UPWORK/ODESK guru: Tips and Tricks for clients

skype: odesk.by / upwork.link , email: info@odesk.by/upwork.link

Archive for the ‘SSL’ Category

SSL/Apache/Nginx: Enabling Perfect Forward Secrecy

without comments

How to Configure Apache for Forward Secrecy

Add the following lines to your configuration:

  1. SSLProtocol all -SSLv2 -SSLv3
  2. Read the rest of this entry »

Written by spectre

December 12th, 2014 at 2:03 pm

Posted in SSL

CSR Generation: Using OpenSSL (Apache w/mod_ssl, NGINX, OS X)

without comments

Generating a Certificate Signing Request (CSR) using OpenSSL (Apache & mod_ssl, NGINX)

A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the web form in the enrollment process:

Read the rest of this entry »

Written by spectre

January 21st, 2014 at 1:36 pm

Posted in SSL

Namecheap SSL

without comments

How do I generate a CSR code?

CSR code has to be generated on side of the company that provides hosting services for site that you want to secure with SSL certificate. Which means that your hosting company is the one that should generate a CSR code upon your request.

Read the rest of this entry »

Written by spectre

January 21st, 2014 at 1:30 pm

Posted in SSL

Generate a self-signed SSL certificate with subjectAlternateName extension

without comments

It’s often useful to create self-signed SSL certificates for testing or when you don’t need the authentication that CA signing provides. I started with Akadia’s handy tutorial on self-signing here: http://www.akadia.com/services/ssh_test_certificate.html.

Read the rest of this entry »

Written by spectre

December 30th, 2013 at 12:39 am

Posted in SSL

View the details of a certificate signing request with openssL

without comments

openssl req -in request.csr -noout -text

Written by spectre

December 30th, 2013 at 12:26 am

Posted in SSL

Openssl certificate decoder in command line

without comments

openssl x509 -in certificate.crt -text -noout

Written by spectre

December 30th, 2013 at 12:07 am

Posted in SSL

Using a self-generated Certificate Authority for OpenSSL

without comments

I’ve been using self-signed certificates for a while – but – that means getting the users to approve them each time they change. Instead – lets generate a Certificate Authority (CA) certificate with a reasonably long life – get them to install that and then new certificates signed with that will be valid for them.

We will install a CA area on /etc/ssl/ca and then create a certificate signed with this.

Read the rest of this entry »

Written by spectre

December 5th, 2013 at 11:54 pm

Posted in SSL