Categories
News

Check your website for Chrome distrust

Hey Friends, The upcoming releases of Google Chrome September 2018 time frame is said to no longer trust certain Symantec, Thawte, GeoTrust, and RapidSSL SSL/TLS certificates. Chrome users will see “Not secure” in the address bar when connecting to websites using a distrusted certificate. The folks over at Qualys wrote: “Google finalized their plans for […]

Categories
How-To Software Technical

OpenVPN Access Server on Ubuntu

I recently retired my OpenVPN Turnkey appliance and needed to get my VPN solution up and running again. I decided to go with installing OpenVPN Access Server on a clean install of Ubuntu Server to create a stable and lightweight Virtual Private Network (VPN) to access my network. I chose to go with OpenVPN AS because […]

Categories
How-To Technical

Windows 2003, HTTPS Access Issues

One of the teams I support had run into some issues. Spending a lot of time investigating code and possible configuration problems. What they later suspected to be a policy issue, possibly a firewall, network issues turned out to be something entirely different. Lets start with the symptoms: Service request to a secured site stopped functioning, […]

Categories
How-To Software Technical

Please disable POODLE in IIS, here is how

Here we are again with POODLE I’ve touched on it here: http://jermsmit.com/security-news-poodle-security-vulnerability/ Then secured up Apache here: http://jermsmit.com/secure-apache-httpd-from-poodle/ And even did some testing here: http://jermsmit.com/tech-short-lets-test-for-poodle-or-sslv3/ This time I am adding the steps used to secure-up some IIS Servers. Lets Start:  *note* These steps apply to Server 2003, 2008, 2012 Requirements:  Administrator Rights Registry Changes Reboot of Server Steps: […]

Categories
How-To Software Technical

Configuring Apache for Forward Secrecy

I was testing one of my SSL enabled sites after securing apache HTTPD from POODLE, when I noticed the following warning: The server does not support Forward Secrecy with the reference browsers To ensure I was operating at the best security level possible for my little site, I added the following to the apache2.conf (/etc/apache2/) […]

Categories
News Software Technical

SHA-1 based SSL Certificates are being Phased Out

Hello friends, The following post is to advice some of you that run public facing websites which use SSL.  Google Chrome  will start giving users Warning messages when accessing sites that use SHA-1 based SSL Certificates. By the way – This is scheduled to start happening in under a month form now. And if you are […]