Displaying 20 results from an estimated 22 matches for "ssltest".
Did you mean:
sasltest
2020 May 30
4
r-project.org SSL certificate issues
...e()) :
cannot open URL 'https://www.r-project.org'
In addition: Warning message:
In download.file("https://www.r-project.org", tempfile()) :
URL 'https://www.r-project.org': status was 'SSL peer certificate or
SSH remote key was not OK'
https://www.ssllabs.com/ssltest says:
COMODO RSA Certification Authority
Fingerprint SHA256:
4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
minutes ago) EXPIRED
AFAICT this is the reason:...
2020 May 30
2
r-project.org SSL certificate issues
...: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, Salford, Greater Manchester, GB
> - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
> (R)eject, accept (t)emporarily or accept (p)ermanently? t
> U src/library/grid/R/grob.R
> ....
>
> ssltest shows two certificates of which only one is expired?
>
> -pd
>
>
>
> > On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote:
> >
> > On macOS 10.15.5 and R-devel:
> >
> >> download.file("https://www.r-project.org",...
2020 May 30
4
r-project.org SSL certificate issues
...imited, Salford, Greater Manchester, GB
> > > - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
> > > (R)eject, accept (t)emporarily or accept (p)ermanently? t
> > > U src/library/grid/R/grob.R
> > > ....
> > >
> > > ssltest shows two certificates of which only one is expired?
> > >
> > > -pd
> > >
> > >
> > >
> > > > On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote:
> > > >
> > > > On macOS 10.15.5 and R-dev...
2017 Apr 26
3
Apache + SSL: default configuration rated "C" by Qualys Labs
...56
EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !MEDIUM !SEED !3DES
!CAMELLIA !MD5 !EXP !PSK !SRP !DSS !RC4"
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15768000;
includeSubDomains; preload"
</IfModule>
https://www.ssllabs.com/ssltest/analyze.html?d=www.hogarthuk.com
IIRC the Red Hat defaults are somewhat conservative on their
limitations in order to simplify and maximise client connectivity - as
some stuff (especially java apps or older mobile devices) tend to
struggle otherwise with only a strict set of secure ciphers.
2018 Dec 16
3
Upgrade to 2.3.1 has failed
For what it's worth, this gives the server an A:
https://www.ssllabs.com/ssltest/analyze.html?d=mail.privustech.
com
So there is no problem with the certificates and key...
Thanks again.
On Sun, 2018-12-16 at 09:19 -0500, C. Andrews Lavarre wrote:
> So it's something else.?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://doveco...
2010 Dec 22
3
Using Puppet's client certificates for Apache, SSLVerifyClient
....az.domain.local.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/puppet01.ops.az.domain.local.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +StdEnvVars
ErrorLog /var/log/httpd/ssltest-error.log
CustomLog /var/log/httpd/ssltest-access.log combined
</VirtualHost>
Pretty simple, right? Am I doing this properly?
A little background: I am in the process of building AMIs for
Amazon''s EC2, which will eventually have VPN connections back to a
secure scope/pool...
2020 May 30
0
r-project.org SSL certificate issues
...5 23:59:59 2020 GMT
- Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, Salford, Greater Manchester, GB
- Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
(R)eject, accept (t)emporarily or accept (p)ermanently? t
U src/library/grid/R/grob.R
....
ssltest shows two certificates of which only one is expired?
-pd
> On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote:
>
> On macOS 10.15.5 and R-devel:
>
>> download.file("https://www.r-project.org", tempfile())
> trying URL 'https://ww...
2015 Jan 26
3
Apache and SSLv3
Hi list,
I'm configuring apache with https and I've a question about sslv3
deactivation.
Running "openssl ciphers -v" I get a list of cypher suite of openssl like:
ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128)
Mac=AEAD
.........
Each lines report relative protocol.
Disabling sslv3 with "SSLProtocol all -SSLv3" I can use cypher like:
2020 May 30
0
r-project.org SSL certificate issues
...Secure Server CA, COMODO CA Limited, Salford, Greater Manchester, GB
> > - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
> > (R)eject, accept (t)emporarily or accept (p)ermanently? t
> > U src/library/grid/R/grob.R
> > ....
> >
> > ssltest shows two certificates of which only one is expired?
> >
> > -pd
> >
> >
> >
> > > On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote:
> > >
> > > On macOS 10.15.5 and R-devel:
> > >
> > >> do...
2015 Feb 07
2
TLS config check
Am 07.02.2015 um 10:10 schrieb SW:
> I've just done a test with K9 mail on Android 4.4.2 and this is what I
> see in the log:
>
> ECDHE-ECDSA-AES128-SHA (128/128 bits)
>
> But when using Thunderbird I see:
>
> ECDHE-ECDSA-AES128-GCM-SHA256 (128/128 bits)
>
> I'm happy that Thunderbird is using a secure cipher but is Android? Is
> ECDHE-ECDSA-AES128-SHA
2020 May 30
0
r-project.org SSL certificate issues
...rd, Greater Manchester, GB
>>>> - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
>>>> (R)eject, accept (t)emporarily or accept (p)ermanently? t
>>>> U src/library/grid/R/grob.R
>>>> ....
>>>>
>>>> ssltest shows two certificates of which only one is expired?
>>>>
>>>> -pd
>>>>
>>>>
>>>>
>>>>> On 30 May 2020, at 22:17 , G?bor Cs?rdi <csardi.gabor at gmail.com> wrote:
>>>>>
>>>>> On macOS 10.1...
2017 Apr 26
4
Apache + SSL: default configuration rated "C" by Qualys Labs
...pt/live/sd-41893.dedibox.fr/fullchain.pem
--8<------------------------------------------------
After restarting Apache, the website shows up correctly.
https://sd-41893.dedibox.fr/
But when I test it using Qualys SSL Labs Server Test, the results are a
disappointment.
https://www.ssllabs.com/ssltest/
The site is rated "C", with the following remarks:
* This server is vulnerable to the POODLE attack. If possible, disable
SSL 3 to mitigate. Grade capped to C."
"This server accepts RC4 cipher, but only with older protocols. Grade
capped to B."
"The server does no...
2013 Aug 14
3
force ciphers order for clients
Hi Timo,
reading this
http://www.kuketz-blog.de/perfect-forward-secrecy-mit-apple-mail/
it looks like DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA can be forced in use
with apple mail
( if no ECDHE is possible ,by missing openssl 1.x etc,
seems that apple mail tries ECDHE first if fails its going to use
RSA-AES128-SHA )
force soltution as tried
ssl_cipher_list =
2017 Jan 03
2
bugzilla.mindrot.org certificate expired
when i click on my bugzilla link,
https://bugzilla.mindrot.org/show_bug.cgi?id=2651
i get this message from firefox:
```
bugzilla.mindrot.org uses an invalid security certificate.
The certificate expired on January 3, 2017 at 12:12.
The current time is January 3, 2017 at 14:36.
Error code: SEC_ERROR_EXPIRED_CERTIFICATE
'''
2015 Jan 26
0
Apache and SSLv3
...; Mac=AEAD
> .........
>
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCompression off
Then use cipher suite to your liking.
Modern, Intermediate, Old, from...
https://wiki.mozilla.org/Security/Server_Side_TLS#Apache
Test via...
https://www.ssllabs.com/ssltest/
2017 Apr 26
0
Apache + SSL: default configuration rated "C" by Qualys Labs
...!eNULL !LOW !MEDIUM !SEED !3DES
> !CAMELLIA !MD5 !EXP !PSK !SRP !DSS !RC4"
>
> <IfModule mod_headers.c>
> Header always set Strict-Transport-Security "max-age=15768000;
> includeSubDomains; preload"
> </IfModule>
>
> https://www.ssllabs.com/ssltest/analyze.html?d=www.hogarthuk.com
>
> IIRC the Red Hat defaults are somewhat conservative on their
> limitations in order to simplify and maximise client connectivity - as
> some stuff (especially java apps or older mobile devices) tend to
> struggle otherwise with only a strict set...
2015 Feb 07
0
TLS config check
...ent and
> server and choose one, but be warned that if you ask two analyst, you
> might not get the same answer which is "best" as this dependes on the
> kind of threats you want to take care of
>
>
> Oliver
>
Thanks Oliver.
I had a look at:
https://www.ssllabs.com/ssltest/viewClient.html?name=Android&version=4.4.2
And Android 4.4.2 does support:
ECDHE-ECDSA-AES128-GCM-SHA256
So why then does K9 not connect using GCM? Could K9 mail not support this cipher? If Android supports it does this mean that K9 mail will support it too?
Just trying to figure out WHY I...
2018 Dec 16
0
Upgrade to 2.3.1 has failed
...cked out fine, correct < in
dovcot config but didn't load.
chmod 644 /etc/ssl/certs/dovecot.cert /etc/ssl/private/dovecot.key
fixed the problem
regards, Tim
On 16/12/2018 14:33, C. Andrews Lavarre wrote:
> For what it's worth, this gives the server an A:
> https://www.ssllabs.com/ssltest/analyze.html?d=mail.privustech.com
>
> So there is no problem with the certificates and key...
>
> Thanks again.
>
> On Sun, 2018-12-16 at 09:19 -0500, C. Andrews Lavarre wrote:
>> So it's something else.
-------------- next part --------------
An HTML attachment was s...
2023 Mar 05
1
icecast https stream and Sonos
My icecast https stream (https://vertenradio.com:8443/stream) does not work on a Sonos ONE player.
It might have something to do with the ssl handshake.
>From the developer page from sonos i found this:
Some common reasons for SSL handshake failures include:
? Expired certificate: Every certificate has a validity window before it expires. You need to present Sonos with unexpired
2018 Jul 30
2
Restricting SSL/TLS protocol versions on Dovecot 2.2.22
> On Jul 29, 2018, at 6:02 PM, Alexander Dalloz <ad+lists at uni-x.org> wrote:
>
> Am 29.07.2018 um 21:02 schrieb J Doe:
>> Hello,
>> I have a question regarding SSL/TLS settings for Dovecot version 2.2.22.
>> In: 10-ssl.conf there are two parameters:
>> ssl_protocols
>> ssl_cipher_list
>> ssl_protocols is commented with ?SSL protocol to