ssl-certificate

问题 I want to clone the git repository with the help of TortoiseGit, but I am getting error : error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https://git.assembla.com/pplconnect-PL.webserver.git/info/refs?service=git-upload-pack fatal: HTTP request failed git did not exit cleanly (exit code 128). Any help or guidance will be well appreciated. 回答1: You can choose to ignore the

问题 I have 2 crt files for Apache server: 1_root_bundle.crt 2_my_domain_name.com.crt And other bundle: 1_Intermediate.crt 2_my_domain_name.com.crt root.crt I have modified /etc/apache2/sites-available/default-ssl.conf And tried various combinations of above mentioned files but after Apache2 service restart SSL does not work, browser shows "Connection is not secure": SSLEngine on SSLCertificateFile /etc/apache2/ssl/1_Intermediate.crt SSLCertificateKeyFile /etc/apache2/ssl/2_my_domain_name.com.crt

问题 I have 2 crt files for Apache server: 1_root_bundle.crt 2_my_domain_name.com.crt And other bundle: 1_Intermediate.crt 2_my_domain_name.com.crt root.crt I have modified /etc/apache2/sites-available/default-ssl.conf And tried various combinations of above mentioned files but after Apache2 service restart SSL does not work, browser shows "Connection is not secure": SSLEngine on SSLCertificateFile /etc/apache2/ssl/1_Intermediate.crt SSLCertificateKeyFile /etc/apache2/ssl/2_my_domain_name.com.crt

问题 I have generated a CSR that includes the field subject alt names: openssl req -out mycsr.pem -new -key mykey.pem -days 365 When I inspect this it looks as expected with a new field present: X509v3 Subject Alternative Name: DNS: my.alt.dns However when I use this to sign a certificate that field is omitted for some reason. I generate it with the following command: openssl ca -out mycert.pem -infiles mycsr.pem Can it be that my CA cert have to include the same Alt name for it to be included?

问题 I am trying to run an https site for localhost and have installed certificate for it, even installed it in root trusted authorities but still everytime I am getting error Warning: Potential Security Risk Ahead I tried each and everything from this post, each and every answer How can I create a self-signed cert for localhost? But nothing is working, I keep on getting the potential risk error And the weird thing is it used to work for me earlier, I deleted the existing certificate for localhost

问题 I'm going to try TLS with mutual authentication using openssl. However, as shown in the output results below, the client can receive a server certificate and output it, but the server has not received the client certificate The details of my work are as follows. Server and client certificate generation (without certificate signing through CA, just self-signing) (1) Generating the server key and certificate. $ openssl genrsa -des3 -out server.key 2048 $ openssl req -new -key server.key -out

问题 I have two servers and on server A I have the open SSL install and on server B, I don't have the open SSL install now if I create a key pair and generate a CSR from server A for server B and get it signed by my root authority and place it on my server B now how this will work when the private key is still present on my server A as I have done everything on server A and just place the signed certificate on server B. how server B will decrypt the traffic when it didn't have the private key.

问题 I am trying to run an https site for localhost and have installed certificate for it, even installed it in root trusted authorities but still everytime I am getting error Warning: Potential Security Risk Ahead I tried each and everything from this post, each and every answer How can I create a self-signed cert for localhost? But nothing is working, I keep on getting the potential risk error And the weird thing is it used to work for me earlier, I deleted the existing certificate for localhost

问题 I'm working on a Ionic-Angular app and faced quite a few issues due to clear text traffic. So I decided to switch to https even while coding but it wasn't so easy. I open this question and propose the answer I found to keep a trace and hopefully save you some time if you would like to do the same. 回答1: Prerequisite You need a hostname for your dev machine. This name will be declared in certificates and https services will be accessed using this hostname (URLs have to be like https://[hostname

问题 I'm in the process of connecting to an external server and am making a CSR to receive some certificates from them, and I have some questions regarding this. Some tutorials state that you should save the private key as this will be used during installation of the certificate. However when using the Windows certificate manager (certmgr.msc) I think it generates the private key under the hood, and the resulting CSR-file does not contain any private key. So in that case I won't have access to any