SSL certificate
Solved: curl: (35) ssl connect error
The main course of this problem is the outdated `curl` package on your system.
How to list all available CA SSL certificates on Ubuntu?
To list all available CA SSL certificates run the following lines of code:
How to generate a private key for the existing .crt file on Nginx?
Unfortunately, this is not possible. You cannot generate a private key out of an existing certificate. If it would be possible, you would be able to impersonate virtually any HTTPS webserver.
SSL Certificate Problem: Unable to get Local Issuer Certificate
If you get SSL certificate problem: unable to get local issuer certificate error, it's an indication that your root and intermediate certificates on the system are not working correctly or not set up correctly.
Solved: Error 526 Invalid SSL Certificate
Error 526 indicates Cloudflare is unable to successfully validate the SSL certificate on the origin web server and the SSL setting in the Cloudflare SSL/TLS app is set to Full SSL (Strict) for the website.
Solved: SSL_Error_rx_record_too_long
The usual cause is that the implementation of SSL on your server is not correct. The error is usually caused by a server-side problem which the server administrator will need to investigate.
Solved: ERR_SSL_VERSION_OR_CIPHER_MISMATCH
When you are accessing the HTTPS secured website a series of steps is taken in the background to ensure that the connection is safe and trusted. Some of these steps consist of checking certificates. If the browser does not believe that the connection would be secure it displays this error.
Solved: Invalid command ‘SSLEngine
This frequently happens on fresh Apache servers. When Apache starts it reads through the configuration files. When it encounters `SSLEngine` directive, it considers it as unknown. This is caused by the fact that the server’s basic configuration does not have `mod_ssl` module installed or enabled.
Solved: (cron) info (No MTA installed, discarding output) error
If you get *SSL certificate problem: unable to get local issuer certificate* error, it's an indication that your root and intermediate certificates on the system are not working correctly or not set up correctly.
Solved: NET::ERR_CERT_COMMON_NAME_INVALID
A NET::ERR_CERT_COMMON_NAME_IN error occurs when the domain the SSL certificate is installed on is not listed on the certificate (either as the common name, subject alternative name or covered by a wildcard).
Solved: Error:0D0680A8 : asn1 encoding routines: ASN1_CHECK_TLEN: wrong tag
This error is due to an invalid certificate format installed on the Apache webserver.
How to verify SSL certificates on the command line?
To validate an SSL certificate you can use one of the following approaches, depending on the type of the certificate.
Does each subdomain need its own SSL certificate?
This depends purely on what type of certificate you have. You can have a standard single domain certificate. Aside from that, you can also get two following types of certificates.
Where to keep SSL certificates and private keys on Ubuntu and Debian?
To list all available CA SSL certificates run the following lines of code:
How to display remote SSL certificate details with CLI tools/cURL?
You can use `openssl` command like this. Replace the highlighted part with the select domain name
How to generate a private key for the existing .crt file on Apache?
Unfortunately, this is not possible. You cannot generate a private key out of an existing certificate. If it would be possible, you would be able to impersonate virtually any HTTPS webserver.