Sorry, I'm a beginner and I'm starting to configure my vps.
Configuration :
débian 9 stretch
apache2.4.45
mariadb : 10.4
php 7.4.4
When I perform apt install phpmyadmin, I don't get any alert message regarding SSL. However when I try to update phpmyadmin, I get an alert message:
SSL is not used
How to keep SSL protection?
P.S. - I have an HTTPS connection with my domain.com.
Server: localhost via unix socket
Server: mariadb
**Connection to the server: SSl is not used**
server version: 10.4.12 mariaDB-1: 10.4.12 + maria-stretch mariadb.org binary distribution
protocol version: 10
.....
phpmyadmin:
Version: 5.0.2
Thanks for your help
Related
I'm using 'OpenConnect version v8.05' on Red Hat Enterprise Linux 8.1 (Ootpa) in order to connect to a server.
The server only accepts SSLv3, TLSv1.0 ciphers and I don't have access to the server for security update/upgrade.
When I try to connect:
[root#RHEL8 ~]# openconnect --authenticate XXX.XXX.XXX.XXX:443 -status -msg -debug
MTU 0 too small
POST https://XXX.XXX.XXX.XXX/
Connected to XXX.XXX.XXX.XXX:443
SSL negotiation with XXX.XXX.XXX.XXX
SSL connection failure: A packet with illegal or unsupported version was received.
Failed to open HTTPS connection to XXX.XXX.XXX.XXX
Failed to obtain WebVPN cookie
I have changed OpenSSL Min SSL Protocol by changing:
/etc/crypto-policies/back-ends/opensslcnf.config
MinProtocol = TLSv1.0
Now I'm able to handshake the server using 'openssl s_client -connect'. But the openconnect client is not yet able to connect to the server.
How can I force it to use TLS 1.0?
I have filed an issue on their community issue tracker and got useful info.
It is possible to allow this insecure connection with any version newer than 8.05(currently not available on rpm repositories) as mentioned by the maintainer:
$ ./openconnect --gnutls-priority "NONE:+VERS-SSL3.0:+VERS-TLS1.0:%NO_EXTENSIONS:%SSL3_RECORD_VERSION:+3DES-CBC:+ARCFOUR-128:+MD5:+SHA1:+COMP-ALL:+KX-ALL" ***
I have new server windows 2019 standard Edition, with IIS 10 installed on it I exported my wildcard SSL from my old server to the new server my website can work successfully on http only while on https it gives an error can't open and gives this error
https://www.screencast.com/t/zgpV7hnUw
I tried to create a new request and get a new certificate also get the same error, also I enabled SSL 3.0 in the registry but also no result.
also, strange behavior when I tried to test the SSL with ssllabs website I found the response successful with grade A
Any advice
Thanks in advance
To resolve the issue you could try below things:
1)Open iis manager.
2)select your site-> bindings.
3)add binding with the below values:
type: https
IP: all assigned
port: 443
keep hostname blank
in certificate select IIS Development Certificate and click ok.
restart iis and site.
clear browser history and try to browse the site.
Thanks for you all the problem is when I applied the registry that applies to enable ciphers and Tls 1.3 and Tls1.2 and disable Tls1.0 and Tls 1.1 on windows 2019. windows 2019 don't need to add any ciphers or Tls1.3 and tls1.2 protocols
I could install successfully XAMPP 7.2.26-0 on MacOS Mojave Version 10.14.5. The problem is that I cannot start Apache:
In the server events, I see this:
Starting Apache Web Server...
/Applications/XAMPP/xamppfiles/apache2/scripts/ctl.sh : httpd started
Starting Apache Web Server...
/Applications/XAMPP/xamppfiles/apache2/scripts/ctl.sh : httpd started
Stopping all servers...
Stopping MySQL Database...
/Applications/XAMPP/xamppfiles/mysql/scripts/ctl.sh : mysql stopped
Restarting all servers...
Starting MySQL Database...
/Applications/XAMPP/xamppfiles/mysql/scripts/ctl.sh : mysql started at port 3306
Starting Apache Web Server...
/Applications/XAMPP/xamppfiles/apache2/scripts/ctl.sh : httpd started
Starting ProFTPD...
Exit code: 8
Stdout:
Checking syntax of configuration file
proftpd config test fails, aborting
Stderr:
2020-01-07 11:33:11,210 Jaimes-MacBook-Pro.local proftpd[24257]: warning: unable to determine IP address of 'Jaimes-MacBook-Pro.local'
2020-01-07 11:33:11,211 Jaimes-MacBook-Pro.local proftpd[24257]: error: no valid servers configured
2020-01-07 11:33:11,211 Jaimes-MacBook-Pro.local proftpd[24257]: fatal: error processing configuration file '/Applications/XAMPP/xamppfiles/etc/proftpd.conf'
Do think think this is caused by an IP address conflict or something else?
UPDATE 1
Since I am not interested in ProFTPD, I am only trying to start Apache Web Server and this is what I see in the server events:
Starting Apache Web Server...
/Applications/XAMPP/xamppfiles/apache2/scripts/ctl.sh : httpd started
That would make me think that Apache Web Server started successfully. Nonetheless, I still see its status as "Stopped".
UPDATE 2
See below the configurations that I have for Apache Web Server. I have not changed anything. I am using the default configurations.
Add to your hosts file:
127.0.0.1 Jaimes-MacBook-Pro.local
I installed Uniform Server Zero (a Portable WAMP Server) on Windows instead. Thank you.
I'm running 4 servers with the same config:
RHEL Server 6.3
Apache 2.2.15
mod_ssl_x86_64
In 3 servers, the SSL configuration it's working, but in the last serv, i've got the next error:
Unable to configure verify locations for client authentication.
This is my ssl.conf
http://pastebin.com/Um4NV4vT
Thanks in advance
Solved, just follow this steps.
http://docstore.mik.ua/orelly/weblinux2/apache/ch11_10.htm
Thanks.
I have unrealirc running on my aws and it is compiled with ssl. I downloaded the server.key.pem to my machine. When I try to connect to the server I getSSL Error: ssl not available
I can log into aws through a terminal with my server key.
02[10:48] * Connecting to ec2-xx-xx-xx-114.compute-1.amazonaws.com (+6697)
-
02[10:48] * SSL error: ssl not available
-
02[10:48] * Connect cancelled
Also I added the correct port to my Security Group
Any Suggestions?
Are you missing the openssl shared libraries on your ec2 instance? That seems unlikely but without more info seems most likely from the error.
On a Redhat based image try:
yum search ssl
and Debian try
apt-cache search ssl
That will tell you what ssl libraries are installed.