Explore information related to ssl

No SSL library support - How to fix this Web Agent installation error

This article covers methods of resolving No SSL/library support: Web Agent installation error. This issue arises when you are trying to install a 32bit version of the agent on a 64bit system; the 32bit version of the agentadmin tool cannot open the 64bit SSL libraries.
Therefore, If your operating system does not include native openssl packages, you must install OpenSSL.

To fix this Web Agent installation error on Linux:
1. Ensure you are installing the appropriate version of the agent; if you have a 64bit operating system, you must install the 64bit agent.
2. Ensure either the operating system provides native openssl packages or OpenSSL is installed. If you are using OpenSSL, you can check that the OpenSSL libraries are in the correct location as follows and add them if they are missing:
a. Check that the LD_LIBRARY_PATH environment variable is set. For example: $ echo $LD_LIBRARY_PATH
b. Check that the OpenSSL libraries (libcrypto.so and libssl.so) are available in the path specified in this environment variable (LD_LIBRARY_PATH).

Read More



Secure osTicket with Lets Encrypt SSL Certificates - Do it Now

This article covers how secure osTicket with Let’s Encrypt SSL Certificates. You can use the Certbot to request for SSL certificates from Let's Encrypt Certificate Authority. The tool is not available by default and will need to be installed manually.


To Install certbot certificate generation tool:

1. Install certbot on Ubuntu /Debian:

# Install certbot on Ubuntu /Debian

$ sudo apt update

# Apache

$ sudo apt-get install python-certbot-apache

# Nginx

$ sudo apt-get install python-certbot-nginx


2. Install certbot on CentOS 8 / CentOS 7:

On a CentOS system run either of the following commands:

# CentOS 8

## For Apache

$ sudo yum -y install python3-certbot-apache

## For Nginx

$ sudo yum -y install python3-certbot-nginx

# CentOS 7

## For Apache

$ sudo yum -y install python2-certbot-apache

## For Nginx

$ sudo yum -y install python2-certbot-nginx

Read More



Add user in VestaCP - How to do it

This article covers how to add a user in VestaCP. Vesta control panel (VestaCP) is an open source hosting control panel, which can be used to manage multiple websites, creat and manage email accounts, FTP accounts, and MySQL databases, manage DNS records and so on.


To Add / Edit User in VestaCP:

1. First, click the USER tab on top, then click the green coloured “+” to add a new user.

2. Fill in the details for the new user. Click “Add” when you’ve completed the info.

3. This message will pop up if all the info are filled in correctly.

Now, you will see 2 users to choose from. Access the newly created user by clicking on “Login as (username)”. 

Each user can manage their own web, DNS, mail and database, etc.

You can also perform edit, deletion or suspension of user accounts using the buttons shown in the red box.


To uninstall Vesta Control panel:

1. Stop vesta service. service vesta stop.

Remove vesta packages and software repository. RHEL/CentOS: yum remove vesta* rm -f /etc/yum.repos.d/vesta.repo. Debian/Ubuntu: apt-get remove vesta* rm -f /etc/apt/sources.list.d/vesta.list.

2. Delete data directory and cron.

Read More



Configure Varnish with Apache - How to do it

This article covers how to configure Varnish #cache on the #Apache server. Varnish is an HTTP accelerator and a useful tool for speeding up a server, especially during a times when there is high traffic to a site. 

It works by redirecting visitors to static pages whenever possible and only drawing on the virtual private server itself if there is a need for an active process.

#Varnish is a caching HTTP reverse proxy. It receives requests from clients and tries to answer them from the cache.


Where is varnish configuration file?

The Varnish configuration file will be located in the /etc/varnish directory in CentOS 7. 

To make Varnish work in front of Apache, you will need to set up some basic configurations. 

By default Varnish listens on port 6081 . 

You will need to change port 6081 to 80 so that website requests access the Varnish cache first.


What is varnish WordPress?

Varnish is a full-page cache and HTTP preprocessor which can be used to speed up requests for a WordPress site. 

Setting up Varnish is a technical task, as it requires installing and configuring a system package on a web server, rather than just installing a plugin.

Read More



Zabbix server cant connect to java gateway - Fix it now

This article covers how to fix Zabbix error "Server can't connect to java gateway" by making some changes in the server configuration files and restarting the Zabbix and java gateway. 

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. 

This allows a fast reaction to server problems. 

Zabbix offers excellent reporting and data visualization features based on the stored data. 

This makes Zabbix ideal for capacity planning.

Read More



Install Firejail in Linux

This article will guide you on steps to #install #Firejail in Linux. Basically, Firejail reduces the risk of security breaches by restricting the untrusted applications and separating them from other parts of the system. 

#Sandboxing involves providing a safe environment for a program or #software so that you can play around with it without hurting your system. It actually keeps your program isolated from the rest of the system, by using any one of the different methods available in the #Linux #kernel.

To Install the Firejail Software:

1. Open up a terminal window.

2. Issue the command sudo apt-get install firejail.

3. Type your sudo password and hit Enter.

4. If prompted, type y to allow the installation to continue.

5. Allow the installation to complete.

Read More



Install Microsoft PowerShell on Ubuntu

This article will guide you on steps to install PowerShell on #Ubuntu. #PowerShell is a configuration management tool that brings the capabilities of Linux command-line interface (#CLI) control into the historically point-and-click Windows environment to manage Windows servers efficiently in virtual deployments.

With PowerShell and WSL, we can integrate Linux commands into #Windows just as if they were native applications. 

No need to hunt around for Win32 builds of #Linux utilities or be forced to interrupt your workflow to drop into a Linux shell.

To check the PowerShell version installed in your system, you can use either $PSVersionTable or $host command.

To get a list of PowerShell commands:

1. Get-Command gets the commands from #PowerShell modules and commands that were imported from other sessions. 

2. To get only commands that have been imported into the current session, use the ListImported parameter. 

3. Without parameters, Get-Command gets all of the #cmdlets, functions, and aliases installed on the #computer.

Read More



Logging in Apache More about it

The Apache access logs stores information about events that occurred on your #Apache web #server. Apache web servers also provide administrators with another type of log file called error logs. 

The Apache error log has a logging level that filters the messages sent to the log. Apache #logs nothing for a single page request in warn level.

This log file is used to provide more information regarding a particular error that has occurred on the web server.

By default, you can find the Apache #access log file at the following path:

i. /var/log/apache/access. log.

ii. /var/log/apache2/access. log.

iii. /etc/httpd/logs/access_log.

To enable the Apache #HTTP access logs:

1. Open the Apache HTTP configuration at /Applications/MAMP/conf/apache/httpd.conf.

2. Find this line.

3. Change the line.

4. Restart Apache using the MAMP widgit.

5. Now, view your new logfiles!

Read More



Install SSL Certificate in IIS 7

This article will guide you on steps to #install SSL Certificate in IIS 7 #windows 2008 server. 

IIS (Internet Information Services) is used to host ASP.NET web applications and static #websites. It can also be used as an #FTP server, host WCF services, and be extended to host #web #applications built on other platforms such as #PHP. There are built-in authentication options such as Basic, ASP.NET, and Windows auth.

To install a certificate in Windows Server:

i. In the left pane of the console, double-click #Certificates (Local Computer). 

ii. Right-click Personal, point to All Tasks, and then select Import. 

iii. On the Welcome to the Certificate Import Wizard page, select Next. 

iv. On the File to Import page, select Browse, locate your certificate file, and then select Next.

To enable SSL in IIS:

1. On the #IIS server, start the IIS Manager (on the Windows taskbar, select Start > Administrative Tools > Internet Information Services (IIS) Manager).

2. Enabling SSL in IIS

3. In Type, select https.

4. In SSL certificate, select an appropriate certificate from available choices.

5. Click OK.

Read More



Windows Live Mail Error 0x800ccc0e

This article will guide you on steps to fix #Outlook #Error #0x800ccc0e. Usually, this error occurs due to bad #email settings or because of minor problems with the email server or internet connection. Also, the customer may experience this error while receiving the mail on the email #client.

Try to run Windows Live Mail as Administrator in compatibility mode. Try to re-configure the Windows Live Mail account. Remove the existing WLM account and create a new one. Try reinstalling Windows Essentials 2012 on your Windows 10.

To get rid of Windows Live Mail error:

1. Open your Windows Live mail program.

2. Select the Home tab at the top right of your Windows Live Mail.

3. Click the Outbox to the left. Find any emails that are not sending out.

4. Once you send the email again, you can delete the email in the Outbox. 

The error will go away after the sent email is deleted.

Read More



Security certificate does not specify subject alternative names

This article will guide you on steps to fix #Security certificate does not specify subject alternative names. 

Basically, the #error, Security certificate does not specify subject alternative names trigger if the certificate does not have the correct SubjectAlternativeName extension.

Subject Alternative Names or SANs allow you to secure multiple domains from one SAN SSL certificate. SANs are additional domain names added to an SSL certificate.

To add a Subject Alternative Name to a certificate:

1. If you want to add #SAN, most CAs allow you to reissue a certificate with new details, though this will usually revoke your old certificate. 

2. You don't need the old CSR to reissue a certificate, you can instead create a new CSR with the updated details using a new or existing private key.

The Subject Alternative Name (#SAN) is an extension to the X. 509 specification that allows users to specify additional host names for a single SSL certificate. The use of the SAN extension is standard practice for #SSL #certificates, and it's on its way to replacing the use of the common name.

Read More



Nginx multiple domains SSL Certificates

This article will guide you on steps to resolve common issues with "Nginx multiple domains #SSL". Basically, the multi-domain SSL #certificate offers security for multiple websites.
The technique for hosting more than one domain/subdomain on a single IP address/host is called #virtual #hosts. The http get request contains the domain name that the requests is for which allows the web server to match up the request with a particular virtual domain.
You can host multiple websites on #Nginx:
1. Configure Nginx to Host Multiple Websites.
2. Create Directory Structure.
3. Create Virtual Configuration.
4. Test Your #Websites.
5. Adding PHP-FPM Support to Nginx.

Read More



Wget SSL error How to fix it

This article will guide you on steps to fix #Wget #SSL error which is a generic #error that pops an error message "Unable to establish SSL connection" .
To support encrypted HTTP ( #HTTPS ) downloads, Wget must be compiled with an external SSL library, currently #OpenSSL. If Wget is compiled without SSL support, none of these options are available."
You might need to check whether the version of wget you are using supports #SSL.

Read More



Lets encrypt new auth status 429 error

This article will guide you on methods to troubleshoot and fix 429 error which occurs due to creation of multiple #SSL #certificates for a #domain. 

1. 429 means you went over the rate #limits. 

2. You issued 5 certificates in the last week.  This is why you get a #429 answer.

3. You need to wait two days to get another one. do you have access to the certificates you issued?

Read More



Error code 15 in VestaCP

This article will guide you on different methods to resolve #VestaCP #error code 15 which happens when trying to add #Lets #Encrypt SSL to a domain which already had Lets Encrypt set up.

To Fix SSL/TLS Certificate Error – Invalid SSL #Certificate Error:

1. First, verify whether the #Firewall or #Antivirus program is interrupting #SSL connection. 

2. Clear #cache files, internet browsing history, and cookies.

3. Verify whether the system's date is correct, whether it matches the current time zone.

Read More



Setting up OCSP stapling on Apache

This article will guide you on how to configure OCSP stapling on the Apache server.

To Check if #OCSP #stapling is enabled:

Go to https://www.digicert.com/help and in the Server Address box, type in your server address (i.e. www.ibmimedia.com). If OCSP stapling is enabled, under #SSL Certificate has not been revoked, to the right of OCSP Staple, it says Good.

To Configure your Apache server to use OCSP Stapling:

1. Edit your site's #VirtualHost SSL configuration. 

2. Add the following line INSIDE the <VirtualHost></VirtualHost> block: SSLUseStapling on. 

3. Check the configuration for errors with the Apache Control service. Apachectl -t.

4. Reload the Apache service. service apache2 reload.

Read More



Courier IMAP SSL How to secure your IMAP servers with SSL

This article will guide you on how to fix #IMAP #SSL #error which occurs as a result of incorrect file generation or wrong SSL #port #settings cause problems with the proper functioning of SSL on #courier IMAP SSL servers.

To add SSL support you have to install #OpenSSL or #GnuTLS before installing Courier-IMAP. #Download OpenSSL from http://www.openssl.org/, or GnuTLS from http://www.gnutls.org.

Read More



How to Set Up Multiple SSLs on One IP With Nginx

This article will guide you on how to set up multiple #SSL #certificates on one #IP with #Nginx. 

To set up Multiple SSL Certificates on a Single IP Using Nginx:

1. Domain names should be registered in order to serve the certificates by SNI.

2. Root Privileges to the server.

3. Nginx should already be installed and running on your #VPS. To #install Nginx: # sudo apt-get install nginx.

4. Make sure that #SNI is enabled in the #server.

Read More



SSLRandomSeed cannot occur within VirtualHost section

This article will guide you on how to fix SSLRandomSeed cannot occur within VirtualHost section which triggers when the #SSLRandomSeed directive is specified inside the #VirtualHost section. 

Read More



Send Syslog with SSL TLS to Nagios Log Server

This article will guide you on how to Send #Syslog with #SSL / #TLS to Nagios Log Server by encryption which ensures that the #traffic between the #Linux machine and Nagios Log Server is not sent in plain text.

Read More



Steps to create a Self-Signed SSL Certificate for Apache in CentOS 8

This article will guide you on how to configure #Apache to serve encrypted requests using a self-signed SSL certificate and to redirect unencrypted HTTP requests to #HTTPS. Self-signed #certificates or certificates issued by a private CAs are not appropriate for use with the general public. It can only properly verify the identity of the server when it is signed by a trusted third party because any attacker can create a self-signed certificate and launch a man-in-the-middle attack.

Read More



Secure Wamp Server How to do it effectively

This article will guide you on the different methods to secure #WAMP Server. Basically, WAMP provides support for #MySQL and #PHP. It can be used in production under condition that you install the secure WAMP #distro and it can run on #Internet and not just #intranet.

Read More



Send NXLogs with SSL TLS to Nagios Log Server

This guide will guide you on how to send NXLogs with SSL/TLS to #Nagios #Log #Server. Encryption ensures that the traffic between the #Windows machine and Nagios Log Server is not sent in plain text.

Read More



SSLSessionCache cannot occur within VirtualHost section

This article will guide you on the steps to resolve #SSLSessionCache cannot occur within #VirtualHost section issue. Basically, SSLSessionCache is a file-based #cache of established #SSL sessions.

Read More



Step by step process to Secure Apache with Lets Encrypt on CentOS 8

This article will guide you on the process to secure #Apache with Let’s Encrypt by installing Let's Encrypt #Certbot client, downloading #SSL #certificates for the #domain, and setting up automatic certificate renewal.

The objective of Let's Encrypt and the #ACME protocol is to make it possible to set up an #HTTPS server and have it automatically obtain a browser-trusted certificate, without any human intervention.

Read More



IIS Security for Sites Steps for server hardening

This article will guide you on the process to #secure sites in IIS to prevent site infections or defacing on a #Windows Server include poor file security or poor #configuration. 

In conclusion, the modular nature of #IIS allows for more granular control over web server resources and #security. However, this can either make your #web #applications more or less secure—depending on the person or group responsible for security.

Read More



Configure Jenkins with SSL using an Nginx

This article will guide you on how to configure #Jenkins with #SSL using an #Nginx reverse proxy. It is important to secure Jenkins with SSL to protect passwords and sensitive data transmitted through the #web interface.

Read More



YUM History command Ways to use it

This article will guide you on #YUM history #command in #Linux which provides a detailed history of YUM #transactions in order to find out information about installed packages and those that where removed/erased from a #system. 

The yum history command allows users to review information about a timeline of Yum transactions, the dates and times they occurred, the number of packages affected, whether transactions succeeded or were aborted, and if the RPM #database was changed between transactions.

Read More



304 not modified error Steps to fix it

An #HTTP 304 not modified status #code means that the website you're requesting hasn't been updated since the last time you accessed it.

Basically, your browser will save (or cache) web #pages so it doesn't have to repeatedly download the same information. This is an attempt to speed up page delivery. However, if this happens to your site, #visitors could be prevented from accessing your #web pages.

Read More



Enable OCSP stapling on Nginx Server

This article will guide you on the steps to configure OCSP stapling on the Nginx server.

Read More



VMWare vCenter Self-Signed Certificate Warning

This article will guide you on the steps to remove VMWare vCenter Self-Signed Certificate Warning.

Read More



Install and Configure Salt Master on Ubuntu

This article will give you a comprehensive guide on the steps to perform installation and configuration of Salt Master and Minion servers on Ubuntu which involves a series of steps that include installing the master daemon, initial master configuration, installing a separate minion, and configuring the Minion.

Read More



Configure Lets Encrypt on WAMP Server

This guide will guide you through the processes to set up Let's Encrypt in the WAMP server.

Read More



Steps to install OpenLiteSpeed on CentOS

This article will guide you on how to perform installation of OpenLiteSpeed on Centos Server.

Read More



Steps to install Wraith on Ubuntu

This article will guide you on how to install Wraith on Ubuntu which requires adding Ruby, ImageMagick, and some other dependencies added to the system.

Read More



Gradle Installation and Configuration on Linux

This guide will show the steps to install and configure Gradle on Linux and Windows.

Read More



How to fix OCSP SSL Certificate Stapling error

OCSP SSL Stapling error is usually triggered when accessing a website using https:// SSL protocol.

Read More



How to fix SSLSessionCache shmcb session cache not supported

SSLSessionCache: 'shmcb' error is usually triggered after upgrading the Apache from 2.2. to 2.4 version.

Read More



VestaCP Error Lets Encrypt validation status 400 error

VestaCP Let's Encrypt error status 400 occurs when trying to request Let’s Encrypt SSL for domains in a vestaCP control panel.

Read More



How to fix ssl_stapling ignored ssl error

ssl_stapling ignored Certificate error occurs when there are problems in the Certificate files experienced while trying to restart Nginx web server.

Read More



how to solve cURL error 60 SSL certificate problem

How to fix cURL error 60 ssl certificate problem which occurs when cURL cannot find any valid certificate to communicate securely over https.

Read More



Easy way to fix connection timed out error during http-01 challenge propagation in Kubernetes

Best fix to "Connection timed out" error during http-01 challenge propagation.

Read More



Solution to certificate routines X509_check_private_key key values mismatch

Main causes of  certificate routines X509_check_private_key key values mismatch in Apache web server  SSL Certificates.

Read More



Solution to sslv3 alert handshake failure

Easy method to fix SSLv3 alert handshake failure.

Read More



Solution to unable to write random state openssl error

Best methods to fix "unable to write random state" OpenSSL error.

Read More



Solution to SSLPassPhraseDialog builtin is not supported on Win32 error

Easy way to fix  SSLPassPhraseDialog builtin is not supported on Win32 error in relation to Apache web server.

Read More



Solution to err_ssl_protocol_error

Best method to fix err_ssl_protocol_error in an affected application or website.

Read More



Solve Apache error AH01276 Cannot serve directory

The solution to Apache server error No matching DirectoryIndex is here in this Article.


Read More



Solve 534 policy requires SSL server error

534 policy requires SSL server connection error triggers when you want to connect to the file manager of a website via an ftp client.

Read More



Fix Cloudflare error 526 Invalid SSL certificate

When a server's SSL/TLS certificate cannot be validated by Cloudflare Service then an SSL issue known as "error 526" occurs.

Read More



Easy fix to SQL error 5023

From time to time, we do receive SQL related server bugs queries of which one of it was "SQL error 5023".

This SQL error is very catastrophic and it tends to disrupt the SQL server when it is trying to start up.


To fix SQL Server Error 1225:

1. Click WindowsKey + R and enter services. msc.

2. Once Services opens scroll down and locate service SQL Server.

3. Highlight the service and click START.

4. Wait for the service to start and retry to connect to your MSSQL instance.

Read More



How to fix SSL error err sslversion or cipher mismatch

The error ERR_SSL_VERSION_OR_CIPHER_MISMATCH occurs when a user's browser cannot establish a secure connection with a web server that uses #HTTPS and SSL. 

The issue may lie in the server configuration or locally on a user's #computer.

Also, the ERR SSL VERSION OR CIPHER MISMATCH error could be caused by certain security settings. 

Applying changes to the SSL might help you solve the annoying ERR SSL VERSION problem. 

Sometimes switching to another browser can be the easy fix you need.


To Fix ERR_SSL_PROTOCOL_ERROR:

1. Set correct system date, time & region.

2. Clear Chrome's cache and cookies.

3. Disable #QUIC Protocol.

4. Disable extensions.

5. Remove your system's hosts file.

6. Clear SSL State.

7. Lower your internet security and privacy level.

8. Disable your security tools for a moment.


Error such as Err_ssl_version_or_cipher_mismatch tend to pop up when there is a inappropriate configuration in the SSL certificate.

Read More



Easy way to convert cPanel SSL Certificate from PEM format to PFX

pem is a de-facto file format called Privacy-Enhanced Mail. These are interchangeable file extensions for the PKCS#12 format. 

Technically, PKCS#12 is the successor to Microsoft's PFX format, but they have become interchangeable. PKCS#12 files are archives for cryptographic material.

PKCS#12 (also known as PKCS12 or PFX) is a binary format for storing a certificate chain and private key in a single, encryptable file.

All SSL Certificates require a private key to work. The private key is a separate file that's used in the encryption/decryption of data sent between your server and the connecting clients.

A private key is created by you—the certificate owner—when you request your certificate with a Certificate Signing Request (CSR).

Basically, the default SSL file format used by apache web server is the PEM format. Whereas PFX files are used on MacOS and Windows systems to do export and import activities of private keys and certificates.

Read More