51,039 questions
1
vote
1
answer
44
views
How to disable SSL in sonar-cxx plugin when using an HTTP SonarQube server?
I am running the SonarScanner CLI and SonarQube in a Docker container each.
I use the free version of SonarQube so I have added the cxx sonarqube plugin v2.2.2.
The version of the SonarScanner is 12.1 ...
- 35
-1
votes
0
answers
21
views
FreeRADIUS RadSec TCP connections plateau around ~500 per instance [closed]
We are benchmarking RadSec (TCP/TLS) connections against a single FreeRADIUS instance and observing a consistent connection ceiling.
FreeRADIUS (version 3.2.8)
Running in Kubernetes (single pod)
~...
Advice
0
votes
5
replies
78
views
Understanding the use of `'static` in RusTLS
As a (relative) novice at Rust, I am trying to understand the use of 'static in the RusTLS CommonState struct's peer_certificates method:
pub fn peer_certificates(&self) -> Option<&[...
- 2,447
-1
votes
0
answers
41
views
AWS ACM certificate stuck PENDING_VALIDATION — DNS CNAME correct, dig OK, email validation works for apex — subdomain delegated to Route 53 [closed]
Problem
I'm trying to issue an Amazon-issued public certificate in ACM (same region as my Application Load Balancer, e.g. us-west-2) for a subdomain on a delegated Route 53 public hosted zone.
The ...
- 823
0
votes
0
answers
67
views
Error in mod_wsgi ssl: "unable to get local issuer certificate"
I am running an authentication system on my Apache2 webserver that uses Python through the mod_wsgi module to run scripts authenticating users through IP addresses, passwords, etc. Once authenticated, ...
- 345
1
vote
1
answer
121
views
How to disable SSL Certificate Validation in Spring RestClient?
A RestClient needs to communicate with HTTPS to a host with self-signed TLS certificate.
I have seen a similar question here on StackOverflow, Disabling SSL Certificate Validation in Spring ...
- 180
0
votes
0
answers
49
views
cTrader FIX Logon returns RET_INVALID_DATA for both QUOTE and TRADE sessions on ICMarkets
I’m trying to connect to ICMarkets cTrader FIX and both FIX Logon requests are rejected with RET_INVALID_DATA.
The TCP + SSL connection succeeds, so the failure seems to be at the FIX authentication/...
- 11
-1
votes
0
answers
123
views
Flutter CERTIFICATE_VERIFY_FAILED on Android 13/14 but works perfectly on Android 16 (Sectigo CA)
I am developing a Flutter application that communicates with a live API server via HTTPS. The API calls work perfectly on an Android 16 device, but when I test the exact same code on devices running ...
- 11
1
vote
0
answers
86
views
How to isolate client certificates per browser context in Playwright for parallel execution? (Ubuntu)
I’m working on a system that performs login using client certificates and I need to run multiple browsers in parallel, each one using a different certificate.
The requirement is to fully isolate each ...
Advice
0
votes
2
replies
133
views
Flutter SSL Handshake Failure on Android 13 and below
We are experiencing an SSL handshake issue in a Flutter-based Android application when connecting to a backend API hosted on SAP Cloud Platform Integration (SAP CPI).
Recently, the API certificate ...
1
vote
0
answers
83
views
SSL handshake error for Node.js on GitLab CI pipeline
I am trying to set up a CI pipeline in GitLab, for a Spring Boot project with Maven, which also installs npm.
I have tried using docker exec locally to check if doing mvn install would work, and it is ...
- 31
-1
votes
1
answer
62
views
Azure App Service: Cannot bind private domain with Managed Certificate – “Parameter Thumbprint is null or empty”
I'm trying to bind a private domain to my Azure App Service and use a managed certificate, but I keep running into issues.
Steps I followed:
Created a custom/private domain (e.g., api.example.ai) in ...
- 65
0
votes
0
answers
96
views
IIOP.NET SSLPlugin fails with omniORB SSL/mTLS (TCP works) — certificates imported, OpenSSL succeeds
When integrating a CORBA system where the server is C++(03) using omniORB 4.3 and the client is C# using IIOP.NET.
Server side (omniORB)
Server runs fine in SSL mode with a proper server certificate.
...
- 7,964
0
votes
0
answers
117
views
JAVA corretto21 SPRING "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated"
I've got a microservices system in Java Spring Boot
I create my SSL self-signed key and stores like this way
File "sub.conf"
[req]
default_bits = 4096
prompt = no
default_md = sha256
...
4
votes
1
answer
91
views
Program in GNU GCC Error access database: SQL: TLS/SSL error: SSL is required, but the server does not support it [duplicate]
I'm trying to create a program that connects to a MariaDB server. The code works perfectly if I use the library that comes with the server, but when I use the updated version compiled from the MariaDB ...
- 89
2
votes
0
answers
284
views
Indy 10 TCPServer and SSL certificate verifying issue (error 20, SSL alert number 48)
I am developing an application, which has a built-in TCP server. I want the server to be secure via OpenSSL. The server has to identify its clients and the clients must identify the server.
If I ...
- 123
0
votes
0
answers
63
views
Issue with apex_web_service.make_rest_request and Certificate Subject Alternative Name
I'm using Oracle apex_web_service to request a token via REST API but I'm struggling with certificates that use different CNs and Subject Alternative Name.
I try to make it clear:
the API url for the ...
- 986
Advice
0
votes
2
replies
62
views
Microsoft Edge devtools missing Security tab
I use MS Edge Version 144.0.3719.104 (official build) (64-bit) on Windows 11 and can't find the Security tab in the Developer Tools - see the screenshot below.
I want to check the TLS parameters of ...
- 1,537
3
votes
2
answers
258
views
How to poll for user data in blocking openSSL connection, old version 1.1.1
I have the code polling for unsecure connections' file descriptors. Now I am adding SSL and stuck with how to poll for it. Library is old one, hot having SSL_poll and other useful stuff.
As usual, I ...
- 811
0
votes
0
answers
78
views
Can I bind an Azure Web App certificate by Azure resource ID instead of by thumbprint?
I'm running into some complications with 47-day cert validity periods that I didn't think were going to be enforced until 2029.
For some backstory, I renewed a cert in December of last year only to ...
- 1
0
votes
0
answers
30
views
Spring Boot: Create TLS metrics and logging
Since Nginx has been sundowned, we moved from Nginx to Spring Boot TLS. Luckily, Spring Boot allows easy and straight forward configuration of TLS. We now need to collect information about handshake ...
- 666
0
votes
1
answer
95
views
Is there a way to disable "not_before" check on grpccpp?
I have a use case of a gRPC server hosted on a machine without timekeeping (no rtc), I see that it is doable to use TLS on it (not checking the server certificates validity at all).
I would like to ...
- 31
0
votes
0
answers
79
views
Flutter HTTPS calls fail on older Android, only works if I bypass SSL certificate check
I'm building a Flutter app and HTTPS API calls fail only on older Android phones(Android 7 and below).
On modern devices everything works.
If I bypass certificate validation like this:
class ...
- 1,097
0
votes
0
answers
57
views
Strapi CORS not working behind Nginx Proxy Manager (Docker), headers always empty
I'm running a Strapi backend behind Nginx Proxy Manager (Docker) and trying to enable CORS.
Strapi version: latest
Nginx Proxy Manager: latest Docker image
I want to allow requests from my frontend ...
1
vote
1
answer
150
views
Java Apple KeyStore or SSL TrustManager which trusts certificates from both admin and root keychains
Running security dump-trust-settings -d on my MacBook shows some company-specific certificates that I want Java's TrustManager to trust when creating SSL/TLS connections to internal company servers. I ...
- 445
3
votes
1
answer
215
views
Custom Security Provider works in fat jar but not in GraalVM native image while extracting PostgreSQL server certificates
I am trying to extract the public certificate of any PostgreSQL database. I got it working with plain java as a library and as a standalone fat jar, but not in a native-image build with GraalVM. I ...
- 4,119
5
votes
1
answer
199
views
How to disable certain certificate types in Java SSL handshake
I have a Spring Boot 3.4.10 application written in Java 25 that authenticates via an SSL handshake. I'm using server.ssl.bundle to setup TLS within Spring Boot.
The snippet below is from the server ...
- 666
3
votes
1
answer
184
views
How to disable certain handshake features
When looking at PCAP traces of Java TLS handshake, I can see details in Server Hello like this:
Signature Algorithm: SHA224 DSA (0x0302)
I would like to disable it, so server application does not ...
- 666
0
votes
0
answers
175
views
Spring Kafka consumer stops consuming after 1–2 days with ExpiringCredentialRefreshingLogin logs
I have a Spring Kafka application with a single consumer. The Kafka client authentication is configured using SASL/OAUTHBEARER over SSL, as shown below:
authProps.put(SaslConfigs.SASL_MECHANISM,...
- 371
-1
votes
1
answer
101
views
Different .NET 8 runtime behaviour based on different SDK used [closed]
I am getting a weird behaviour in the .NET SDK/runtime. DotNet team remains silent
https://github.com/dotnet/sdk/issues/38325
Reproducible sample:
FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
...
- 2,525
1
vote
0
answers
89
views
Configure jax-ws in Glassfish not to supply client certificate in SSL handshake
I have built a jax-ws web service client using the jaxws-maven-plugin. It is failing when I use it from a Glassfish 7.0.25 server with Java 21.
I'm calling a SAP server which only validates the client ...
- 13
1
vote
2
answers
209
views
TLS in Perl REST request
This curl command works fine (must be accessed in tls 1.3):
curl -v --tlsv1.3 -u "xxxx":"xxx" -X POST "https:xxxxxxx"
Try to get the same result with Perl. Created a ...
- 309
1
vote
0
answers
109
views
How to disable PSA Crypto in Mbed TLS 3.x and build a minimal classic TLS + X.509 configuration?
I am working with Mbed TLS (latest release) on an embedded target and I want to disable all PSA Crypto / PSA driver layers completely and instead build the classic pre-PSA Mbed TLS stack (i.e., using ...
0
votes
2
answers
81
views
MariaDB / QMySqlDriver connection without SSL got 2026 error
My problem:
A MariaDB-Server is running in a LAMPP-Installation
It runs by default without SSL.
A Qt-Application (both 5.15.2 and 6.10.1) with loaded QMARIADB-Driver tried to open a connection to the ...
- 1
0
votes
1
answer
128
views
502 error with NGINX and Cloudflare - 2 servers [closed]
I've tried much of the advice I've found on here, and it hasn't worked so far.
Here's my network flow:
HTTPS -> Cloudflare -> NGINX (server 1) -> Apache (server 2) -> WordPress
Here are my ...
- 19
2
votes
3
answers
163
views
Azure linux function app to IBM MQ using IBMMQDotnetClient 9.4.2
Scenario: I've an azure function app(event hub trigger) which needs to connect to SSL enabled IBM MQ server.
I'm using IBMMQDotnetClient 9.4.2 nuget package and I've installed a pfx cert in local(...
Advice
0
votes
2
replies
218
views
PKIX path building failed: unable to find valid certification path — How to load PEM certificate into truststore at runtime in Spring Boot?
I am getting the below SSL error when my Java (Java 21, Spring Boot 3/4) application makes a REST call to a gateway:
Internal server error: (certificate_unknown) PKIX path building failed:
sun....
1
vote
0
answers
105
views
Flutter HTTPS requests failing with HandshakeException: WRONG_VERSION_NUMBER even though backend works in Postman
I’m running into a strange TLS/HTTPS issue in my Flutter project and can’t figure out why it only happens inside Flutter/Dart.
I have a backend API hosted at:
https://my-backend/api/v1
If I call the ...
1
vote
1
answer
77
views
Is there any official way to enable server-side client verification without requiring client-side server verification (asymmetric mTLS)?
I’m implementing PKI/mTLS authentication in Aerospike and want to confirm whether Aerospike officially supports a configuration where the server verifies the client certificate, but the client does ...
- 11
0
votes
0
answers
56
views
Unable to configure SSL Context For Open Feign Client. Getting PKIX Error
I am seeking to establish a mutual TLS (mTLS) connection between two of my Spring Boot applications: a Backend service and a Web service. For that reason, I have created keystores, certificates, and ...
Best practices
0
votes
2
replies
68
views
How to install SSL for your domain by XAMPP on windows machine
You will got these files by your ssl provider :
certificate.crt
server.key
ca_bundle.crt
Configuration SSL by xampp server in windows servers.
SSLCertificateKeyFile : "F:/xampp/apache/conf/ssl....
- 11
0
votes
0
answers
186
views
SSLCertVerificationError when fetching OpenML datasets in conda environment on Ubuntu
I’m on Ubuntu using a conda environment (ML(Python 3.12.9)), and I get a SSL certificate verification error when trying to load a dataset from OpenML with sklearn.datasets.fetch_openml. I already ...
0
votes
1
answer
95
views
Spring WebFlux: updating SSL certificate
My application uses the Spring Cloud Gateway so the stack is Spring + WebFlux. When the application starts it use the SSL certificate from the file. But after few weeks the external system is updating ...
0
votes
1
answer
73
views
Move HTTP request with cert file from nodeJs to .NET not working
I try to move a request with certificate from an old system made with NodeJS to a new system using .NET 8.0.
Running the .NET code, however, I always get the following error:
The SSL connection could ...
- 1,156
12
votes
3
answers
3k
views
Ruby SSL_connect certificate verify failed: unable to get certificate CRL on macOS
m getting an SSL error when making an HTTPS request in a Rails controller (Ruby 3.1.6):
OpenSSL::SSL::SSLError in PurchaseAttemptsController#create
SSL_connect returned=1 errno=0 peeraddr=3.175.45.47:...
- 7,906
0
votes
0
answers
100
views
Dart SecurityContext not accepting programmatically generated RSA private key for Android TV Remote Protocol
I'm building a Flutter app that uses Android TV Remote Protocol v2. The app requires client certificates for authentication. When I use a manually created certificate (placed in assets), everything ...
- 623
3
votes
1
answer
727
views
Self-signed certificate error when forcing SSL connecting to RDS PSQL [closed]
Hoping to get yalls help on the issue I am now sort of desperate about
Context:
I am deploying a docker container on EC2 Ubuntu, where it is used by two images - one for my Prisma-NestJs-based API and ...
1
vote
0
answers
92
views
Cannot run the custom built erlang container
Here is the Dockerfile
# ===== Stage 1: BUILD OTP 27.2 =====
FROM debian:bookworm AS build
RUN apt-get update && apt-get install -y \
build-essential \
autoconf \
automake \
...
0
votes
1
answer
194
views
WhatsApp Cloud API webhook verification fails: “The callback URL or verification token check failed”
i started to listening nginx, and when i press the button confirm and save, no one call or check my website, my nginx console is clear. But i past correct address. I spend to this whole day. Can ...
2
votes
0
answers
128
views
OkHttpClient Client not sending server-name extension in SSL Client handshake
I have a Springboot server with two ssl self signed certificates configured for different hostnames. One certificate assigned to hostname localhost. Another assigned as fallback, so any hostname other ...
- 755