Hey Friends, The upcoming releases of Google Chrome September 2018 time frame is said to no longer trust certain Symantec, Thawte, GeoTrust, and RapidSSL SSL/TLS certificates. Chrome users will see “Not secure” in the address bar when connecting to websites using a distrusted certificate. The folks over at Qualys wrote: “Google finalized their plans for […]
I recently retired my OpenVPN Turnkey appliance and needed to get my VPN solution up and running again. I decided to go with installing OpenVPN Access Server on a clean install of Ubuntu Server to create a stable and lightweight Virtual Private Network (VPN) to access my network. I chose to go with OpenVPN AS because […]
One of the teams I support had run into some issues. Spending a lot of time investigating code and possible configuration problems. What they later suspected to be a policy issue, possibly a firewall, network issues turned out to be something entirely different. Lets start with the symptoms: Service request to a secured site stopped functioning, […]
Here we are again with POODLE I’ve touched on it here: http://jermsmit.com/security-news-poodle-security-vulnerability/ Then secured up Apache here: http://jermsmit.com/secure-apache-httpd-from-poodle/ And even did some testing here: http://jermsmit.com/tech-short-lets-test-for-poodle-or-sslv3/ This time I am adding the steps used to secure-up some IIS Servers. Lets Start: *note* These steps apply to Server 2003, 2008, 2012 Requirements: Administrator Rights Registry Changes Reboot of Server Steps: […]
I was testing one of my SSL enabled sites after securing apache HTTPD from POODLE, when I noticed the following warning: The server does not support Forward Secrecy with the reference browsers To ensure I was operating at the best security level possible for my little site, I added the following to the apache2.conf (/etc/apache2/) […]
Hello friends, The following post is to advice some of you that run public facing websites which use SSL. Google Chrome will start giving users Warning messages when accessing sites that use SHA-1 based SSL Certificates. By the way – This is scheduled to start happening in under a month form now. And if you are […]