I have set up a WSUS role on a windows server 2012 R2 and it works trouble-free over http. I would like now to secure the communication with SSL over https. I generated with openssl a .pfx certificate from our company’s wildcard certificate, installed it on the server and configured IIS to use it for encryption.
Problem:
When I try to connect the WSUS console to WSUS service, I get the follow error:
I followed this Microsoft documentation to install WSUS over SSL.
How can I resolve this issue?
Related
Please suggest on the issue which we are facing while accessing SSRS Secured web services and web portal URL Error Message
"Your connection is not private Attackers might be trying to steal
your information from <> (for example, passwords, messages, or credit
cards). Learn more NET::ERR_CERT_REVOKED"
We have got the SSL certificate reinstalled and restarted the SSRS services , but still no luck .
Could anyone please guide us in this regard Server configuration details are as follows -
-Microsoft SQL Server Version 17
-SSRS product version of 14.0.600.490
-WINDOWS SERVER 2016 DATACENTER
The SSL certificate is configured on Windows server .Also the SSL is configured in Web services and Web portal SSL configuration in SSRS is with (ALL IPV4) and (ALL IPV6),SSL certificate and validity till 2019
There was a patch update last week and post that we are unable to access secured urls
https://<>/reports/
https://<>/reportserver/
but we can access non secured urls
http://<>/reports/
http://<>/reportserver/
If the site is publicly accessible, please check the certificate served by your web server via SSL Checker.
Compare the certificate serial number and expiration date with the data of the certificate you installed in your web server or hosting control panel. In many cases, I saw that the server uses an old or invalid certificate.
(Source)
If you are sure that the correct certificate is served, clear the CRL and OCSP cache:
certutil -urlcache CRL delete
certutil -urlcache OCSP delete
You can also try disabling certificate revocation in browsers. It fixes ERR_CERT_REVOKED on the client side.
It's a CentOS 7 server and I have installed apache webserver and it's running
You can install SSLs from any company (or Certificate Authority - also known as a CA) on your server using these steps.
Steps :-
Generate a certificate signing request (CSR).
Request the SSL certificate.
Install the SSL certificate.
You will need to complete similar to steps for SSL certificates from any company.
I have a win 7 x64 box I recently reimaged and I have installed IIS7.5 and PHP 7. I am trying to set up localhost sites for secure https and I have successfully created a self-signed certificate for this purpose. I have set the IIS bindings for the site to use https over port 443 (IP Address: All unassigned) and selected the new SS cert.
When I go to https://localhost/php_info.php on my computer, I can see the phpInfo content but Chrome displays alerts that site is not secure.
Certificate error: There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID).
Obsolete connection settings: The connection to this site uses a strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA with P-256), and an obsolete cipher (AES_256_CBC with HMAC-SHA1).
What can I do to run secure sites over localhost?
The certificate error can be fixed if you generate another certificate, with Subject Alternative Name (which is required by Chrome). More information can be found in,
https://blog.lextudio.com/why-chrome-says-iis-express-https-is-not-secure-and-how-to-resolve-that-d906a183f0
The TLS cipher should be cleaned up by using a tool such as IIS Crypt,
https://www.nartac.com/Products/IISCrypto
Jexus Manager has SSL Diagnostics, which can provide you hints on what's wrong in your server configuration,
https://www.jexusmanager.com/en/latest/tutorials/ssl-diagnostics.html
I have a problem with a Windows 2003 server. The server is fully service packed and has all the latest windows updates.
Our server cannot connect to a certain SSL web site.
I have checked the SSL certificate of the remote third party website and it all validates successfully.
I have even checked on another Windows 2003 server and that connects and validates the certificate correctly.
The server that is failing to connect is reporting the following when trying to connect:
The remote server (url) presented a certificate that did not validate, due to RemoteCertificateChainErrors. The signature of the certificate can not be verified.
It gets a handshake but then fails to validate the certificate.
Does anyone have any ideas on what is causing this problem ?
I've cleared the CRL cache and rebooted the server accordingly but the problem still persists.
I've installed Firefox on the server and that does not have any problems connecting to the SSL url and validates the certificate correctly.
It's just the Windows OS and IE8 that have the issue and are unable to connect.
Thanks,
Chris
Is the certificate using a SHA1 or SHA2 hash algorithm? Because Windows 2003 Server does not support SHA2 unless you run the hotfix from Microsoft.
In our office we have setup TFS for project development. The TFS Server is WIN 2003 server SP2 with VSTFS 2008 and is running fine. Now we need to setup a TFS Proxy server on client site for client to access. Before going for the client setup, I wanted to build and test proxy in our office on a dummy server (will call it Proxy server hereon) by keeping it on a different domain. OS configuration of the Proxy server is the same as TFS server. I have installed and configured TFS proxy on Proxy server to connect to TFS Server. Also we have built trust between the two different domains to enable communication. Now problem is that I am not able to at all connect to TFS server. I am trying to connect from Internet Explorer of proxy server using proxy service account. It gives me error: The page cannot be displayed. HTTP 500 - Internal server error. The page I was browsing was http://tfs:8080/VersionControl/v1.0/ProxyStatistics.asmx.
I think I have done all the required steps correctly to configure proxy as described in MSDN and also TFS installation guide. Here Proxy service account is a member of ‘Team Foundation Valid Users’ group. I am able to connect to TFS Server (specifying port) using Telnet from command prompt on proxy server as suggested by few sites. The TFS server web sites have been configured to use Integration Windows Authentication. Event Logs on both the servers are also not giving any error. Overall I’m not able to get it done.
Any ideas on what might be the problem???
I think the port number for accessing the proxy server is 8081.
I also do not know why you need to install the proxy server on the the client side. You only need the VS200x on the client side I assume but check on
http://msdn.microsoft.com/en-us/library/ms252490(VS.80).aspx?ppud=4