Fixing Chrome 58+ [missing_subjectAltName] with openssl when using self signed certificates ca root ssl

Since version 58, Chrome requires SSL certificates to use SAN (Subject Alternative Name) instead of the popular Common Name (CN), thus CN support has been removed. If you’re using self signed certificates (but not only!) having only CN defined, you get an error like this when calling a website using the self signed certificate: Here’s howSeguir leyendo

Guide to Deploying Diffie-Hellman for TLS ( Weak Diffie-Hellman and the Logjam Attack )

Guide to Deploying Diffie-Hellman for TLS Our study finds that the current real-world deployment of Diffie-Hellman is less secure than previously believed. This page explains how to properly deploy Diffie-Hellman on your server. We have three recommendations for correctly deploying Diffie-Hellman for TLS: Disable Export Cipher Suites. Even though modern browsers no longer support exportSeguir leyendo

Setting up a SSL Cert from Comodo

Setting up a SSL Cert from Comodo   These are the steps I went through to set up an SSL cert. Purchase the cert Prior to purchasing a cert, you need to generate a private key, and a CSR file (Certificate Signing Request). You’ll be asked for the content of the CSR file when orderingSeguir leyendo

SSL on all websites free for 90 days

https://letsencrypt.org/ https://www.sslforfree.com/   How It Works Let’s Encrypt is the first free and open CAWe generate certificates using their ACME server by using domain validation. Private Keys are generated in your browser and never transmitted.For modern browsers we generate a private key in your browser using the Web Cryptography API and the private key isSeguir leyendo