Home / ssl

How To Update Site Certificate For ADFS Windows Server 2012

If you run a Microsoft ADFS Server on Windows Server 2012, there will probably be a time when you'll need to update your site certificate on the server. In my case, I use a wildcard certificate for my domain, for example * so that all subdomains can use the same certificate. When you update the [...]

By | February 8th, 2017|Categories: System Administration, Windows|Tags: , , , , , , , |0 Comments

Install YAWAST – The Antecedent Web Application Security Toolkit

YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL - Versions and cipher suites supported; common issues. Information Disclosure - Checks for common information leaks. Presence of Files or Directories - Checks for files or directories that could [...]

By | October 24th, 2016|Categories: Pentest|Tags: , , , , , , , |0 Comments

HTTP/2, HTTPS, Let’s Encrypt, NGINX and WordPress Hardening

If you're running a Wordpress site on a Linux server running NGINX, then you might be interested in setting up a free SSL (HTTPS) certificate using Let's Encrypt. The internet is moving towards HTTPS, and even Google is said to rank HTTPS pages higher than the standard HTTP pages. If you're using Wordpress, you have [...]

JAMF Could Allow For MITM Attack

JAMF Software has a number of solutions for fleet management of Apple products, including their own Apple MDM. The issue discussed in this post applies to the self-hosted JAMF Casper Suite and deploying a JSS. This suite of tools includes software that will help track inventory, manage devices, implement security policies, and deployment of software [...]

By | September 12th, 2016|Categories: Attacks, Security|Tags: , , , , , , , , , , |0 Comments

Workaround Firefox Blocking Weak DHE Cipher Suites

If you have Firefox version 39 or newer, then you may have run into the error message below: "SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. [...]

NMap Script to Test SSL Versions and Cipher Suites

A few months ago, I wrote an article on how to configure IIS for SSL/TLS protocol cipher best practices. To test your configuration, you can use a handy tool called NMap ( or the ZenMap GUI. Included in NMap is a script called ssl-enum-ciphers, which will let you scan a target and list all SSL [...]

By | June 16th, 2016|Categories: Security|Tags: , , , , , , , |0 Comments

Google Chrome Error SSL Server Probably Obsolete ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION

If you're a Google Chrome user, you might have come across the Google Chrome Error SSL Server Probably Obsolete ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION while trying to browse to a HTTPS website. Unfortunately, as a user, there's not much you can do to get around this error message except to try a different browser like Internet Explorer. About a [...]

Load More Posts