This page is not secure (broken Https) - ssl

I am trying to put my software "which is a website" on the client’s own server, and I have installed the ssl certificate on the server. when I open the website from the server then the connection is secure. But when I launch the website from any other machine which is on the same local network with the server, then I got the message from the browser that this Page is not secure (broken HTTPS) Certificate-missing. Its not logic that I have to install the ssl certificate on each machine. I mean its installed on the server then each local machine should see the link as secure just as the server!

Related

Can't get PLEX Media Server run with valid SSL Certificate

i have installed a PLEX media server on my NAS an want to install my issued SSL certificate for my custom domain name (eg. customdomain.ddns.net).
I have setup PLEX media server running on port 32400 (default) and setup the port forwarding on my router for external access.
Then i followed the instructions on this page: https://blog.stefandroid.com/2021/08/27/plex-with-lets-encrypt-certificate.html but using an ordered certificated for 1 year.
The domain name is issued and setup correctly and i created a valid .p12 file from the certificate.
I entered all the information on the "Network" settings page in PLEX. But when i open up plex via my custom domain with port 32400 (https://customdomain.ddns.net:32400) i still get an certification error:
This server could not prove that it is customdomain.ddns.net.
Its security certificate is from *.17ed1f92d4c64c4cb135d9dd79589f7e.plex.direct.
Does anyone has a clue what am i doing wrong? And i don't want to use a reverse nginx proxy, cause that is not possible with my setup.
Thanks!

HTTPS Connection over LAN

I am new to server management and all that HTTP stuff. I am setting up an internal server for my home to serve websites internally, my website needs to register a service worker and for that, I'll need an SSL Certificate and HTTP connection, which seems impossible in my case as all localhost or internal IPs are served over HTTP with untrusted SSL Certificates.
If anyone could suggest a way around serving websites over HTTPS with trusted certificates so that service worker can be used.
Note: I'll be using Xampp Apache for my Linux server with a static internal IP.
If you need 'trusted cert for any client', I may say "no way".
But if you need 'trusted cert for your client only', you have a way to do that.
I guess you published self-ssl cert for your Apache. In the case, you just install the cert into your client.
example: The following link tell us the case of client = Chrome on Windows.
https://peacocksoftware.com/blog/make-chrome-auto-accept-your-self-signed-certificate
If you use any programming language as a client, you may need another way to install the cert.

Allowing websockets over https for local server

I need some direction for projects i made.
I have an existing node-red in local server that send data using websocket to my domain in my hosting. Everything is working fine over http but the problem occured when i used https for my domain. I used websocket ws: before then i changed it wss: to work over https but it still did not work because i realize i need SSL certificate for my local server too. Then, I used self-signed certificate for my local server. It works but i have to manually input my local server DDNS in my browser to allow wss first then back to my hosting domain, i can't expect the users to do this.
I used DDNS on my local server because i have no static IP. I try to call for my ISP for provide static IP but it can't be done in the near future.
Because i have no static IP i can't register domain and i can't use CA Certificate for local server SSL.
My question is:
Is there a way to allow ws to work over https?
If not, is there a way to allow unsafe wss on my domain page over a button or a prompt when user go to my page? so user don't have to manually input my local server DDNS.
Or other way you may suggest.
No, Websocket connections are bootstrapped over HTTP, Secure Websocket connections over HTTPS. The TLS session is setup by the HTTPS connection.
It's not clear what you are asking here. But the only way to get a self signed certificate to work with a websocket connection is to install that certificate into the browsers trusted certificate store before trying to access the site. The browser will not prompt to trust a certificate for a websocket connection.
You can use Letsencrypt with a proper Dynamic DNS setup. This is where you have a fixed domain name and a script on your machine that updates the IP address the domain name points at. The hostname will stay the same so the certificate issued will always have the correct CN/SAN entry. Letsencrypt certificates are signed by a trusted CA certificate that will already be present in your browser.

Do I need to install SSL on my server?

I have a virtual server with a few websites on it. To be honest I know next to nothing about SSL. When Itry to log in to my servers Web Host Manager or any of my sites Cpanels I get a screen (In chrome) saying "This website is not trusted". Is this because the server needs to have SSL installed on it?
Maybe it's not even to do with SSL, but any explanation is appreciated.
SSL secures your conecction between your browser and the server. If you have important data there you should install SSL to protect your connection from "sniffing".
SSL is network protocol so you have to install it or enable it on the server.
here is resource for installing/enabling SSL on Apache server:
http://www.digicert.com/ssl-certificate-installation-apache.htm
and here is how to install/enable SSL on IIS:
http://support.microsoft.com/kb/299875

Cannot Access LDAPS from webbrowser on Hyper V virtual machine

We have an test environmnet where the physical AD server is set up for LDAPS connections and a Hyper V virtual machine running the webserver with our AD management web app loaded up. We have set up the x509 certs on both the physical AD server and on the virtual webserver. We are able to link to the AD server using SSl via Ldap.exe with no problems. When we try to access through the web browser it fails to connect. The event logs show an Schannel event with
"The certificate received from the remote server was issued by an
untrusted certificate authority. Because of this, none of the data
contained in the certificate can be validated. The SSL connection
request has failed. The attached data contains the server
certificate."
If we try the same thing from two phyisical boxes it works fine and likewise if we try to access the AD server from a virtual machine without using LDAPS it works fine.
I have gone on to the server and via the certificate snap in deleted the hyper v virtual machine management's self signed trusted root cert and restarted the service with no change. I can't find anything else relevent to our setup to try.
Anyone have any insight in to what we are missing on the virtual machine that is causing this failure?
According to me the message :
"The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate."
Indicates that you do not intstall the public key certificate of the certificate authority on your client (Virtual Web server) certificate repository.
Try to install it on computer repository, but also on the reposository of the user which is in charge to start IIS.