NetTalk Central

Author Topic: OPEN SSL CCS Vulnerability  (Read 9116 times)

urayoan

  • Full Member
  • ***
  • Posts: 222
    • View Profile
    • AZ Rock Radio
Re: OPEN SSL CCS Vulnerability
« Reply #15 on: December 09, 2015, 12:22:31 PM »
Walter:
  Make sure you paste the chain certificates after your certificate (needs that specific order).

  At first is a pain to get it right, but it should work.

  Who is your CA ?

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: OPEN SSL CCS Vulnerability
« Reply #16 on: December 09, 2015, 07:48:50 PM »
Hi Walterm

>>  I'm got intermediate certificates from my CA and include them into my .crt. My app stop working. on the client side (IE, chrome and firefox) i started get the error ssl_error_no_cypher_overlap (firefox). after that, i'd edit again to take of intermediate certificates and error still happening.

so it sounds to me like you made an error when adding an intermediate to the cert file.
Obviously if you undo the change, and it still doesn't work, then you made more changes than you think you made.
There's no magic here, these are just text files.

>> i had to restore a backup.

ok, so try adding the intermediate again, but just do it a little more carefully this time.

And of course, after doing it, you need to restart the server.

cheers
Bruce




Should i run CreateCertificateSigningRequest.Bat after including intermediate certificate?