Explore information related to ssl


Connect AWS RDS SQL Server with AWS Glue


This article covers the simple steps to Connect AWS RDS SQL Server with AWS Glue. In fact, The AWS Glue service is an ETL service that utilizes a fully managed Apache Spark environment.


AWS Glue can connect to the following data stores through a JDBC connection:

  • Amazon Redshift.
  • Amazon Aurora.
  • Microsoft SQL Server.
  • MySQL.
  • Oracle.
  • PostgreSQL.
  • Amazon RDS for MariaDB.


Can AWS Glue connect to SQL Server?

AWS Glue can also connect to a variety of on-premises JDBC data stores such as PostgreSQL, MySQL, Oracle, Microsoft SQL Server, and MariaDB. AWS Glue ETL jobs can use Amazon S3, data stores in a VPC, or on-premises JDBC data stores as a source.

Read More



Enable Git on Virtualmin - Best way to do it ?


This article covers steps to enable Git on Virtualmin. 

To do this:

  • Go to Webmin -> Webmin Configuration -> Webmin Modules.
  • In the From ftp or http URL field, enter the URL .http://download.webmin.com/download/plugins/virtualmin-git.wbm.gz .
  • Click the Install Module button.


Once the plugin is installed, you can enable it in Virtualmin as follows :

  • Go to System Settings -> Features and Plugins.
  • Check the box in the left hand column next to Git repositories.
  • Click Save.

Read More



Webmin "Error code ssl_error_rx_record_too_long" - Fix it Now ?


This article covers how to troubleshoot "Error code ssl_error_rx_record_too_long" in Webmin. Usually the ssl_error_rx_record_too_long error means that the service is not speaking in SSL - for example, if you try to access an http-only service via https. 

Are you sure that webmin is set up to talk in ssl on port :10000?

Read More



Autossl 403 (Forbidden) error – Fix it Now ?


This article covers AutoSSL not working on cPanel / WHM.

To fix it, just try to assign 755 permissions and the correct owner to your public_html directory:

$ chmod 755 /home/user/public_html -v
$ chown user.user /home/user/public_html/ -R

Make sure you change user.user with your real cPanel user for that website.

Read More



DirectAdmin error "can't connect to ssl" - Fix it Now ?


This article covers methods to fix DirectAdmin error "can't connect to ssl" for our customers. Every SSL/TLS connection begins with a "handshake" – the negotiation between two parties that nails down the details of how they’ll proceed. The handshake determines what cipher suite will be used to encrypt their communications, verifies the server, and establishes that a secure connection is in place before beginning the actual transfer of data. This all happens in the background, thankfully – every time you direct your browser to a secure site a complex interaction takes place to make sure that your data is safe.

Read More



Prestashop error err_too_many_redirects - Fix it Now ?


This article covers methods to tackle 'err_too_many_redirects' Prestashop error which generally affects certain pages in Prestashop admin panel. The ERR_TOO_MANY_REDIRECTS in your Chrome browser indicates that the page you're attempting to visit is caught in a "redirect loop". The phrase "redirect loop" simply means that the site you're visiting can't stop trying to send your browser to a different location.

Read More



Securing RDP Connections with Trusted SSL/TLS Certificates


This article covers how to secure RDP Connections with Trusted SSL/TLS Certificates. 


To Check What Certificate RDP Is Using

You can check the thumbprint of the certificate the server is using. Windows Key+R > Regedit {Enter} > Navigate to:

HKEY_LOCAL_MACHINE
> SYSTEM > CurrentControlSet > Control > Terminal Server > WinStations > TemplateCertificate

You can check this with the actual Certificate> Windows Key+R > mmc {enter} > File > Add/Remove Snap-in > Certificates > Local Computer > Open Certificates > Personal > Certificates > Locate the certificate you ‘Think’ RDP is using and you can compare its thumbprint with the registry key.

Read More



Let's Encrypt with Cloudflare - How to Configure ?


This article covers how to set up Let's Encrypt and Cloudflare Universal SSL for end-to-end encryption. Basically, Improper configuration settings while using Let's Encrypt, could cause connection errors.

Cloudflare will act as the CDN while Let's Encrypt performs the SSL (HTTPS) encryption (in lieu of Cloudflare's Universal SSL).


Let's Encrypt is great, but it's not really a comparison with Cloudflare, you can use them both. I use Lets Encrypt on my server with Cloudflare. What we suggest is that you should first get Lets Encrypt installed on your domain and make sure it works.



To add lets encrypt to Cloudflare:

1. Set up the domain.

2. Verify the Let's Encrypt certificate has been issued.

3. Sign up for Cloudflare.

4. Update nameservers and verify.

Read More



Configure SSL / TLS in Nagios Log Server - How to do it ?


This article covers how to configure SSL/TLS in Nagios Log Server. SSL/TLS provides security between the end user's web browser and Nagios Log

Server by encrypting the traffic. This guide is intended for use by Nagios Log Server Administrators who require encrypted connections to their Nagios Log Server.

Read More



NRPE Command Plugin Not Defined - How to fix it ?


This article covers methods to resolve 'NRPE Command Plugin Not Defined' for our customers.

This error is very straight forward. Usually this is caused by a mismatch between the command name declared in Nagios XI to be check through NRPE and the actual command name of the command directive in the remote host's nrpe.cfg file.

This problem will occur in versions of check_nrpe before v3. 

What is happening here is that the initial -c check_users is being overwritten by the -a -w 5 -c 10, as check_nrpe thinks the -c 10 argument is the command argument, not one of the -a arguments.

Read More



Cloudflare err_ssl_protocol_error - Fix it Now ?


This article covers methods to resolve Cloudflare ERR_SSL_PROTOCOL_ERROR. Basically, this error happens as a result of a number of reasons that include wrong DNS settings, SSL mode, TLS version or issues with SSL certificate. 


To fix this error,

1. If you are not the site owner, contact the site owner and let them know you are having issues accessing their site.

2. The domain name has not fully been set to use Cloudflare yet. Check to see if there are non-Cloudflare nameservers that are conflicting with the assigned Cloudflare name servers.

3. You are signed up for Cloudflare, but you have set a DNS record to :grey:. If you have a subdomain or hostname and that serves HTTP/HTTPS traffic, we would advise that you :orange: this DNS record to take advantage of Cloudflare’s security and performance features. See What subdomains are appropriate for :orange:/:grey: clouds? 69

4. The Free Universal SSL certificate hasn’t yet been deployed, :grey: (deactivate) Cloudflare so that your website can continue to use your origin’s SSL certificate. Wait 24 hours and :orange: (activate) Cloudflare again to see if your SSL certificate has been successfully deployed.

5. You have some conflict with TLS 1.3, disable it and see if you still encounter the error.

6. You have selected Full SSL (strict) under your SSL/TLS app, but your origin does not have a valid certificate (i.e., it is expired, self-signed, or not issued by a trusted CA). Temporarily select another SSL option until you have a valid origin certificate in place.

7. Try to look at developer web console (firefox Ctrl+Shift+K) - anything interesting under Security tab.

8. Also, Try to run the command curl -vk on the affected domain.

Read More



No SSL library support - How to fix this Web Agent installation error


This article covers methods of resolving No SSL/library support: Web Agent installation error. This issue arises when you are trying to install a 32bit version of the agent on a 64bit system; the 32bit version of the agentadmin tool cannot open the 64bit SSL libraries.
Therefore, If your operating system does not include native openssl packages, you must install OpenSSL.

To fix this Web Agent installation error on Linux:
1. Ensure you are installing the appropriate version of the agent; if you have a 64bit operating system, you must install the 64bit agent.
2. Ensure either the operating system provides native openssl packages or OpenSSL is installed. If you are using OpenSSL, you can check that the OpenSSL libraries are in the correct location as follows and add them if they are missing:
a. Check that the LD_LIBRARY_PATH environment variable is set. For example: $ echo $LD_LIBRARY_PATH
b. Check that the OpenSSL libraries (libcrypto.so and libssl.so) are available in the path specified in this environment variable (LD_LIBRARY_PATH).

Read More



Secure osTicket with Lets Encrypt SSL Certificates - Do it Now


This article covers how secure osTicket with Let’s Encrypt SSL Certificates. You can use the Certbot to request for SSL certificates from Let's Encrypt Certificate Authority. The tool is not available by default and will need to be installed manually.


To Install certbot certificate generation tool:

1. Install certbot on Ubuntu /Debian:

# Install certbot on Ubuntu /Debian

$ sudo apt update

# Apache

$ sudo apt-get install python-certbot-apache

# Nginx

$ sudo apt-get install python-certbot-nginx


2. Install certbot on CentOS 8 / CentOS 7:

On a CentOS system run either of the following commands:

# CentOS 8

## For Apache

$ sudo yum -y install python3-certbot-apache

## For Nginx

$ sudo yum -y install python3-certbot-nginx

# CentOS 7

## For Apache

$ sudo yum -y install python2-certbot-apache

## For Nginx

$ sudo yum -y install python2-certbot-nginx

Read More



Add user in VestaCP - How to do it


This article covers how to add a user in VestaCP. Vesta control panel (VestaCP) is an open source hosting control panel, which can be used to manage multiple websites, creat and manage email accounts, FTP accounts, and MySQL databases, manage DNS records and so on.


To Add / Edit User in VestaCP:

1. First, click the USER tab on top, then click the green coloured “+” to add a new user.

2. Fill in the details for the new user. Click “Add” when you’ve completed the info.

3. This message will pop up if all the info are filled in correctly.

Now, you will see 2 users to choose from. Access the newly created user by clicking on “Login as (username)”. 

Each user can manage their own web, DNS, mail and database, etc.

You can also perform edit, deletion or suspension of user accounts using the buttons shown in the red box.


To uninstall Vesta Control panel:

1. Stop vesta service. service vesta stop.

Remove vesta packages and software repository. RHEL/CentOS: yum remove vesta* rm -f /etc/yum.repos.d/vesta.repo. Debian/Ubuntu: apt-get remove vesta* rm -f /etc/apt/sources.list.d/vesta.list.

2. Delete data directory and cron.

Read More



Configure Varnish with Apache - How to do it


This article covers how to configure Varnish #cache on the #Apache server. Varnish is an HTTP accelerator and a useful tool for speeding up a server, especially during a times when there is high traffic to a site. 

It works by redirecting visitors to static pages whenever possible and only drawing on the virtual private server itself if there is a need for an active process.

#Varnish is a caching HTTP reverse proxy. It receives requests from clients and tries to answer them from the cache.


Where is varnish configuration file?

The Varnish configuration file will be located in the /etc/varnish directory in CentOS 7. 

To make Varnish work in front of Apache, you will need to set up some basic configurations. 

By default Varnish listens on port 6081 . 

You will need to change port 6081 to 80 so that website requests access the Varnish cache first.


What is varnish WordPress?

Varnish is a full-page cache and HTTP preprocessor which can be used to speed up requests for a WordPress site. 

Setting up Varnish is a technical task, as it requires installing and configuring a system package on a web server, rather than just installing a plugin.

Read More



Zabbix server cant connect to java gateway - Fix it now


This article covers how to fix Zabbix error "Server can't connect to java gateway" by making some changes in the server configuration files and restarting the Zabbix and java gateway. 

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. 

This allows a fast reaction to server problems. 

Zabbix offers excellent reporting and data visualization features based on the stored data. 

This makes Zabbix ideal for capacity planning.

Read More



Install Firejail in Linux


This article will guide you on steps to #install #Firejail in Linux. Basically, Firejail reduces the risk of security breaches by restricting the untrusted applications and separating them from other parts of the system. 

#Sandboxing involves providing a safe environment for a program or #software so that you can play around with it without hurting your system. It actually keeps your program isolated from the rest of the system, by using any one of the different methods available in the #Linux #kernel.

To Install the Firejail Software:

1. Open up a terminal window.

2. Issue the command sudo apt-get install firejail.

3. Type your sudo password and hit Enter.

4. If prompted, type y to allow the installation to continue.

5. Allow the installation to complete.

Read More



Install Microsoft PowerShell on Ubuntu


This article will guide you on steps to install PowerShell on #Ubuntu. #PowerShell is a configuration management tool that brings the capabilities of Linux command-line interface (#CLI) control into the historically point-and-click Windows environment to manage Windows servers efficiently in virtual deployments.

With PowerShell and WSL, we can integrate Linux commands into #Windows just as if they were native applications. 

No need to hunt around for Win32 builds of #Linux utilities or be forced to interrupt your workflow to drop into a Linux shell.

To check the PowerShell version installed in your system, you can use either $PSVersionTable or $host command.

To get a list of PowerShell commands:

1. Get-Command gets the commands from #PowerShell modules and commands that were imported from other sessions. 

2. To get only commands that have been imported into the current session, use the ListImported parameter. 

3. Without parameters, Get-Command gets all of the #cmdlets, functions, and aliases installed on the #computer.

Read More



Logging in Apache More about it


The Apache access logs stores information about events that occurred on your #Apache web #server. Apache web servers also provide administrators with another type of log file called error logs. 

The Apache error log has a logging level that filters the messages sent to the log. Apache #logs nothing for a single page request in warn level.

This log file is used to provide more information regarding a particular error that has occurred on the web server.

By default, you can find the Apache #access log file at the following path:

i. /var/log/apache/access. log.

ii. /var/log/apache2/access. log.

iii. /etc/httpd/logs/access_log.

To enable the Apache #HTTP access logs:

1. Open the Apache HTTP configuration at /Applications/MAMP/conf/apache/httpd.conf.

2. Find this line.

3. Change the line.

4. Restart Apache using the MAMP widgit.

5. Now, view your new logfiles!

Read More



Install SSL Certificate in IIS 7


This article will guide you on steps to #install SSL Certificate in IIS 7 #windows 2008 server. 

IIS (Internet Information Services) is used to host ASP.NET web applications and static #websites. It can also be used as an #FTP server, host WCF services, and be extended to host #web #applications built on other platforms such as #PHP. There are built-in authentication options such as Basic, ASP.NET, and Windows auth.

To install a certificate in Windows Server:

i. In the left pane of the console, double-click #Certificates (Local Computer). 

ii. Right-click Personal, point to All Tasks, and then select Import. 

iii. On the Welcome to the Certificate Import Wizard page, select Next. 

iv. On the File to Import page, select Browse, locate your certificate file, and then select Next.

To enable SSL in IIS:

1. On the #IIS server, start the IIS Manager (on the Windows taskbar, select Start > Administrative Tools > Internet Information Services (IIS) Manager).

2. Enabling SSL in IIS

3. In Type, select https.

4. In SSL certificate, select an appropriate certificate from available choices.

5. Click OK.

Read More



Windows Live Mail Error 0x800ccc0e


This article will guide you on steps to fix #Outlook #Error #0x800ccc0e. Usually, this error occurs due to bad #email settings or because of minor problems with the email server or internet connection. Also, the customer may experience this error while receiving the mail on the email #client.

Try to run Windows Live Mail as Administrator in compatibility mode. Try to re-configure the Windows Live Mail account. Remove the existing WLM account and create a new one. Try reinstalling Windows Essentials 2012 on your Windows 10.

To get rid of Windows Live Mail error:

1. Open your Windows Live mail program.

2. Select the Home tab at the top right of your Windows Live Mail.

3. Click the Outbox to the left. Find any emails that are not sending out.

4. Once you send the email again, you can delete the email in the Outbox. 

The error will go away after the sent email is deleted.

Read More



Security certificate does not specify subject alternative names


This article will guide you on steps to fix #Security certificate does not specify subject alternative names. 

Basically, the #error, Security certificate does not specify subject alternative names trigger if the certificate does not have the correct SubjectAlternativeName extension.

Subject Alternative Names or SANs allow you to secure multiple domains from one SAN SSL certificate. SANs are additional domain names added to an SSL certificate.

To add a Subject Alternative Name to a certificate:

1. If you want to add #SAN, most CAs allow you to reissue a certificate with new details, though this will usually revoke your old certificate. 

2. You don't need the old CSR to reissue a certificate, you can instead create a new CSR with the updated details using a new or existing private key.

The Subject Alternative Name (#SAN) is an extension to the X. 509 specification that allows users to specify additional host names for a single SSL certificate. The use of the SAN extension is standard practice for #SSL #certificates, and it's on its way to replacing the use of the common name.

Read More



Nginx multiple domains SSL Certificates


This article will guide you on steps to resolve common issues with "Nginx multiple domains #SSL". Basically, the multi-domain SSL #certificate offers security for multiple websites.
The technique for hosting more than one domain/subdomain on a single IP address/host is called #virtual #hosts. The http get request contains the domain name that the requests is for which allows the web server to match up the request with a particular virtual domain.
You can host multiple websites on #Nginx:
1. Configure Nginx to Host Multiple Websites.
2. Create Directory Structure.
3. Create Virtual Configuration.
4. Test Your #Websites.
5. Adding PHP-FPM Support to Nginx.

Read More



Wget SSL error How to fix it


This article will guide you on steps to fix #Wget #SSL error which is a generic #error that pops an error message "Unable to establish SSL connection" .
To support encrypted HTTP ( #HTTPS ) downloads, Wget must be compiled with an external SSL library, currently #OpenSSL. If Wget is compiled without SSL support, none of these options are available."
You might need to check whether the version of wget you are using supports #SSL.

Read More



Lets encrypt new auth status 429 error


This article will guide you on methods to troubleshoot and fix 429 error which occurs due to creation of multiple #SSL #certificates for a #domain. 

1. 429 means you went over the rate #limits. 

2. You issued 5 certificates in the last week.  This is why you get a #429 answer.

3. You need to wait two days to get another one. do you have access to the certificates you issued?

Read More



Error code 15 in VestaCP


This article will guide you on different methods to resolve #VestaCP #error code 15 which happens when trying to add #Lets #Encrypt SSL to a domain which already had Lets Encrypt set up.

To Fix SSL/TLS Certificate Error – Invalid SSL #Certificate Error:

1. First, verify whether the #Firewall or #Antivirus program is interrupting #SSL connection. 

2. Clear #cache files, internet browsing history, and cookies.

3. Verify whether the system's date is correct, whether it matches the current time zone.

Read More



Setting up OCSP stapling on Apache


This article will guide you on how to configure OCSP stapling on the Apache server.

To Check if #OCSP #stapling is enabled:

Go to https://www.digicert.com/help and in the Server Address box, type in your server address (i.e. www.ibmimedia.com). If OCSP stapling is enabled, under #SSL Certificate has not been revoked, to the right of OCSP Staple, it says Good.

To Configure your Apache server to use OCSP Stapling:

1. Edit your site's #VirtualHost SSL configuration. 

2. Add the following line INSIDE the <VirtualHost></VirtualHost> block: SSLUseStapling on. 

3. Check the configuration for errors with the Apache Control service. Apachectl -t.

4. Reload the Apache service. service apache2 reload.

Read More



Courier IMAP SSL How to secure your IMAP servers with SSL


This article will guide you on how to fix #IMAP #SSL #error which occurs as a result of incorrect file generation or wrong SSL #port #settings cause problems with the proper functioning of SSL on #courier IMAP SSL servers.

To add SSL support you have to install #OpenSSL or #GnuTLS before installing Courier-IMAP. #Download OpenSSL from http://www.openssl.org/, or GnuTLS from http://www.gnutls.org.

Read More



How to Set Up Multiple SSLs on One IP With Nginx


This article will guide you on how to set up multiple #SSL #certificates on one #IP with #Nginx. 

To set up Multiple SSL Certificates on a Single IP Using Nginx:

1. Domain names should be registered in order to serve the certificates by SNI.

2. Root Privileges to the server.

3. Nginx should already be installed and running on your #VPS. To #install Nginx: # sudo apt-get install nginx.

4. Make sure that #SNI is enabled in the #server.

Read More



SSLRandomSeed cannot occur within VirtualHost section


This article will guide you on how to fix SSLRandomSeed cannot occur within VirtualHost section which triggers when the #SSLRandomSeed directive is specified inside the #VirtualHost section. 

Read More



Send Syslog with SSL TLS to Nagios Log Server


This article will guide you on how to Send #Syslog with #SSL / #TLS to Nagios Log Server by encryption which ensures that the #traffic between the #Linux machine and Nagios Log Server is not sent in plain text.

Read More



Steps to create a Self-Signed SSL Certificate for Apache in CentOS 8


This article will guide you on how to configure #Apache to serve encrypted requests using a self-signed SSL certificate and to redirect unencrypted HTTP requests to #HTTPS. Self-signed #certificates or certificates issued by a private CAs are not appropriate for use with the general public. It can only properly verify the identity of the server when it is signed by a trusted third party because any attacker can create a self-signed certificate and launch a man-in-the-middle attack.

Read More



SSLSessionCache cannot occur within VirtualHost section


This article will guide you on the steps to resolve #SSLSessionCache cannot occur within #VirtualHost section issue. Basically, SSLSessionCache is a file-based #cache of established #SSL sessions.

Read More



Step by step process to Secure Apache with Lets Encrypt on CentOS 8


This article will guide you on the process to secure #Apache with Let’s Encrypt by installing Let's Encrypt #Certbot client, downloading #SSL #certificates for the #domain, and setting up automatic certificate renewal.

The objective of Let's Encrypt and the #ACME protocol is to make it possible to set up an #HTTPS server and have it automatically obtain a browser-trusted certificate, without any human intervention.

Read More



IIS Security for Sites Steps for server hardening


This article will guide you on the process to #secure sites in IIS to prevent site infections or defacing on a #Windows Server include poor file security or poor #configuration. 

In conclusion, the modular nature of #IIS allows for more granular control over web server resources and #security. However, this can either make your #web #applications more or less secure—depending on the person or group responsible for security.

Read More



YUM History command Ways to use it


This article will guide you on #YUM history #command in #Linux which provides a detailed history of YUM #transactions in order to find out information about installed packages and those that where removed/erased from a #system. 

The yum history command allows users to review information about a timeline of Yum transactions, the dates and times they occurred, the number of packages affected, whether transactions succeeded or were aborted, and if the RPM #database was changed between transactions.

Read More



304 not modified error Steps to fix it


An #HTTP 304 not modified status #code means that the website you're requesting hasn't been updated since the last time you accessed it.

Basically, your browser will save (or cache) web #pages so it doesn't have to repeatedly download the same information. This is an attempt to speed up page delivery. However, if this happens to your site, #visitors could be prevented from accessing your #web pages.

Read More



Install and Configure Salt Master on Ubuntu


This article will give you a comprehensive guide on the steps to perform installation and configuration of Salt Master and Minion servers on Ubuntu which involves a series of steps that include installing the master daemon, initial master configuration, installing a separate minion, and configuring the Minion.

Read More



Configure Lets Encrypt on WAMP Server


This guide will guide you through the processes to set up Let's Encrypt in the WAMP server.

Read More



Steps to install Wraith on Ubuntu


This article will guide you on how to install Wraith on Ubuntu which requires adding Ruby, ImageMagick, and some other dependencies added to the system.

Read More



How to fix OCSP SSL Certificate Stapling error


OCSP SSL Stapling error is usually triggered when accessing a website using https:// SSL protocol.

Read More



How to fix SSLSessionCache shmcb session cache not supported


SSLSessionCache: 'shmcb' error is usually triggered after upgrading the Apache from 2.2. to 2.4 version.

Read More



VestaCP Error Lets Encrypt validation status 400 error


VestaCP Let's Encrypt error status 400 occurs when trying to request Let’s Encrypt SSL for domains in a vestaCP control panel.

Read More



How to fix ssl_stapling ignored ssl error


ssl_stapling ignored Certificate error occurs when there are problems in the Certificate files experienced while trying to restart Nginx web server.

Read More



how to solve cURL error 60 SSL certificate problem


How to fix cURL error 60 ssl certificate problem which occurs when cURL cannot find any valid certificate to communicate securely over https.

Read More



Solution to certificate routines X509_check_private_key key values mismatch


Main causes of  certificate routines X509_check_private_key key values mismatch in Apache web server  SSL Certificates.

Read More



Solve 534 policy requires SSL server error


534 policy requires SSL server connection error triggers when you want to connect to the file manager of a website via an ftp client.

Read More



Easy fix to SQL error 5023


From time to time, we do receive SQL related server bugs queries of which one of it was "SQL error 5023".

This SQL error is very catastrophic and it tends to disrupt the SQL server when it is trying to start up.


To fix SQL Server Error 1225:

1. Click WindowsKey + R and enter services. msc.

2. Once Services opens scroll down and locate service SQL Server.

3. Highlight the service and click START.

4. Wait for the service to start and retry to connect to your MSSQL instance.

Read More



How to fix SSL error err sslversion or cipher mismatch


The error ERR_SSL_VERSION_OR_CIPHER_MISMATCH occurs when a user's browser cannot establish a secure connection with a web server that uses #HTTPS and SSL. 

The issue may lie in the server configuration or locally on a user's #computer.

Also, the ERR SSL VERSION OR CIPHER MISMATCH error could be caused by certain security settings. 

Applying changes to the SSL might help you solve the annoying ERR SSL VERSION problem. 

Sometimes switching to another browser can be the easy fix you need.


To Fix ERR_SSL_PROTOCOL_ERROR:

1. Set correct system date, time & region.

2. Clear Chrome's cache and cookies.

3. Disable #QUIC Protocol.

4. Disable extensions.

5. Remove your system's hosts file.

6. Clear SSL State.

7. Lower your internet security and privacy level.

8. Disable your security tools for a moment.


Error such as Err_ssl_version_or_cipher_mismatch tend to pop up when there is a inappropriate configuration in the SSL certificate.

Read More



Easy way to convert cPanel SSL Certificate from PEM format to PFX


pem is a de-facto file format called Privacy-Enhanced Mail. These are interchangeable file extensions for the PKCS#12 format. 

Technically, PKCS#12 is the successor to Microsoft's PFX format, but they have become interchangeable. PKCS#12 files are archives for cryptographic material.

PKCS#12 (also known as PKCS12 or PFX) is a binary format for storing a certificate chain and private key in a single, encryptable file.

All SSL Certificates require a private key to work. The private key is a separate file that's used in the encryption/decryption of data sent between your server and the connecting clients.

A private key is created by you—the certificate owner—when you request your certificate with a Certificate Signing Request (CSR).

Basically, the default SSL file format used by apache web server is the PEM format. Whereas PFX files are used on MacOS and Windows systems to do export and import activities of private keys and certificates.

Read More




For Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on LinuxAPT.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com






Focus on your business, not your servers.

Click Here to Learn More