Tag Archives: openssl

The IT Detective Agency: the vanishing certificate error

Intro I was confronted with a web site certificate error. A user was reluctant – correctly – to proceed to an internal web site because he saw a message to the effect: I tried it myself with IE and got … Continue reading

Posted in Admin, Linux, Security, Web Site Technologies | Tagged | Leave a comment

Server Name Indication and what it means for those with only a single IP address

Intro Sometimes everything is there in place, ready to be used, but you just have to either mistakenly try it, or learn it works by reading about it, because it may be counter-intuitive. Such is the case with Server Name … Continue reading

Posted in Admin, Apache, Hosting Service, Web Site Technologies | Tagged , , | Leave a comment

Verifying a pkcs12 file with openssl

Intro The easy way How to examine a pkcs12 (pfx) file $ openssl pkcs12 ‐info ‐in file_name.pfx It will prompt you for the password a total of three times! The hard way I went through this whole exercise because I … Continue reading

Posted in Linux, Security | Tagged , | Leave a comment

Compiling curl and openssl on Redhat Linux

Intro I have an ancient Redhat system which I’m not in a position to upgrade. I like to use curl to test web sites, but it’s getting to the point that my ancient version has no SSL versions in common … Continue reading

Posted in Linux, SLES, Web Site Technologies | Tagged , , , | 1 Comment

curl showing its age with SSL error

Intro I’ve used curl as a debugging tool for a long time. But time moves on and my testing system didn’t. So now for the first time I saw an error that is produced by this situation, and I will … Continue reading

Posted in Linux, Web Site Technologies | Tagged , , , , , | 4 Comments

SSL Interception: troubleshooting

Intro SSl Interception is a reality at some larger companies. From a security perspective it is vital as it permits you to extend your AV scanning, botnet detection, 0-day, DLP, cloud security, etc to your https traffic which is normally … Continue reading

Posted in Network Technologies, Web Site Technologies | Tagged , , , | Leave a comment

drjohnstechtalk.com is now an encrypted web site

Intro I don’t overtly chase search engine rankings. I’m comfortable being the 2,000,000th most visited site on the Internet, or something like that according to alexa. But I still take pride in what I’m producing here. So when I read … Continue reading

Posted in Admin, Apache, CentOS, Security | Tagged , , , , , , , | Leave a comment

The IT Detective Agency: strange ssl error explained

Intro Fromm time-to-time I get an unusual ssl error when using curl to check one of my web sites. This post documents the error and how I recovered from it. The details I was bringing up a new web site … Continue reading

Posted in Admin | Tagged , , | Leave a comment

My favorite openssl commands

Intro openssl is available on almost every operating system. It’s a great tool if you work with certificates regularly, or even occasionally. I want to document some of the commands I use most frequently. The details Convert PEM CERTs to … Continue reading

Posted in Admin, Linux, Security | Tagged , , , , , , , , , , , , , , , , , , | 1 Comment

The Basics of How to Work with Cipher Settings

December, 2014 Update With some tips for making your server POODLE-proof, and 2016 update to deal with OpenSSL Padding Oracle Vulnerability CVE-2016-2107 Intro We got audited. There’s always something they catch, right? But I actually appreciate the thoroughness of this … Continue reading

Posted in Admin, Apache, IT Operational Excellence, Security | Tagged , , , , , , , , , , , , , , , , , , , , | 17 Comments