1. R

    SSL handshake failed for opn-cli

    I got this error during my SSL handshake for opn-cli during data fetching and I got this error at that time so please help or give me some guidance for it how to resolve.
  2. S

    Running Caprover in guest os behind NAT

    Hello dear FreeBSD gurus. Not sure this topic fits in here, feel free to move the topic if it's not correct. What i'm trying to do is to install Caprover ( on a guest os on my FreeBSD host machine. I'm doing virtualization with bhyve. This is not the relevant part though ;) So...
  3. Angel Hess

    FreeBSD and SSL

    I have used certbot for many years and have never found a good configuration that I like that does auto updates. I am using wildcard domains with command certbot certonly --manual -d -d '*' so the normal automatic update can not be used unless you use an additional script...
  4. Z

    Create own proxy server on FreeBSD using Stunnel and 3proxy software with public key cryptography verification between the Stunnel server and Stunnel.

    This topic provides a solution on how to make own Proxy serwer, on a FreeBSD operating system, using Stunnel validated with public-key cryptography between Stunnel server and Stunnel client, for use by a web browser. The primary benefit is that, unlike other VPN, the client does not require...
  5. A

    certbot can't found server block in external config files in nginx

    Freebsd 13.1, nginx/1.22.0, certbot 1.29.0 If I use and server block is in /usr/local/etc/nginx/nginx.conf cerbot install cert correctly When I move server block to separate files servers/ and use in main config certbot show My servers/ is Of course the...
  6. K

    About Nginx+HTTPS+SSL certs in Jails

    Hi everyone. I'd like to set two jails with each hosting a domain of mine, with HTTPS/TLS support on nginx. My case is; My Dedicated Server/Host IP: (External Public IP Addr) (has also PF activated and running without Jails' support, anything with any jail, at the moment) Jail 1 -...
  7. W

    Setting up Ssl on Apache24 Server

    Hello everyone ! I want to set up ssl protocol for my local web server that i started with apache24. What should i do ? Which conf's should i edit ? What are the commands etc. This will help a lot. Btw. i have 2 .cer , 1 .crt , 1.p7b certificate file.
  8. Martian

    PF redirect local outgoing packets

    Hello, I'm trying to setup port multiplexing using sslh importantly I have to use that nice 'transparent' feature that makes traffic from sslh distributed locally to look like it comes from external interface. It looks something like this : Browser[A]-----------[http/ssl]-------> sslh[B 443]...
  9. sidetone

    Prioritizing SSL/TLS in make.conf

    In /etc/make.conf, I would like to set openssl, security/libressl or security/nss over security/gnutls, and know whether security/libressl can coexist with Openssl. In make.conf, this is what I have in mind OPTIONS_SET=OPENSSL OPTIONS_SET+=NSS Libressl has a reputation for being better than...
  10. henninb

    Solved Apache/SSL setup not working with Firefox

    I am working on setting up SSL on apache24 web server on my local network with a self signed certificate. I am able to confirm it is working with curl and openssl (see the details below), however I am not able to get it working with firefox. I imported my self signed cert to firefox, however...
  11. sysnes

    Send command to jail from main host - Socket with openssl api

    Hi, first of all I want to thanks for this community, this forum have rich content. Is possible to send a command from the main host to jail host? Like this: ezjail-admin console WEBSERVER | nginx -s reload I want to restart a service and check status, so I think I need to do this via...
  12. S


    Hi, We've been getting net::ERR_SPDY_PROTOCOL_ERROR on mostly chrome when serving video files. In the beginning we thought that issue is with Chrome browser but after testing it further we found that video serving working perfect on Debian but error is only occuring on Freebsd. The way we're...
  13. Donald Baud

    HowTo: SSL/TLS certificates with

    Note: this post is amended because the updated port security/ is now using its own convention home directory /var/db/acme with dedicated user/group acme:acme The idea is to limit the use of elevated privileges as much as possible. ================ - What is this about? security/
  14. Petr Fischer

    Solved Building nginx in a jail with ssl=base (without openssl port dependency)

    Hello, I am trying to build nginx from ports, but I don't want dependency to openssl from ports. I want "base" FreeBSD openssl. Default nginx package has no dependency to external openssl package. I am building in a jail. I have this in make.conf: WRKDIRPREFIX= /var/ports DISTDIR=...
  15. M

    LDAP with TLS not working

    Hello all, I have a problem setting up OpenLDAP server 2.4.44 on latest FreeBSD 10.3. The server has been installed form ports with the standard options, the same machine is also CA for my internal domain. When I try to start slapd this is the error I get: root@srv1:~/sslCA #...
  16. T

    Solved pop3s failure (qpopper, SeaMonkey, Apple Mail)

    Attempting to retrieve email via qpopper with TLS/SSL (pop3s on port 995, plain text password) enabled using the SeaMonkey and Apple Mail mail clients fails with the qpopper log showing the same failure mode: Apr 11 22:47:24 shadow qpopper[56980]: OpenSSL error during handshake Apr 11 22:47:24...
  17. aragats

    No access to Forums

    There were so many discussions regarding similar issues. I've read them, but still cannot figure out what's happened recently that I cannot access Forums from my home network using various browsers. I've rebooted my modem to get a new IP. Also checked both old and new IPs with...