me.
My setup:
I have a server at home behind a router
There is no firewall on the server and it is ...
- 468
0
votes
2
answers
116
views
Building a program in Linux
I am a Windows user but I need to use a Linux tool. I am using Ubuntu. The tool's website here provided a file named: build-x86-64.sh which I installed it. It then says all what you need is to run: % ....
- 579
1
vote
1
answer
2k
views
curl HTTPS problems in debian 9
Recently I started to use Debian 9 (9.4, from Debian 8.x) and a script involving curl stopped working. I connect to internet through a squid proxy on localhost connected to a parent proxy.
My ...
1
vote
1
answer
774
views
one way ssl with curl
I know there are many topics and articles out there but I am really spinning my wheels on this one.
I have an NodeJS instance running on TLS. I need another server to connect to it using cURL. ...
- 111
1
vote
1
answer
230
views
HipChat times out on Linux (but not Windows)
On my office's network, using Linux on my laptop, I cannot log into or use HipChat. When I try to go to https://www.hipchat.com/sign_in in Chrome, I get an ERR_EMPTY_RESPONSE (no data received). The ...
- 284
1
vote
0
answers
1k
views
FusionDirectory: OpenLDAP with SSL or TLS
I have looked around and found a lot online about how to set up TLS for OpenLDAP. The basic idea is adding the olcTLS items to include cert, key, cacert in cn=config.
However, with FusionDirectory, ...
- 129
0
votes
2
answers
3k
views
TLS curl POST resulting in SSLv3 error
I am trying to make a POST request via curl to a server that only supports TLS 1.2, TLS 1.1, and TLS 1.0. However, even when I try to specify the need for TLS instead of the default SSL v. 3 (adding --...
- 213
2
votes
1
answer
2k
views
Pure-FTPD certificate not being used
I am using Pure-FTPD from the epel repository on CentOS 6. Now I have configured to enable TLS which works fine however for some reason it wont make use of the certificate file I have placed in /etc/...
- 121
3
votes
2
answers
11k
views
OpenVPN Linux client - tls key negotiation failed to occur (FrootVPN)
I'm using the free FrootVPN service (works flawlessly on Windows). However on Linux I can't manage to get it to work. FrootVPN's support webpage is broken so I can't message their support.
I know ...
- 143
2
votes
1
answer
2k
views
connect to windows vpn (peap) from linux
Our admin just changed the vpn stuff to something different and I'd like to know how to connect to the windows vpn from a linux (debian testing) box.
a certificate file (in p7b format, which I was ...
- 21