Archives
- February 2024
- December 2023
- October 2023
- June 2023
- April 2023
- August 2016
- June 2016
- May 2016
- February 2016
- December 2015
- October 2015
- May 2015
- April 2015
- January 2015
- December 2014
- November 2014
- October 2014
- January 2014
- December 2013
- November 2013
- October 2013
- August 2013
- July 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- April 2012
Categories
Meta
Category Archives: OPENSSL and TLS
Determine which SSL Ciphers are running on your site
To determine which SSL Ciphers your site supports, you can run this (rather intrusive) nmap command:nmap -sV –script ssl-enum-ciphers -p 443 <hostname> From the command line on the server, you can run this command:sslscan -show-ciphers <hostname>:443
Posted in Apache, Linux, OPENSSL and TLS
Comments Off on Determine which SSL Ciphers are running on your site
Diagnosing SSL received a record that exceeded the maximum permissible length
If you setup an ssl cert but are getting the following: SSL received a record that exceeded the maximum permissible length. 1) Check that netstat -ntlp shows httpd listening on 443 2) Check that port 443 is open in iptables … Continue reading
Posted in Linux, OPENSSL and TLS
Comments Off on Diagnosing SSL received a record that exceeded the maximum permissible length
Force phpMyAdmin to https
1) Using Apache .htaccess (this can also be put in the httpd.conf if you don’t use .htaccess files): RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/directory(.*)$ https://%{HTTP_HOST}/directory$1 [L,R] 2) Using phpMyAdmin’s config.inc.php file: ** place this at the end of the … Continue reading
Posted in Linux, OPENSSL and TLS
Comments Off on Force phpMyAdmin to https
Verifying port 443
openssl s_client -connect localhost:443 CONNECTED(00000003) 4504:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:588:
Posted in Linux, OPENSSL and TLS
Comments Off on Verifying port 443
Checking whether a security cipher (ECDSA) is available
[root@ssltest test]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.3 (Santiago) [root@ssltest test]# openssl version OpenSSL 1.0.0-fips 29 Mar 2010 [root@ssltest test]# openssl ciphers -v | grep ECDSA
Posted in Linux, OPENSSL and TLS
Comments Off on Checking whether a security cipher (ECDSA) is available
Translating Apache’s SSL Cipher Suite Directive
You can translate that to a readable list of algorithms with this command: openssl ciphers -v ‘ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP’ Read more on this site: http://unhandledexpression.com/2013/01/25/5-easy-tips-to-accelerate-ssl/
Posted in Linux, OPENSSL and TLS
Comments Off on Translating Apache’s SSL Cipher Suite Directive
Checking whether a key and cert match using openssl
openssl rsa -noout -modulus -in server.key | openssl md5 openssl x509 -noout -modulus -in server.crt | openssl md5
Posted in Linux, OPENSSL and TLS
Comments Off on Checking whether a key and cert match using openssl