search for: sslshopper

Hi we are using dovecot on secure port when i try to command openssl s_client -connect mail.mydomain:pop3s it works perfect. [image: Inline image 1] Also i check from https://www.sslshopper.com/ssl-checker.html web page i can see all correct ceritificate paths but i try to this command openssl s_client -connect mail.mydomain:pop3s -starttls imap it says CONNECTED and hang. second command is correct? also my thunderbird client doesnt work with 143 port and STARTTLS. is this general...

...e automatically auto=start conn site1 also=tunnel leftsubnet=10.0.128.0/22 rightsubnet=192.168.1.222/32 conn site2 also=tunnel On 1 April 2016 at 15:58, Eero Volotinen <eero.volotinen at iki.fi> wrote: > So you are using pkcs12 on centos: > > https://www.sslshopper.com/article-most-common-openssl-commands.html > -- > Eero > > 2016-04-01 17:44 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > >> Sorry but I have looked for over two days. Trying every command I could >> find. >> >> There is obviously a misundersta...

...gt; >> conn site2 >> also=tunnel >> >> >> >> >> >> >> >> >> On 1 April 2016 at 15:58, Eero Volotinen <eero.volotinen at iki.fi> wrote: >> > So you are using pkcs12 on centos: >> > >> > https://www.sslshopper.com/article-most-common-openssl-commands.html >> > -- >> > Eero >> > >> > 2016-04-01 17:44 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: >> > >> >> Sorry but I have looked for over two days. Trying every command I could >> &g...

hi everybody I'm browsing around but probably missing that obvious little thing - exporting certs to pem format with ipa command toolkit - that must be there somewhere, right? thanks, L.

So you are using pkcs12 on centos: https://www.sslshopper.com/article-most-common-openssl-commands.html -- Eero 2016-04-01 17:44 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > Sorry but I have looked for over two days. Trying every command I could > find. > > There is obviously a misunderstanding somewhere. > > After genera...

...directory, so you might be able to just add another file to the existing config set. If not, then replace the existing config file instead. If you?re asking for a pre-crafted config, there are bunches of them floating around: https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html https://www.sslshopper.com/article-how-to-disable-weak-ciphers-and-ssl-2.0-in-apache.html https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html etc. I?m also surprised by the premise implied by the question, which is that a stable OS vendor would switch HTTPS configurations for you on a point upgrade....

Hi we are using dovecot on secure port when i try to command openssl s_client -connect mail.mydomain:pop3s it works perfect. it says ***OK Dovecot ready*** Also i check from https://www.sslshopper.com/ssl-checker.html web page i can see all correct ceritificate paths but i try to this command openssl s_client -connect mail.mydomain:pop3s -starttls imap it says CONNECTED and hang. second command is correct? also my thunderbird client doesnt work with 143 port and STARTTLS. is this general...

...nvalide date in the certificate... https://horsens-garage.rocks has a mediaplayer, that will stream music from the radio. If I test horsens-garage.rocks in a "Test-Your-SSL" site, there are no problems. But if I test radio.horsens- garage.rocks:8443, it report invalide date. https://www.sslshopper.com/ssl-checker.html#hostname=radio.horsens-garage.rocks:8443 But they both use the very same letsencrypt certificate! Icecast use the bundle.pem made from the letsencrypt certificate/key. <ssl-certificate>/etc/icecast2/bundle.pem</ssl-certificate> Does any of you know what is wrong?...

Hi all, i read about the TLS-RENEGOTIATION vulnerability: http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html http://www.sslshopper.com/article-ssl-and-tls-renegotiation-vulnerability-discovered.html www.phonefactor.com/sslgapdocs/Renegotiating_TLS.pdf Does the Asterisk 1.6/1.8 SIP/TLS implementation suffer from the TLS Renegotiation vulnerability or the TLS-renegotiation it's disabled by default, in how OpenSSL is used?...

Sorry but I have looked for over two days. Trying every command I could find. There is obviously a misunderstanding somewhere. After generating a key pair with ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/my.secrets I exported to a file with ipsec showhostkey --ipseckey > file The man pages says ipsec showhostkey outputs in ipsec.conf(5) format, Ie ***.server.net.

...et=10.0.128.0/22 > rightsubnet=192.168.1.222/32 > > conn site2 > also=tunnel > > > > > > > > > On 1 April 2016 at 15:58, Eero Volotinen <eero.volotinen at iki.fi> wrote: > > So you are using pkcs12 on centos: > > > > https://www.sslshopper.com/article-most-common-openssl-commands.html > > -- > > Eero > > > > 2016-04-01 17:44 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > > > >> Sorry but I have looked for over two days. Trying every command I could > >> find. > >> &...

HI all, When CentOS 7 was created things like SSLv2 TLSv1 TLSv1.1 etc... were all OK, but now they have fallen out of favor for various reasons. Updating to CentOS 7.7 does not automatically disable these types of items from apache - is there a script that is available that can be ran to bring a box up to current "accepted" levels ? Or is that an edit by hand, do it yourself on all your

...t; > >> > >> > >> > >> > >> > >> > >> > >> On 1 April 2016 at 15:58, Eero Volotinen <eero.volotinen at iki.fi> wrote: > >> > So you are using pkcs12 on centos: > >> > > >> > https://www.sslshopper.com/article-most-common-openssl-commands.html > >> > -- > >> > Eero > >> > > >> > 2016-04-01 17:44 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > >> > > >> >> Sorry but I have looked for over two days. Trying eve...

cannot get TB to recognize either pop3/s or imap/s server can connect just fine with: openssl s_client -connect ms1.myserver.net:993 . login ... but trying with TB /var/log/mail.log gets: dovecot: pop3-login: Aborted login (no auth attempts): rip=223.205.150.234, lip=xxx.xx.xx.xx dovecot: imap-login: Aborted login (no auth attempts): rip=223.205.150.234, lip=xxx.xx.xx.xx -- View this