search for: ssltest

...e()) : cannot open URL 'https://www.r-project.org' In addition: Warning message: In download.file("https://www.r-project.org", tempfile()) : URL 'https://www.r-project.org': status was 'SSL peer certificate or SSH remote key was not OK' https://www.ssllabs.com/ssltest says: COMODO RSA Certification Authority Fingerprint SHA256: 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME= Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51 minutes ago) EXPIRED AFAICT this is the reason:...

...: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, Salford, Greater Manchester, GB > - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D > (R)eject, accept (t)emporarily or accept (p)ermanently? t > U src/library/grid/R/grob.R > .... > > ssltest shows two certificates of which only one is expired? > > -pd > > > > > On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote: > > > > On macOS 10.15.5 and R-devel: > > > >> download.file("https://www.r-project.org",...

...imited, Salford, Greater Manchester, GB > > > - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D > > > (R)eject, accept (t)emporarily or accept (p)ermanently? t > > > U src/library/grid/R/grob.R > > > .... > > > > > > ssltest shows two certificates of which only one is expired? > > > > > > -pd > > > > > > > > > > > > > On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote: > > > > > > > > On macOS 10.15.5 and R-dev...

...56 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !MEDIUM !SEED !3DES !CAMELLIA !MD5 !EXP !PSK !SRP !DSS !RC4" <IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" </IfModule> https://www.ssllabs.com/ssltest/analyze.html?d=www.hogarthuk.com IIRC the Red Hat defaults are somewhat conservative on their limitations in order to simplify and maximise client connectivity - as some stuff (especially java apps or older mobile devices) tend to struggle otherwise with only a strict set of secure ciphers.

For what it's worth, this gives the server an A: https://www.ssllabs.com/ssltest/analyze.html?d=mail.privustech. com So there is no problem with the certificates and key... Thanks again. On Sun, 2018-12-16 at 09:19 -0500, C. Andrews Lavarre wrote: > So it's something else.? -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://doveco...

....az.domain.local.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet01.ops.az.domain.local.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLVerifyClient require SSLVerifyDepth 1 SSLOptions +StdEnvVars ErrorLog /var/log/httpd/ssltest-error.log CustomLog /var/log/httpd/ssltest-access.log combined </VirtualHost> Pretty simple, right? Am I doing this properly? A little background: I am in the process of building AMIs for Amazon''s EC2, which will eventually have VPN connections back to a secure scope/pool...

...5 23:59:59 2020 GMT - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, Salford, Greater Manchester, GB - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D (R)eject, accept (t)emporarily or accept (p)ermanently? t U src/library/grid/R/grob.R .... ssltest shows two certificates of which only one is expired? -pd > On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote: > > On macOS 10.15.5 and R-devel: > >> download.file("https://www.r-project.org", tempfile()) > trying URL 'https://ww...

Hi list, I'm configuring apache with https and I've a question about sslv3 deactivation. Running "openssl ciphers -v" I get a list of cypher suite of openssl like: ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD ......... Each lines report relative protocol. Disabling sslv3 with "SSLProtocol all -SSLv3" I can use cypher like:

...Secure Server CA, COMODO CA Limited, Salford, Greater Manchester, GB > > - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D > > (R)eject, accept (t)emporarily or accept (p)ermanently? t > > U src/library/grid/R/grob.R > > .... > > > > ssltest shows two certificates of which only one is expired? > > > > -pd > > > > > > > > > On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote: > > > > > > On macOS 10.15.5 and R-devel: > > > > > >> do...

Am 07.02.2015 um 10:10 schrieb SW: > I've just done a test with K9 mail on Android 4.4.2 and this is what I > see in the log: > > ECDHE-ECDSA-AES128-SHA (128/128 bits) > > But when using Thunderbird I see: > > ECDHE-ECDSA-AES128-GCM-SHA256 (128/128 bits) > > I'm happy that Thunderbird is using a secure cipher but is Android? Is > ECDHE-ECDSA-AES128-SHA

...rd, Greater Manchester, GB >>>> - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D >>>> (R)eject, accept (t)emporarily or accept (p)ermanently? t >>>> U src/library/grid/R/grob.R >>>> .... >>>> >>>> ssltest shows two certificates of which only one is expired? >>>> >>>> -pd >>>> >>>> >>>> >>>>> On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote: >>>>> >>>>> On macOS 10.1...

...pt/live/sd-41893.dedibox.fr/fullchain.pem --8<------------------------------------------------ After restarting Apache, the website shows up correctly. https://sd-41893.dedibox.fr/ But when I test it using Qualys SSL Labs Server Test, the results are a disappointment. https://www.ssllabs.com/ssltest/ The site is rated "C", with the following remarks: * This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C." "This server accepts RC4 cipher, but only with older protocols. Grade capped to B." "The server does no...

Hi Timo, reading this http://www.kuketz-blog.de/perfect-forward-secrecy-mit-apple-mail/ it looks like DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA can be forced in use with apple mail ( if no ECDHE is possible ,by missing openssl 1.x etc, seems that apple mail tries ECDHE first if fails its going to use RSA-AES128-SHA ) force soltution as tried ssl_cipher_list =

when i click on my bugzilla link, https://bugzilla.mindrot.org/show_bug.cgi?id=2651 i get this message from firefox: ``` bugzilla.mindrot.org uses an invalid security certificate. The certificate expired on January 3, 2017 at 12:12. The current time is January 3, 2017 at 14:36. Error code: SEC_ERROR_EXPIRED_CERTIFICATE '''

...; Mac=AEAD > ......... > SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCompression off Then use cipher suite to your liking. Modern, Intermediate, Old, from... https://wiki.mozilla.org/Security/Server_Side_TLS#Apache Test via... https://www.ssllabs.com/ssltest/

...!eNULL !LOW !MEDIUM !SEED !3DES > !CAMELLIA !MD5 !EXP !PSK !SRP !DSS !RC4" > > <IfModule mod_headers.c> > Header always set Strict-Transport-Security "max-age=15768000; > includeSubDomains; preload" > </IfModule> > > https://www.ssllabs.com/ssltest/analyze.html?d=www.hogarthuk.com > > IIRC the Red Hat defaults are somewhat conservative on their > limitations in order to simplify and maximise client connectivity - as > some stuff (especially java apps or older mobile devices) tend to > struggle otherwise with only a strict set...

...ent and > server and choose one, but be warned that if you ask two analyst, you > might not get the same answer which is "best" as this dependes on the > kind of threats you want to take care of > > > Oliver > Thanks Oliver. I had a look at: https://www.ssllabs.com/ssltest/viewClient.html?name=Android&version=4.4.2 And Android 4.4.2 does support: ECDHE-ECDSA-AES128-GCM-SHA256 So why then does K9 not connect using GCM? Could K9 mail not support this cipher? If Android supports it does this mean that K9 mail will support it too? Just trying to figure out WHY I...

...cked out fine, correct < in dovcot config but didn't load. chmod 644 /etc/ssl/certs/dovecot.cert /etc/ssl/private/dovecot.key fixed the problem regards, Tim On 16/12/2018 14:33, C. Andrews Lavarre wrote: > For what it's worth, this gives the server an A: > https://www.ssllabs.com/ssltest/analyze.html?d=mail.privustech.com > > So there is no problem with the certificates and key... > > Thanks again. > > On Sun, 2018-12-16 at 09:19 -0500, C. Andrews Lavarre wrote: >> So it's something else. -------------- next part -------------- An HTML attachment was s...

My icecast https stream (https://vertenradio.com:8443/stream) does not work on a Sonos ONE player. It might have something to do with the ssl handshake. >From the developer page from sonos i found this: Some common reasons for SSL handshake failures include: ? Expired certificate: Every certificate has a validity window before it expires. You need to present Sonos with unexpired

> On Jul 29, 2018, at 6:02 PM, Alexander Dalloz <ad+lists at uni-x.org> wrote: > > Am 29.07.2018 um 21:02 schrieb J Doe: >> Hello, >> I have a question regarding SSL/TLS settings for Dovecot version 2.2.22. >> In: 10-ssl.conf there are two parameters: >> ssl_protocols >> ssl_cipher_list >> ssl_protocols is commented with ?SSL protocol to