Recently I setup SSL certificate for my website. Everything works good (using https) in Chrome and Mozilla Firefox but website do not open at all in Internet Explorer (IE) and Safari. Following (please check image URL) is the error I see when I try to open website.
I have set redirection to https from http in my .htaccess but I don't think this is the problem here.
SSL is properly set, I have checked with multiple online SSL checkers and SSL certificate includes www.website.com and website.com as well.
Other details of my server are
PHP: 5.5.29
Apache: Apache 2.4.6 CentOS
OpenSSL: OpenSSL 1.0.1e-fips 11 Feb 2013
SSL (Registered Stream Socket Transports): tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
TLS 1.2
Thanks in advance,
Either Enable TLS 1.0 in IE => internet options => advanced => security or downgrade to apache 2.2
Related
I have new server windows 2019 standard Edition, with IIS 10 installed on it I exported my wildcard SSL from my old server to the new server my website can work successfully on http only while on https it gives an error can't open and gives this error
https://www.screencast.com/t/zgpV7hnUw
I tried to create a new request and get a new certificate also get the same error, also I enabled SSL 3.0 in the registry but also no result.
also, strange behavior when I tried to test the SSL with ssllabs website I found the response successful with grade A
Any advice
Thanks in advance
To resolve the issue you could try below things:
1)Open iis manager.
2)select your site-> bindings.
3)add binding with the below values:
type: https
IP: all assigned
port: 443
keep hostname blank
in certificate select IIS Development Certificate and click ok.
restart iis and site.
clear browser history and try to browse the site.
Thanks for you all the problem is when I applied the registry that applies to enable ciphers and Tls 1.3 and Tls1.2 and disable Tls1.0 and Tls 1.1 on windows 2019. windows 2019 don't need to add any ciphers or Tls1.3 and tls1.2 protocols
Im trying to setup Squid 4.8 on Ubuntu 18.04 LTS with HTTPS redirecting to squid error page for sites in ACL's. Yesterday i faced major problem HTTPS sites doesnt open normally in IE11/EDGE and show blank page only + squid replace certificate. If i tap F5, sometimes site opens like it should and certificate replacement doesnt happen...and it works not for all sites. I couldn't pinpoint the dependencies. I also can open some sites like rambler.ru, kanobu.ru, alexa.com normally.
The most interesting thing is that other browsers like Chrome, FF and even Opera open all sites like it should and spoof cert + redirect to error page only if site persist in ACL.
What i already did:
Disabled IPv6 on Squid host
Disabled/Enabled TLS in IE in any variations
Disabled SPDY/3
Bump settings in squid.conf:
http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/squidCA.pem
ssl_bump peek all
I have this errors in /var/log/squid/cache.log
ERROR: negotiating TLS on FD 46: error:1425F175:SSL routines:ssl_choose_client_version:inappropriate fallback (1/-1/0)
ERROR: negotiating TLS on FD 104: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure (1/-1/0)
ERROR: negotiating TLS on FD 27: error:1423406E:SSL routines:tls_parse_stoc_sct:bad extension (1/-1/0)
Error in access.log
TCP_DENIED/407 4141 CONNECT i.ibb.co:443 - HIER_NONE/- text/html
Sorry for complicated description, im new here and its really hard f
or me.
I am new to handling procedures related to the installation of SSL certificate in Linux Centos 7 with Apache, so here is the sequence of events happened so far,
we got the SSL certificate
Due to some reasons, we disabled the secure connection (HTTPS to HTTP)
we got the certificate renewed (it is not downloaded yet.)
Now, I would like to know the procedure to enable HTTPS again.
I have a virtual server with a few websites on it. To be honest I know next to nothing about SSL. When Itry to log in to my servers Web Host Manager or any of my sites Cpanels I get a screen (In chrome) saying "This website is not trusted". Is this because the server needs to have SSL installed on it?
Maybe it's not even to do with SSL, but any explanation is appreciated.
SSL secures your conecction between your browser and the server. If you have important data there you should install SSL to protect your connection from "sniffing".
SSL is network protocol so you have to install it or enable it on the server.
here is resource for installing/enabling SSL on Apache server:
http://www.digicert.com/ssl-certificate-installation-apache.htm
and here is how to install/enable SSL on IIS:
http://support.microsoft.com/kb/299875
I am using Windows XP and running Tomcat 6.
I am trying to enable SSL on Tomcat. First, I tried it with client authentication.
It didn't work - and I configured it to work without client authentication.
I have certificate installed on the tomcat server, and also the CA certificate installed on the browsers (IE & FireFox).
It still doesn't work.
In IE the server doesn't throw any exception except for EOFException.
In FireFox it throws SSLHandeShakeException: Remote host close the connection.
Can anyone help?
Thanks.
The SSL configuration as provided in the comments is highly suspect - particularly the keyStorePass attribute. I suggest you work from the Tomcat SSL docs and proceed in the following order:
Get https working from a browser with a self-signed certificate
Then get it working with a proper certificate
Then try and add client certificate authentication
This does all work. It is tested as part of the Servlet TCK and every Tomcat release passes the TCK.