Currently Viewing Posts Tagged Symantec

5 Free SSL Tools You Must Try in 2016

It is 2016, your website must be SSL encrypted. Now, you have questions, how about my server and how about my SSL installation? This is the answer to this question. You must try these five free tools to test, check, analyse your https website.

No.1 SSLShopper

It is an SSL checker. Enter server hostname and click check SSL button. It will give you the brief results, including server type, certificate CA, expiration day, etc.

sslshopper

LINK:  https://www.sslshopper.com/ssl-checker.html

No.2 Symantec CryptoReport

It is a powerful tool with good design. The result is more and it is the only one can tell you how many certificates installed. Look at below, the report said, I have RSA and ECC certificates installed.  The report

The report has following information:

  • Certificate is installed correctly.
  • Certificate chain installation part.
  • Server configuration:(Server type, IP, Port, Protocols, Cipher suites, etc.)

symantecLINK: https://cryptoreport.websecurity.symantec.com/checker/

Continue reading “5 Free SSL Tools You Must Try in 2016”

Tools to check your SSL Installation

I have tried some tools to diagnose my SSL certificate installation.

Some related to correct certificate, and more on certificate chain issues.

SSL Certificates are trusted from its parent, or issued by its high lever certificate. It looks like a chain, one connect to other one and gos to the CA root.

Say, I have a SSL certificate for domain seo.g2soft.net.

  • Certificate of seo.g2osft.net is issued by Comodo RSA domain Validation Secure Server CA
  • Comodo RSA domain Validation Secure Server CA is issued by Comodo RSA certification Authority
  • Comodo Rsa Certification Authority is issued by AddTrust External CA Root.

The last one, AddTrust External CA Root is one of root CAs.  It is issued by itself. Root Certificates was installed in every computer or browsers already. It is trusted and in the trust store.

certificate-chain

The above is a corrected installation.

Tool One:

Geocerts SSL Checker

https://www.geocerts.com/ssl_checker

Tool Two:

DigiCert SSL Installation Diagnostics Tool

https://www.digicert.com/help/

Continue reading “Tools to check your SSL Installation”

Some issues when I use SSL on web server Apache

I purchased SSL certificate from Gogetssl.com. The Comodo Essential SSL is a good deal on the list. I paid it $37.45 for FIVE years.

OK back to the title.

1) The CSR generator online is default sha1. Use my own openssl command to generate sha256 CSR, KEY files.

There are so many articles related sha1 vs sha256 ssl

If you can, use SHA-256 instead of SHA-1.

SHA1 is going to retired.

The command I use to generate private key and CSR file.

openssl req -new -newkey rsa:2048 -nodes <b>-sha256</b> -out www.mydomain.com.sha256.csr -keyout www.mydomain.key -subj "/C=FR/ST=Calvados/L=CAEN/O=TBS INTERNET/CN=www.moydomain.com"

Please make your own command with this tool.  Then add -sha256 in it . The above is for reference only.

2) Chain CA order

The certificate I received from gogetssl is a zip file. Unzip it and I got four certificate files.

  • AddTrustExternalCARoot.crt
  • COMODORSAAddTrustCA.crt
  • COMODORSADomainValidationSecureServerCA.crt
  • yourdomain.crt

To make a ca-bundle file, combine the three crt files into one.

When combine them, be carefully the order of files.

Put the content of COMODORSADomainValidationSecureServerCA.crt in the beginning of the ca-bundle file. Then paste the content of COMODORSAAddTrustCA.crt below, and paste the content of AddTrustExternalCARoot.crt.

3) Chain issues – Contains anchor

This is a issue when I check the ssl on ssllabs.com

AddTrustExternalCARoot.crt is the root CA. Self issued. Some people said the issue is because of this self issued root CA.

There are some post about it. They said it is safe when not include it in the ca-bundle

Comodo support article Qualys forum thread

ssl-labs

Continue reading “Some issues when I use SSL on web server Apache”

One good search tool

Craagle is a small tool, a search tool specialized on all kinds of software cracks, serial keys and DVD covers.
I doing some search by Search Engine. Lots of results came.
The problem was when I tried to download it, my Symantec AntiVirus always reported something wrong and deleted the file.
What’s wrong about this file?
OK, I went to the Symantec site and see how risk it is.

Updated: October 25, 2007 4:20:50 PM
Type: Potentially Unwanted App
Name: Craagle
Version: 1.9.0.0
Risk Impact: Low
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000
When the program is executed, it creates the following files:
%CurrentFolder%\craagle.ini
%CurrentFolder%\proxy.txt
The program helps users to query search engines for software cracks, serial keys, and DVD covers.

craagle-191

It is clear, Craagle is not a virus or spyware. It is a search tool only.
It is wonderful tool. When you want to try some software for a while, I suggest you use this tool to get what you want.
The link I tested safe is here.
Oh! I almost forget the purpose of this post.

Continue reading “One good search tool”

eWeek Channel Products of the Year for 2006

The special report on eWeek, Vol. 24, No.19.
Let me post part of the list of these channel product for you and me. Just for reference.
Collabration Software: Microsoft Office Outlook 2007
Databases: Microsoft SQL Server 2005 Compact Edition
Desktop PCs: HP Compaq dc7700 Business PC
Disaster recovery/backup: Symantec Backup Exec 11
Disk storage: HP StorageWorks All-in-one storage system
Displays: ViewSonic VG2230wm Widescreen Graphic Series LCD Display
ERP suites: MySAP
Notebooks: Lenovo ThinkPad X60 Tablet
Printers: HP Laser Jet 5200

Continue reading “eWeek Channel Products of the Year for 2006”

  • Archives