ssl – Tarik Billa

How to create a self-signed certificate for a domain name for development

April 15, 2024 by Tarik

Using PowerShell From Windows 8.1 and Windows Server 2012 R2 (Windows PowerShell 4.0) and upwards, you can create a self-signed certificate using the new New-SelfSignedCertificate cmdlet: Examples: New-SelfSignedCertificate -DnsName www.mydomain.example -CertStoreLocation cert:\LocalMachine\My New-SelfSignedCertificate -DnsName subdomain.mydomain.example -CertStoreLocation cert:\LocalMachine\My New-SelfSignedCertificate -DnsName *.mydomain.example -CertStoreLocation cert:\LocalMachine\My Using the IIS Manager Note that IIS certificates use SHA-1 hashing, which isn’t … Read more

Kubernetes add ca certificate to pods’ trust root

April 10, 2024 by Tarik

Updated Edit read option 3: I can think of 3 options to solve your issue if I was in your scenario: Option 1) (The only complete solution I can offer, my other solutions are half solutions unfortunately, credit to Paras Patidar/the following site 🙂 Add certificate to config map: lets say your pem file is … Read more

import self signed certificate in redhat

April 9, 2024 by Tarik

I don’t know of a way to import a specific site-cert into OpenSSL’s trust db (I wish I did!), but since you’re talking about a self-signed cert we can approach it by importing your cert as new trusted CA cert. Warning though: you’re also going to be trusting any sites that are signed by that … Read more

Nginx configuration leads to endless redirect loop

April 4, 2024 by Tarik

I’ve toyed around with a bunch of these answers but nothing worked for me. Then I realized since I use Cloudflare the problem may not be in the server but with Cloudflare. Lo and behold when I set my SSL to Full (Strict) everything works as it should!

Nginx – Only enable SSL if SSL Certificates Exist

April 2, 2024 by Tarik

You can create an additional file ssl.conf and put here ssl configs: ssl_certificate /etc/nginx/certs/atvcap_cabundle.crt; ssl_certificate_key /etc/nginx/certs/atvcap.key; Then include from the main config: server_name atvcap.server.com; include /somepath/ssl.conf*; Make sure to include * symbol – this will not break when the file does not exist at development mode.

OpenSSL client certificates vs server certificates

January 9, 2024 by Tarik

Server Certificates: Server Certificates are identitiy of a Server to presented by it during SSL handshake. Typically they are issued by a certificate authority (CA) well known to client, The basis on which the certificate is issued is possession of some publicly known Identifier of that server, for Webserver its the Hostname of the server, … Read more

SSL Pinning and certificate expiry

January 8, 2024 by Tarik

Note: I’m more familiar with browser to server pinning (HTTP Public Key Pinning – HPKP) rather than app to server pinning, but I presume the principal is the same. In HPKP the pinning policy is provided by the server as a HTTP header but understand this is often built into the app rather than read … Read more

TLS with selfsigned certificate

January 6, 2024 by Tarik

It finally worked with the go built in x509.CreateCertificate, the problem was that I did not set the IsCA:true flag, I only set the x509.KeyUsageCertSign which made creating the self signed certificate work, but crashed while verifying the cert chain.

Google Managed SSL Certificate Stuck on FAILED_NOT_VISIBLE

January 5, 2024 by Tarik

HTTP to HTTPS Nginx too many redirects

December 29, 2023 by Tarik

Since you are using cloudflare flexible SSL your nginx config file wll look like this:- server { listen 80 default_server; listen [::]:80 default_server; server_name mydomain.com www.mydomain.com; if ($http_x_forwarded_proto = “http”) { return 301 https://$server_name$request_uri; } root /var/www/html; index index.php index.html index.htm index.nginx-debian.html; location / { try_files $uri $uri/ =404; } location ~ \.php$ { include … Read more