-
## Information
https://whatismybrowser.com/w/QCB7F49
## Help request
### Problem
OCSP is not enabled after using the generated configuration. Multiple tools (digicert helpers, ssllabs,…
-
- What Grafana version are you using? `grafana/grafana:master`
- What datasource are you using? `Prometheus`
- What OS are you running grafana on? `CentOS 7 on virtualBox`
- What did you do? `Trie…
-
#### Problem description
Fluentd cannot communicate with OpenSearch because, during the SSL handshake, the Fluentd OpenSearch plugin sends only its microservice certificate instead of the full cer…
-
[The certificate from IdenTrust to the FBCA was revoked on February 17th](https://bugzilla.mozilla.org/show_bug.cgi?id=1037590#c27), yet this certificate path remains valid through Mozilla Firefox:
!…
-
We received an A+ grade with TLS 1.0 support still enabled. We don't have any ciphers enabled that would work via TLS 1.0, so while the protocol I guess is still on, it couldn't be used. We're fixing …
-
### what we have atm
- CRLite: mode 2, so we trust all CRLite reponses (revoked and not-revoked).
- OCSP:
- used when CRLite cannot provide an answer;
- stapled if possible;
- hard-fail.
…
-
I noticed my certs are showing new expiration dates on our F5 LTM. These two obfuscated certs show "Nov 29, 2018" as the expiration on the LTM. What am I missing? The script originally placed the c…
-
Since we want everyone to use secure connections we have to make it easier for users to learn what exactly was preventing a secure connection from being established.
Ideally we also point them to an o…
-
We have some intermediate certificates that were re-issued with the same subject name (don't ask), so we rely on the authority key identifier to construct the chains. Unfortunately, PolarSSL doesn't c…
-
- OCSP stapling solves many issues because the proof of not revocation, signed with time is included in the TLS negotiation. Only the servers do it so does not affect privacy and scales properly becau…
bisho updated
8 years ago