All Questions
Tagged with apache-2.4 ssl
432
questions
-1
votes
1
answer
40
views
Self signed certificate for Ubuntu in Active Directory Windows clients
I have an Active Directory mydomain.local.
I have an intranet web site with Ubuntu and Apache intranet.mydomain.local.
I need an SSL certificate for this domain which can resolve all Active Directory ...
- 241
2
votes
0
answers
28
views
Client certificates and custom revoked html
I can configure Apache to authenticate users with client certificate and validate them via OCSP. Do you know how can I redirect the user to a custom html page if the certificate is revoked? The ...
- 121
0
votes
0
answers
81
views
Optimize load balancer SSL termination on a Windows machine
I have an application on a 32-bit Apache server on a Windows machine from a 3rd party vendor. (Can't change that).
The setup:
Traffic is HTTPS, port 443.
Apache web app service
Activemq service
...
- 483
0
votes
0
answers
254
views
Apache 2.4 random chrome ERR_EMPTY_RESPONSE
Firstly, I would like to say I am somewhat a rookie to apache configs. I have worked with it a little bit but definitely not enough to the level of many apache professionals. Due to this, some ...
0
votes
1
answer
118
views
Apache fails to restart after disabling SSL mod
On Ubuntu trying to disable ssl in apache. But when I restart Apache, it fails...
a2dismod ssl
Result:
Module ssl disabled. To activate the new configuration, you need to run: systemctl restart ...
- 1
0
votes
0
answers
38
views
Apache 2.4: Delays with TLS on base domain but not so much on subdomains
On an Apache 2.4 server with SSL enabled, HTTP/1.1 and valid wildcard certificate (I unfortunately cannot share the site's URL.)
I recently get a consistent delay on new TLS connection.
The SSL ...
- 131
0
votes
1
answer
43
views
Single domain, two webservers running on different ports, two different SSL issuers possible?
Short, Can a domain have multiple SSL issuers installed on different servers ?
Long ,
I have a domain.
example.com
Its running on two different servers , two different websites, two different ports , ...
0
votes
2
answers
284
views
configuring SSL for two different applications on same server: web server and python
I want to run SSL for web server https://www.domainname.com on port 443 and python REST api server https://mgmt.domainname.com with Flask. I have configured Apache SSL and it is running on 443. I ran ...
- 117
1
vote
1
answer
175
views
Apache mpm event not working as expected with SSL/HTTPS
I have a server with Apache/2.4.6 (CentOS) + OpenSSL/1.0.2k-fips (I know this is an old version of Apache but it cannot be upgraded right now). mpm event is used for multi processing.
When serving ...
- 111
3
votes
1
answer
4k
views
TLS 1.0 broken with newer Debian/OpenSSL
I'm migrating a server running Debian 10 to a server running Debian 12 (and a 6.x kernel), and the last thing that doesn't seem to be working is TLS 1.0, which I've been trying to figure out.
I'm ...
- 234
0
votes
0
answers
138
views
Apache: Cannot make exception for SSLVerifyClient whith server-level restriction
I cannot make an exception for SSLVerifyCLient when it is at server level:
SSLVerifyClient require
SSLVerifyDepth 2
RequestHeader set SSL_CLIENT_VERIFY ""
<Location />
<If "-R '...
- 702
0
votes
1
answer
5k
views
FireFox gets ns_error_net_interrupt when clicking on loaded page
FireFox is connecting to my website, but accessing already visited pages would randomly not connect resulting in a
Secure Connection Failed
Chrome and Microsoft Edge are not having that problem.
...
- 274
2
votes
2
answers
1k
views
Apache 2.4 on Windows slow to respond to initial first request
I started serving pre-compressed Brotli files on my website https://www.filmfix.com/en/home/. They work; but ever since then, Apache is having response issues along all VirtualHost setups (not just ...
- 274
0
votes
0
answers
302
views
SNI and TLS errors on apache reverse proxy host when proxying multiple sites from different servers?
I have an apache2 reverse proxy which is proxying many services including zabbix and nextcloud, and applying a wildcard SSL certificate to said services. These are individual virtual hosts, though ...
- 163
0
votes
1
answer
412
views
Clients of a site are getting SSL_ERROR_HANDSHAKE_FAILURE_ALERT (Firefox) and ERR_BAD_SSL_CLIENT_AUTH_CERT (Chrome)
I'm running a site in AlmaLinux 8.8 (Centos) and Apache 2.4.56.
The site has a self-signed certificate.
When I access the site, I get the usual warning due to the self-signed certificate. After ...
- 101
0
votes
1
answer
426
views
Cannot enable OCSP stapling
Windows Server 2022
Apache x64 2.4.57
OpenSSL 3.0.8
My Apache SSL conf has this:
SSLUseStapling On
SSLStaplingCache "shmcb:${SRVROOT}/logs/ssl_stapling(65536)"
...
- 300
0
votes
0
answers
619
views
Apache Redirect HTTP To HTTPS Not Working
I am trying to force redirecting all HTTP traffic to HTTPS using my httpd.conf file on my Apache server.
Expected behaviour: When users visit http://example.com, they should get redirected to https://...
- 11
0
votes
0
answers
325
views
Running Next.JS app on Apache VPS server, can't get HTTPS to work
I have a Next.JS app running on a VPS server on port 1234. I have reversed proxied it via the Apache include for the subdomain with the following lines:
SSLProxyEngine on
ProxyPass /.well-known !
...
1
vote
1
answer
346
views
Apache Server Error After Setting Up SSL Configs
I am running an EC2 Linux 2 AMI and was following an AWS tutorial to enable HTTPS on my server.
But when I try to restart Apache, error seen in the logs:
Apr 10 06:56:40 <maskediphere> systemd[1]...
- 11
1
vote
1
answer
647
views
Local Apache TLS Proxy error on Reverse Proxy for local services
I'm struggle now for a longer time with the following issue:
[gnutls:error] [pid 1878860] [remote 127.0.0.1:8282] ssl_engine_set: mod_proxy requested TLS proxy, but not enabled for piped.[CENSORED].de:...
- 33
0
votes
0
answers
691
views
Can't enable ssl on windows apache24
So, i've already sucessfully installed ssl certificates in apache virtual hosts (2 websites) but i'm unable to access them because every time I activate SSL in httpd.conf apache service wont start
<...
- 1
0
votes
1
answer
1k
views
Enable TLSv1.1 on httpd 2.4.56 running on Docker
I am trying to modernize the infrastructure of a HTTP web service. I want to update the web server to something more recent and secure, but I have to maintain compatibility with some legacy devices in ...
0
votes
1
answer
296
views
Getting not secure warning for www domain
I installed lets encrypt using certbot when I go to the www.domain.com I get this site is not secure error
Found the following certs:
Certificate Name: example.com
Domains: example.com
...
- 1,379
1
vote
1
answer
792
views
How to get RTSPtoWeb to work with with https
We have installed RTSPtoWeb on a spare server on our network, just to see if it works, and it does. It captures the stream from our cameras nicely. I then used the webrtc stream option to successfully ...
1
vote
1
answer
146
views
Memcached error for apache httpd 2.4
I created an EC2 instance with Apache HTTPD 2.4 with mod_ssl version 2.4.34. I've created a Memcached cluster on AWS ElastiCache version 1.6.17 with encryption in transit.
The goal is to have HTTPD ...
- 111
0
votes
1
answer
799
views
Setting up SSL in Apache2 with backend docker app
I'm running Ubuntu server (18.04) on an Azure VM, with Apache2 (2.4.29). I have a backend app running in docker on the same host that is called by my site. This works easy enough without SSL. I added ...
- 1
0
votes
0
answers
331
views
apache2 suddenly failing to serve https
apache2 v.2.41 on Ubuntu 20.04.5 LTS (WSL2) is suddenly not connecting over https, in browser or via wget.
It's been working for months, and I haven't changed anything.
I tried restarting Apache; it's ...
- 123
0
votes
1
answer
2k
views
Apache virtualhost port 443 serves content from port 80 configuration
I'm running Apache 2.4.52 on Ubuntu Server 22.04.
I'm trying to run https through port 443, eventually aiming to have a redirect from port 80 to force content on https. However, Apache seems to be ...
- 21
1
vote
3
answers
242
views
Apache: How to "hide" a subdomain but serve over https
I will freely admit my ignorance - or perhaps enough knowledge to be dangerous.
I have a subdomain http://db.<mydomain>.com that serves the phpMyAdmin utility. It's currently in a directory with ...
- 53
0
votes
1
answer
2k
views
Cloudflare Tunnel without having to also use noTLSVerify?
I’ve got a simple domain setup on an Ubuntu server running Apache (literally just displays a static HTML file); I set it up with LetsEncrypt and it was working without issue. I wanted a bit more ...
- 1
1
vote
0
answers
305
views
The Let's Encrypt cert doesn't work on Apache and FreeBSD
Our server administrator installed via Certbot the free Let's Encrypt certificate on our server with FreeBSD. But the cert doesn't work and we can't understand how exaclty we should configure the file ...
- 11
0
votes
1
answer
232
views
Apache Server security issues
our security auditor scanned our system and here is what come up on the apache server :
-Server header: Apache exposed on port: 80
-Server header: Apache exposed on port: 443
Here are some lines in ...
- 3
0
votes
1
answer
467
views
How can I run TLS on Apache2 Proxy behind port forwarding
I have a problem with apache2 proxy in TLS using port forwarding. I manage to make it work correctly in HTTP, but as soon as I try to make it work in HTTPS, Apache shows the message
Service ...
- 3
0
votes
1
answer
3k
views
Apache HTTPS not works, HTTP works
OS: Ubuntu Server 20.40.
WebServer: Apache2
SSL: OpenSSL
SSL Module enabled
SSL files copied on server
SSL site configurated (above the code)
Apache Syntax: OK
Firewall: disabled
HTTP request works
...
- 1
1
vote
1
answer
42
views
Advice on a catch all for https incoming but no cert installed
I am trying to think of an elegant way to handle an SSL / HTTPS issue we are having. I have read THIS QUESTION but it raises a slightly larger question in my case.
Say I have these domains installed ...
- 356
6
votes
1
answer
4k
views
My browser will not display http://[sub.]example.com
When I go to http://sub.example.com in my browser I get a "connection refused" message or an "invalid certificate" error but I don't even want to connect over https.
As far as I ...
- 6,061
-2
votes
1
answer
1k
views
What Cipher Suites to use with OpenSSL 1.1.1 for TLSv1.3?
What cipher suites to use with OpenSSL 1.1.1 for TLSv1.3?
I really want it to be AES56 or CHACHA20.
- 132
3
votes
1
answer
1k
views
Apache, redirect a client instead of showing HTTP/HTTPS error
If a web admin configures an HTTPS/SSL vhost on a custom port (e.g. 4433) and a browser connects to that vhost but using HTTP (http://vhost:4433), is there any way to configure apache to rather issue ...
- 222
0
votes
1
answer
2k
views
Apache is not using SSLProtocol & SSLCipherSuite directive configuration
I am trying to set up HTTPS in my web server. I got error Error code: SSL_ERROR_NO_CYPHER_OVERLAP in firefox and ERR_SSL_VERSION_OR_CIPHER_MISMATCH in chrome. I looked it up and i found that my SSL ...
- 11
1
vote
1
answer
229
views
How many SSL certificates you need - aspnet core + Apache reverse proxy?
When you deploy aspnet core app on Linux you normally do it through reverse-proxy. I.e. Kestrel hosts the app and Apache handles the public internet traffic talking to Kestrel.
So Kestrel and Apache ...
- 762
0
votes
2
answers
2k
views
Log the ssl certificate that apache is using for each SSL connection, for enhanced loging & debugging
I have an apache web server, with mod_ssl & SSL certificates from letsencrypt. certbot reports they are fine and not expiring. A few different (of my many users) report that they get invalid/...
- 32.5k
0
votes
0
answers
2k
views
Disabling weak cypher suites in apache
I want to disable the following weak cypher suites in my apache server:
List of ciphers
This thread explains how to do it:
Disable TLS cipher suites
However, my ssllabs report shows that many weak ...
3
votes
1
answer
17k
views
Apache reverse proxy with self-signed certificate
I run a Unifi hardware appliance which comes with a self-signed certificate, issued on unifi.local. For my current setup, it's not an option to import a certificate on the appliance directly for ...
- 155
0
votes
1
answer
2k
views
A valid Root CA Certificate could not be located, the certificate will likely display browser warnings
i'm trying to get Telegram Webhook working with my local machine but it doesn't make requests. I think it's bc of certificate issue
Here's what geocerts.com/ssl-checker says:
screenshot
Here's my ...
- 103
1
vote
2
answers
2k
views
Apache serving HTTP instead of HTTPS
I recently upgraded from Apache 2.2 to 2.4 (I know, I'm slow to upgrade, don't hate me). I have the following virtual host:
<VirtualHost _default_:30000>
DocumentRoot /opt/phpmyadmin
...
- 689
1
vote
0
answers
166
views
Why would TLS version in one config cause another to break?
I have an Apache proxy that has several VHosts. Some of these are legacy configs that were before my time. Long story short, I removed some .crt files on the server that had expired, and forgot to ...
- 368
2
votes
0
answers
588
views
Initial connection (TCP handshake) takes 150 seconds first time with https only, but normal from then onwards - Apache - AWS EC2 - Route 53
I'm new to web deployment. I have this at this stack at the moment:
Django
Apache
EC2
Route 53
Namecheap
When I access the website through the public IPv4, it is instantaneous.
However, when I ...
- 21
1
vote
0
answers
173
views
How to configure the apache authorization chain for Kerberos (mod_auth_kerb) and SSL?
What directives and conditions to configure the Apache configuration as follows:
We try to authorize through Kerberos.
If successful (What condition to use?), Then we redirect to URL1.
Otherwise, we ...
0
votes
2
answers
297
views
Apache Configuration for A Container+Subdomain's SSL
In January I configured and installed SSL certificates for two subdomains. After that, I then connected two docker containers to those subdomains.
That configuration's SSL was "working" ...
- 101
1
vote
0
answers
625
views
How to proxy a subdomain to a port in apache
I want to proxy git.example.com to example.com:3000 for gitea. I also want to enable https on the subdomain.
Here is my configuration:
<VirtualHost *:443>
ServerAdmin [email protected]
...
- 11