Highest Voted 'ssl' Questions - DevOps Stack Exchange

35

votes

9 answers

How to install Certbot plugins?

I installed Certbot by following this tutorial: sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install python-certbot-nginx And now I want to set up my cert, but I need the dns-digitalocean plugin: # certbot certonly…

ssl certbot

asked Mar 28 '18 at 05:11

mpen

601
1
6
10

18

votes

2 answers

How do I include my internal CA certificate to validate SSL exchanges in Chef?

We do use an internal Certificate Authority to create server certificates in my company. We also have to deal with a transparent proxy doing SSL interception (MITM). I regularly encounter SSL validation errors due to Chef not knowing the CA …

chef ssl

asked Feb 28 '17 at 17:08

Tensibai

11,416
2
37
63

16

votes

2 answers

How can I add an additional IP / hostname to my Kubernetes certificate?

I've recently followed this guide to set up Kubernetes on my local Raspberry Pi cluster. I can access it fine on my LAN; however I'd like to be able to access it remotely as well. I've already set up port forwarding on my router, but when I try to…

kubernetes ssl

asked Oct 18 '19 at 13:20

soapergem

201
1
2
10

10

votes

2 answers

Git seems to recognize http.sslcainfo property from .gitconfig but ignores it on execution? SEC_E_UNTRUSTED_ROOT

all, I have a working certificates chain (testable with OpenSSL) but somehow I cannot manage to tell Git to load these certificates. I get the same "untrusted root authority" error (SEC_E_UNTRUSTED_ROOT) independently of whether my git…

git windows ssl

asked Apr 26 '17 at 11:45

Ta Mu

6,792
5
43
83

7

votes

1 answer

Kubernets docker registry behind nginx-ingress

I try to setup docker-registry in Kubernetes cluster behind the nginx-ingress controller. The issue is, when I try to push the image into private registry, it tells me: Get https://registry.local/v2/: x509: certificate is valid for ingress.local,…

kubernetes ssl ingress docker-registry

asked Jul 30 '18 at 17:03

acd

121
2
6

5

votes

3 answers

Validating certificates with get_url or yum on CentOS 7 using Ansible

I'm pretty new to Ansible, but it seemed a better tool than a bash script for installing programs from source on remote servers... Starting from my working-but-fragile bash script, I made an Ansible script to git clone, configure and compile what I…

ansible git ssl centos

asked Nov 25 '17 at 02:21

TheAtomicOption

151
1
4

4

votes

2 answers

Ingress vs Load Balancer

I am new to kubernetes and I am trying to expose an application publicly. I am using Scaleway as the cloud provider (if it matters). From what I understand, there are multiple ways of doing this. Create an Ingress Controller By doing this, the…

kubernetes load-balance ingress ssl

asked Dec 13 '21 at 07:56

Razvan Toader

179
4

3

votes

1 answer

certbot renewal fails over ipv6

I'm using LetsEncrypt CA for SSL certificates with a cron job that renews them. Recently moved one of our domains to dual ipv4/ipv6 stack and now the certificate renewal fails for that domain: Attempting to renew cert (nodrama.io) from…

ssl nginx certbot

asked Jul 12 '18 at 15:45

fbielejec

183
5

3

votes

2 answers

What are best practices for implementing SSL on Jenkins?

One of the options is to configure SSL in NGinx and to put this in front of Jenkins. Are there any other options for securing Jenkins? I am looking for an answer that is focused on best practices that harden the layer 6.

jenkins ssl

asked Sep 15 '17 at 08:03

030

13,383
17
76
178

2

votes

1 answer

How do I bootstrap an alpine image to work with a private repo proxy behind TLS?

I am in a corporate environment behind a gateway that does DPI and often replaces the TLS certificate of most online resources with our corporate certificate. Many of our developers use images based on alpine linux to do their work and at peak times…

ssl provisioning repository alpine

asked Nov 04 '19 at 20:38

LLlAMnYP

285
1
9

2

votes

1 answer

Unable to validate certificate chain: cert.pem in Zimbra mail server

I am trying to install let's encrypt SSL in my Zimbra mail server but getting below error when running below command. /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem Error: ** Verifying ‘cert.pem’ against…

ssl

asked Mar 31 '19 at 14:06

Jay

1,064
2
12
21

2

votes

0 answers

404 Not Found when obtaining new certificates for nginx

I'm trying to obtain ssl certificate for the following server: server { server_name www.nodrama.io; rewrite ^(.*) http://nodrama.io$1 permanent; } server { server_name nodrama.io; listen 80; listen [::]:80 ipv6only=on; error_page…

ssl nginx certbot

asked Jul 12 '18 at 19:35

fbielejec

183
5

2

votes

3 answers

What are trusted providers that offer wildcard certificates and associated costs to be used in an Orchestration Platform like Kubernetes?

Currently, certbot and nginx are used to create a trusted webpage. Recently, an attempt was made to move the images to a kubernetes cluster on google cloud platform. A guide was found to configure an SSL loadbalancer. It was tried and it shows…

kubernetes ssl devsecops

asked Mar 11 '18 at 21:22

030

13,383
17
76
178

2

votes

1 answer

Unable to connect to the server: tls: failed to verify certificate: x509: certificate signed by unknown authority

I am facing issue when trying to import k8s cluster in Rancher. here are the logs of when trying to run the commands: Commnad: curl --insecure -sfL…

kubernetes linux ssl rancher

asked Jul 19 '23 at 09:49

Abdullah Manzoor

21
1
2

2

votes

2 answers

When do I have to renew an SSL certificate in Chef?

In the annual process of renewing SSL certificates, I have a list of infrastructure that needs updating. This usually included Chef. This is followed by an arduous and painful process of getting every node to re-fetch the self-signed chef-server…

chef ssl

asked Jan 18 '22 at 19:23

Muradin007

21
1

Questions tagged [ssl]