if someone knows what causing this error and how to fix it, there support is way to slow. So client paid for renewal but once i try to execute renewal command (Thesslstorefullv2 / Renew) via module i got following error.
**Module Command Error
The order is not in the state for renewal.
**
Its certificate is Comodo SSL Certificate (DV) and its 24 months period.
Thank you very much <3
Well it work well until know so i have no idea what to try, only thing i tried is to restart the API keys but that dose seem to help.
The certificate is most likely not due for a renew but rather a reissue.
The SSL certificate will last for 396 days. After this, the certificate will need to be reissued, even though you paid for 2, 3 or 4 years up front. It needs to be reissued at least once per year.
Related
I'm getting errors, such as the one below, in my /var/log/mail.log file.
Apr 9 18:28:29 blueberry postfix/smtps/smtpd[13294]: warning: TLS library problem: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired:../ssl/record/rec_layer_s3.c:1544:SSL alert number 45:
I'm 100% sure the certificates are valid since I'm using them on my websites, all of which couldn't be happier with them. Postfix was also happy previously, but since I renewed the certificates it's been spamming this when my Nextcloud server tries to (and can't) connect to the mail server, despite my mail client still working (although without rDNS as I didn't manage to get my provider to set it up).
I assume the blame is somewhere with Nextcloud - presumably the php handler for mail. Another thing that could be at fault that I tried to check is OpenSSL, but I have no idea how to replace its certificates with my own (generated by Acme.sh).
Both dovecot and postfix have in their config mentioned the correct path to my keys, hence the assumption above.
EDIT: Fixed it.
So, turns out, when I updated my certificate locations when I changed the method of acquiring them (certbot vs acme.sh), I got a typo in one of the filenames. /etc/dovecot/conf.d/10-ssl.conf was correct and so was /etc/postfix/main.cf, but /etc/postfix/vmail_ssl.map had a typo which I didn't see previously - and so was throwing a certificate error.
Are wallets dedicated to the pc where we have created them? or can I move my ewallet.p12 file to another client?
If the answer is "yes, why not?" then could you take a look below?
I did:
create mijn_wallet on a pc on which I could find a proper oracle client installation
download the certificate to a folder
add certificate to mijn_wallet
then I tried to reach to https web site that I've gotten the certificate from.
...
utl_http.set_wallet('file:C:\ora_wall', 'foo');
l_req := utl_http.begin_request(l_url);
l_result := utl_http.get_response(l_req);
however, I keep getting the same sql error message: Certificate Validation Failure
Do you have any suggestion? Thank you very much.
downloading "a certificate" is not enough. moments ago I downloaded all the certificate chain, then imported to my wallet. Now it works..
I'm trying to retrieve data from an open data api. I have downloaded the certificate from the site and imported it into STRUST (SSL Client Anonymous).
Then I created a HTTP connection to external server in SM59. In the beginning it worked fine, until last week when the api changed its URL and so its DNS.
Of course it could no longer be reached by the current host. So I did above steps again for the new URL (changed everything accordingly like hostname etc. in SM59), but this time I receive following error:
SSL handshake with 'hostname:port' failed: SSSLERR_CONN_CLOSED (-10)#Remote
Peer has closed the network connection##SapSSLSessionStartNB()==SSSLERR_CONN_CLOSED##
Anyone has an idea on how to solve this?
On another forum someone helped me solve the problem. He pointed me out that the problem lies with SNI see: https://security.stackexchange.com/questions/101965/ssl3-error-when-requesting-connection-using-tls-1-2/102018#102018
https://en.wikipedia.org/wiki/Server_Name_Indication
To solve this problem you need to add following parameter: icm/HTTPS/client_sni_enabled and set it to TRUE on the DEFAULT profile. Afterwards you need to restart the application server in order to activate the effects of the parameter.
Link to the full question on SCN: https://answers.sap.com/questions/473015/sap-ssl-handshake-failed.html
EDIT:
I came across this error again later on, but this time it seemed that the error was caused because we used a certificate with TLS 1.2 which was not supported by our system. You can check this link: https://launchpad.support.sap.com/#/notes/510007 we implemented number 7 to fix this.
A couple of days ago I tried to renew my ssl certificate. From my provider I got the usual private key, intermediate and public key. So I went ahead and exchanged the files on my server. But ever since I did that the website hasn't been working anymore. In Chrome I always get the error "ERR_CONNECTION_CLOSED".
So I enabled ssl debugging for apache in my vhost config. I found the following error in the logs but couldn't figure out how to solve this:
AH00566: request failed: malformed request line
Has anyone seen that error before? I already googled but couldn't find any helpful information.
Any advice and suggestions will be greatly appreciated.
Thanks,
Andreas
I did my project in MEAN stack. I have installed GeoTrust Wildcard SSL certificate. It worked very well till yesterday. From today morning onward, it returns an error : "Your connection is private".
I don't know why this error occurs suddenly in any browser while run an application. It required to adding manually in exception lists to visit site. Right now I am not able to keep going my site. Certificate having 1 year validity and it was renewed in last month.
Please review attached images.
Give me guideline to solve this issue.
The certificate installed has expired. Looks like you have not installed or assigned the new certificate to your website.