I have created a self-signed SSL certificate for the localhost CN. Firefox accepts this certificate after initially complaining about it, as expected. Chrome and IE, however, refuse to accept it, even after adding the certificate to the system certificate store under Trusted Roots. Even though the certificate is listed as correctly installed when I click … Read more
I’m adding HTTPS support to an embedded Linux device. I have tried to generate a self-signed certificate with these steps: openssl req -new > cert.csr openssl rsa -in privkey.pem -out key.pem openssl x509 -in cert.csr -out cert.pem -req -signkey key.pem -days 1001 cat key.pem>>cert.pem This works, but I get some errors with, for example, Google … Read more
First off my server is sitting behind a load balancer. My SSL certificate sits on the load balancer and handles HTTPS. The data coming in on port 443 is forwarded to the WordPress server using HTTP on port 80. However, wordpress and php do not know my server configuration. This causes the browser to get … Read more
We purchased an SSL certificat from network solutions (would never recommend them to my worst enemy, btw). Apparently it’s activated… did a few checks that says it’s activated for our domain. But when I put in https://www.texasshredderclassic.com the entire site breaks. To be more specific, by “breaks,” I mean it completely disables the CSS, and … Read more
I normally use this argument to prevent errors with wp_remote_get and wp_remote_post array( ‘sslverify’ => false ) For security reasons I would like to set it to true (or remove it since the default is true). Should I expect any problems by doing that? 3 TL;DR: Yes, remove that setting as of WordPress 3.7 or … Read more
Unfortunately – it could be many things – and lots of app servers and other java ‘wrappers’ are prone to play with properties and their ‘own’ take on keychains and what not. So it may be looking at something totally different. Short of truss-ing – I’d try: java -Djavax.net.debug=all -Djavax.net.ssl.trustStore=trustStore … to see if that … Read more
The SimpleFTP class/library does not support TLS/SSL at all. Use the FTPSClient class from the Apache Commons Net library instead. See the official example for the FTPClient class and just substitute the FTPClient with the FTPSClient. FTPSClient ftpClient = new FTPSClient(); ftpClient.connect(host); ftpClient.login(user, password); The FTPSClient class defaults to an explicit TLS/SSL (recommended). In a rare case you need an implicit TLS/SSL, use new FTPSClient(true).
The handshake failure could have occurred due to various reasons: Incompatible cipher suites in use by the client and the server. This would require the client to use (or enable) a cipher suite that is supported by the server. Incompatible versions of SSL in use (the server might accept only TLS v1, while the client … Read more
SSL peer shut down incorrectly in Java
Does your cacerts.pem file hold a single certificate? Since it is a PEM, have a look at it (with a text editor), it should start with —–BEGIN CERTIFICATE—– and end with —–END CERTIFICATE—– Finally, to check it is not corrupted, get hold of openssl and print its details using openssl x509 -in cacerts.pem -text
