Tag: Certificate

Landscape self sign certificate Ubuntu 18.04LTS

When i run this $ /usr/lib/ssl/misc/CA.pl -signreq

I get this error: Unknown arg "-signreq" Use -help for help.

From link https://help.landscape.canonical.com/LDS/SSL

I’m following the steps in order on a ubuntu 18.04lts server. Any idea what is wrong?

UPDATE Docs are wrong for “Signging your certificate”. Change:

$   /usr/lib/ssl/misc/CA.pl -signreq  # TO  $   /usr/lib/ssl/misc/CA.pl -sign

How do you create a self signed certificate ubnuntu 18.04LTS? I tried following the docs at https://help.landscape.canonical.com/LDS/SSL and it does not work. I can’t sign for more than 365 days even though i changed days in the CA.pl to 10950. When registering a new client i still get

certificate subject name (ctrl-server1) does not match target host name 'tst.ctrl-server1.com' even though i re-generated another certificate after changing apache site

Verify S/MIME signature with no certificate included

Let’s sign a file with

 $   openssl smime -sign -in file -out file.sign -outform DER -inkey private.pem -signer certificate.pem -nocerts

With the option -no certs no certificate is included in file.sign.

Now if you try to verify file.sign:

$   openssl smime -verify -in file.sign -inform DER -content file -noverify certificate.pem

You get

Verification failure 139909488150168:error:2107C080:PKCS7 routines:PKCS7_get0_signers:signer certificate not found:pk7_smime.c:466:

The example works, if you sign without -nocerts of course.

But is there are way to tell openssl verify how to find the certificate ?

iOS and Burp Suite Certificate – Impossible to trust certificate?

I have the same question as this guy and it seems like trusting SSL certificates on the iPhone does nothing — it’s essentially broken, from what I can tell.

I have proxied my WiFi traffic to my BurpSuite instance in my VM (which is bridged), and I can see the traffic initiated in BurpSuite, but it doesn’t connect from my phone. It just says:

Safari cannot open the page because the network connection was lost.

Just to confirm, I have downloaded the certificate by navigating to https://burp from my iPhone, clicked on the “CA Certificate” button in the top right corner, and then trusted the certificate by going through the following steps:

  1. Navigated to Settings -> General -> Profile -> PortSwigger CA -> Installed this.
  2. Navigated to Settings -> General -> About -> Certificate Trust Settings -> Enabled the Port Swigger CA certificate.
  3. Rebooted phone.

Nothing works. Still can’t browse to https://www.google.com because of the same “connection lost” error.

Does anyone actually know how to get this to work properly?

Using Cloudflare origin certificate in google app engine

A relevant question was posted in 2016 (https://stackoverflow.com/questions/37079547/cloudflare-origin-certificate-with-google-app-engine)

The cloudflare documentation is dated Apr 2019 (https://support.cloudflare.com/hc/en-us/articles/115000479507). It says

enter image description here

but it is difficult to assert if this particular section has been reviewed recently.

I am not sure if the situation has changed since.

I decided to give it a go. Here is the screen shot of the Google App Engine interface:

enter image description here

I downloaded the origin cert and the private key. I have uploaded the cert. And then convert the key by running

openssl rsa -in priv_key.pem -out priv_key.rsa.pem

When I hit upload I got the following error:

The certificate data is invalid. Please ensure that the private key and public certificate match

I am pretty sure they are the matching since I have just downloaded them minutes ago.

My questions are:

1) Can GAE accept Cloudflare origin certificate?

2) Did I miss any step when I prepare the origin cert for GAE?

Event ID 15021 HttpEvent on a wildcard SSL certificate but only get the error on a couple sites

I have IIS running on Windows Server 2012 R2. I have a wildcard SSL certificate on 14 subdomains. I’m seeing a lot of errors in the Event Viewer.

Event ID: 15021 Source: HttpEvent

An error occurred while using SSL configuration for endpoint my.domain.com:443. The error status code is contained within the returned data.

However, I’m only getting this error on 2 of the sites, the other 12 are not logging this error. The 2 sites creating this error load up fine in a web browser. I’ve checked the binding in IIS and they both have the wildcard SSL selected.

If there is a certificate problem, I would expect this error coming from all 14 sites, not just 2 of them.

Though those 2 sites load fine in a browser, I’m not comfortable seeing thousands of these errors on our two biggest sites.