ssl-certificate – Tarik Billa

Multiple subdomains with lets encrypt

April 10, 2024 by Tarik

Prior to support for wildcards I found it necessary to explicitly list each domain on a certificate in the form … -d example.com -d www.example.com -d blog.example.com -d www.blog.example.com … (which due to complexities in the odd mix of redirected domains I’m using worked best with the –webroot authentication). Thanks to Trojan’s explanation and documentation … Read more

How to convert a .cer to a .p12 file

February 16, 2024 by Tarik

What works for me dealing with Push Notification certifies has been: Open the certificate: open my_filename.cer and click “View Certificates” to see the certificate’s name Go to Applications -> Utilities -> Keychain Access Ensure you have selected the “login” keychain, not the “system” one (thanks to @Matt Flettcher ) Go to “Certificates” Look for the … Read more

Why can’t one SSL certificate be used for multiple machines?

December 21, 2023 by Tarik

The SSL Cert is bound to the actual host name. If you have an SSL cert for “qa.example.com”, it won’t work on your machine named “dev.example.com”. Perhaps that’s the issue you’re having.

How to convert .crt cetificate file to .pfx

November 29, 2023 by Tarik

I have solved this issue by converting this .crt file into a .pfx file using following method. To convert .crt to .pfx, we need CSA certificate (Private Key) provided by hosting provider. Below are the steps to convert this: Download and install OpenSSL software from below link based on your system type https://slproweb.com/products/Win32OpenSSL.html Run the … Read more

Can a SSL certificate be signed by multiple certificate authorities?

September 22, 2023 by Tarik

No, the X509 certificate format up to version 3 is designed to contain exactly one signature.

How do I use let’s encrypt with gitlab?

September 7, 2023 by Tarik

The by far best solution I was able to find for now is described in this blog post. I won’t recite everything, but the key points are: Use the webroot authenticator for Let’s Encrypt Create the folder /var/www/letsencrypt and use this directory as webroot-path for Let’s Encrypt Change the following config values in /etc/gitlab/gitlab.rb and … Read more

“The parameter is incorrect” error using “netsh http add sslcert”

March 1, 2023 by Tarik

In PowerShell, just type as follows. First get into netsh HTTP mode and then add sslcert. It’s worked for me. netsh In the netsh session: http add sslcert ipport=0.0.0.0:13286 appid='{a5455c78-6489-4e13-b395-47fbdee0e7e6}’ certhash=<thumprint without space>

How to add Certificate Authority file in CentOS 7

January 29, 2023 by Tarik

copy your certificates inside /etc/pki/ca-trust/source/anchors/ then run the following command update-ca-trust

Wildcard SSL on sub-subdomain [closed]

November 13, 2022 by Tarik

A wildcard SSL certificate for *.example.net will match sub.example.net but not sub.sub.example.net. From RFC 2818: Matching is performed using the matching rules specified by RFC2459. If more than one identity of a given type is present in the certificate (e.g., more than one dNSName name, a match in any one of the set is considered … Read more