Highest Voted 'tls' Questions - Server Fault Stack Exchange

137

votes

2 answers

How can I verify if TLS 1.2 is supported on a remote web server from the RHEL/CentOS shell?

I'm on CentOS 5.9. I'd like to determine from the linux shell if a remote web server specifically supports TLS 1.2 (as opposed to TLS 1.0). Is there an easy way to check for that? I'm not seeing a related option on openssl but perhaps I'm…

asked Oct 21 '14 at 20:39

Mike B

11,570
42
106
165

84

votes

3 answers

How to inspect remote SMTP server's TLS certificate?

We have an Exchange 2007 server running on Windows Server 2008. Our client uses another vendor's mail server. Their security policies require us to use enforced TLS. This was working fine until recently. Now, when Exchange tries to deliver mail…

windows-server-2008 security exchange-2007 certificate tls

asked Apr 12 '10 at 15:18

Skyhawk

14,149
3
52
95

53

votes

9 answers

How do I disable TLS 1.0 without breaking RDP?

Our credit card processor recently notified us that as of June 30, 2016 we will need to disable TLS 1.0 to remain PCI compliant. I tried to be proactive by disabling TLS 1.0 on our Windows Server 2008 R2 machine, only to find that immediately after…

windows-server-2008-r2 ssl rdp tls pci-dss

asked May 11 '15 at 20:15

Mike

1,261
5
18
31

47

votes

6 answers

Does HTTPS use TCP or UDP?

ssl https tcp udp tls

asked Jan 03 '10 at 08:36

Steven

617
2
6
7

46

votes

5 answers

Failed tls handshake. Does not contain any IP SANs

I'm trying to set up logstash forwarder, but I have issues with making a proper secure channel. Trying to configure this with two ubuntu (server 14.04) machines running in virtualbox. They are 100% clean (not touched hosts file or installed any…

ubuntu ssl ssl-certificate tls logstash

asked Jul 09 '14 at 04:23

connery

495
1
4
8

40

votes

5 answers

What are the exact protocol level differences between SSL and TLS?

This is a technical deep dive after this overview question was asked. What are the protocol differences between SSL and TLS? Is there really enough of a difference to warrant a name change? (versus calling it "SSLv4" or SSLv5 for the newer versions…

security ssl tunneling tls protocol

asked Sep 06 '10 at 20:10

makerofthings7

8,821
28
115
196

37

votes

8 answers

Is enforcing encryption for SMTP a good idea (yet)?

I am running an email server which is currently set up to use TLS if possible, when sending and receiving emails. When you read in the documentation about this, there is also the option to enforce TLS and not accept plain text transmission of…

encryption tls smtps

asked Oct 18 '15 at 12:33

comfreak

1,451
1
21
32

35

votes

2 answers

Postfix TLS over SMTP - RCPT TO prompts renegotiation then 554 5.5.1 Error: no valid recipients

I've setup ispconfig3 on my debian six server, and here is a little smtp over ssl: The server is postfix AUTH PLAIN (LOL!) 235 2.7.0 Authentication successful MAIL FROM: lol@lol.com 250 2.1.0 Ok RCPT TO: lol@lol.com RENEGOTIATING depth=0…

debian ssl postfix smtp tls

asked Dec 01 '11 at 12:51

lol

465
1
5
12

31

votes

5 answers

Functional implications of differences in SSL and TLS

I know that TLS is essentially a newer version of SSL, and that it generally supports transitioning a connection from unsecured to secured (commonly through a STARTTLS command). What I don't understand is why TLS is important to an IT Professional,…

security ssl tls

asked Sep 11 '09 at 13:10

Randell

1,133
7
18
25

30

votes

1 answer

How can I let nginx log the used SSL/TLS protocol and ciphersuite?

My goal is to ensure proper security for clients connecting to my nginx. I'm following Mozilla's guide to configure TLS properly on my nginx installation, but I don't have an overview of the actual protocols/ciphersuites being used in practice. What…

nginx security logging tls ssl

asked Aug 13 '14 at 11:57

gertvdijk

3,362
4
30
46

29

votes

3 answers

Disable TLS 1.0 in NGINX

I have a NGINX acting as a reverse proxy for our sites and is working very well. For the sites that need ssl I followed raymii.org to make sure to have as strong of a SSLLabs score as possible. One of the sites needs to be PCI DSS compliant but…

nginx tls pci-dss

asked Jul 08 '15 at 15:32

Shawn C.

393
1
4
7

29

votes

3 answers

What effect does https traffic have on web cache proxy servers?

I just took two university courses on computer security and internet programming. I was thinking about this the other day: Web cache proxy servers cache popular content from servers on the web. This is useful, for example, if your company has a 1…

proxy https cache tls

asked Dec 25 '14 at 22:08

ejsuncy

393
1
4
7

24

votes

2 answers

Curl: unable to get local issuer certificate. How to debug?

I’ve got an odd problem. Updated my LAMP dev machine (Debian) to PHP 7. Afterwards I cannot connect to a specific TLS encrypted API via Curl anymore. The SSL cert in question is signed by thawte. curl https://example.com gives me curl: (60) SSL…

ssl ssl-certificate openssl tls curl

asked Feb 10 '16 at 12:06

Rob

343
1
2
6

18

votes

5 answers

Do any well-known CAs issue Elliptic Curve certificates?

Background I've seen that Comodo has an elliptic curve root ("COMODO ECC Certification Authority"), but I don't see mention of EC certificates on their web site. Does Certicom have intellectual property rights that prevent other issuers from…

ssl ssl-certificate certificate tls

asked Dec 04 '09 at 22:37

erickson

291
1
3
10

16

votes

1 answer

Where is the private key after using certreq for CSR generation on Windows 10?

I tried to follow the website below for instructions on how to generate the CSR for my web server: http://www.entrust.net/knowledge-base/technote.cfm?tn=8649 However, it only generates the CSR. Where is the private key? I was told that the key is…

ssl https tls node.js csr

asked Aug 27 '15 at 08:44

Chong Lip Phang

265
1
2
7

Questions tagged [tls]