Collaborate Disseminate
I was setting up a private docker repository and by mistake, I included the server certificate without a full certificate chain.
I can access the repository (https://privserver1.64hosts.com:5004/) with Chrome, and Chrome reports the SSL ce… Continue reading Why do some SSL clients need a full certificate chain and others don’t? [duplicate]
I have difficulties understanding socks5 proxies.
I would like to know if I can avoid socks5 proxies seeing the traffic between the client and destination. I would like to achieve something similar to http CONNECT where the client and the … Continue reading Can socks5 proxies work similiar to http connect?
For educational purposes, I am assembling a private network to act as a small sized company using BIND9 and OpenLDAP on FreeBSD 14.1 machines.
The private networks’ DNS servers, NS1 on 172.21.0.20 and NS2 on 172.21.0.10, map the internal d… Continue reading TLS certificates on a network drive/storage
I’ve heard numerous times that Few CAs offer IP-based SSL/TLS certificates.
This question seems extremely similar, but what the accepted answer says is:
Usual commercial CA won’t accept to encode IP addresses in certificates, in particula… Continue reading Is there a security reason why few CAs offer IP-based SSL/TLS certificates?
I am running testssl scan on an http port, after running the scan I got some errors highlighted in red.
The main one that I noticed is that certificate does not have SAN.
testlssl output:
subjectAltName (SAN) missing (NOT ok) — Br… Continue reading Is missing SAN in certificate a security issue?
If i have a cluster where all the nodes share a single certificate and private key does it count as mutual TLS? Technically both parties in the communication have a certificate and present it to each other.
Continue reading Setting up mutual TLS with a shared certificate
I implement a server application in .NET. I just want to know which security headers I need to set if I use HTTPS. I know about the HttpOnly and SameSite Cookies. OWASP has a recommendation HTTP Headers Cheat Sheet but do I need every sing… Continue reading Which security Headers for HTTPS?
In the interest of security, is it safe to use HTTP (and not HTTPS) on a website where no sensitive information is being transmitted?
On a website that is purely informational, for example, and doesn’t even have the option to make an accou… Continue reading Is it safe to use HTTP if no sensitive information is being transmitted? [duplicate]
I go to a secondary school and want to use my Macbook Air to type out long essays. The school won’t allow anyone to connect to the WiFi unless we download an SSL certificate (the file is labelled as WebScreenCert). I’ve researched it and t… Continue reading My school wants me to download an SSL certificate to connect to WiFi. Can I just avoid doing anything private while on the WiFi?
Where can I get the definitive list of weak ciphers? Various tools are listing ciphers as weak but these vary somewhat. Which CBC ciphers specifically currently suffer with known weaknesses and where can I get more information on this?
The… Continue reading Weak SSL/TLS Ciphers