Skip to main content
Information Security

Questions tagged [tls]

Ask Question

SSL (Secure Sockets Layer) and/or TLS (Transport Layer Security)

5,914 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
1 answer
58 views

Everything is mostly in the title. Just to add, this is in the context of TLS1.2. I ask because, I have a server where, if you force a cipher that utilizes EC but do not send an ec_point_formats ...
Ambiguous Illumination's user avatar
  • 103
13 votes
3 answers
2k views

The government of Kazakhstan, in order for citizens to use electronic government services (egov.kz), requires installing the NCALayer application on the computer for working with digital signatures. ...
sunvis0r's user avatar
  • 131
1 vote
1 answer
140 views

I’m trying to intercept TLS traffic on port 8443 between an Android app and a IPcam (8443 is the webcam’s port) on my LAN, on-the-fly (like Burp Suite does with HTTP(S)). Protocol in 8443 is not HTTPS....
allexj's user avatar
  • 537
0 votes
1 answer
97 views

When server sends TLS ALERT: ERROR CODE 40 (FATAL HANDSHAKE FAILURE), how does browser know exactly that it's a cipher mismatch/overlap error? Do the browsers assume/presume it? Or is the only error ...
ABHISHEK PATIL's user avatar
  • 3
2 votes
0 answers
71 views

I work for a company that is using an Azure hosted Ubuntu VM as a server to forward a VNC connection from a control that we design and a user's computer or phone. Starting some time yesterday morning (...
Alex Dague's user avatar
  • 21
2 votes
1 answer
430 views

I am running a TLS server using java, when I configure the server with this cipher and TLS 1.3 , I am getting an error that cipher does not support tls 1.3. On this website https://ciphersuite.info/cs/...
anonymous's user avatar
  • 559
1 vote
2 answers
123 views

It has become a common corporate occurrence to introduce a TLS proxy server with a root cert on corporate devices in order to decrypt and inspect traffic. At the same time, the concept of zero-trust ...
JustAnotherUser's user avatar
  • 111
0 votes
1 answer
163 views

How do we securely transfer files using HTTP or other protocol in such case? I have 2 apps, one behave like client and other like server. Both app are publicly available. If I put any secret in the ...
Sangam's user avatar
  • 111
6 votes
3 answers
1k views

I am reviewing TLS configurations in my code, there are several places where there is TLS. In these places, TLS version is hardcoded to TLSv1.2. I want to make sure that TLS 1.3 is also supported. To ...
anonymous's user avatar
  • 559
7 votes
2 answers
2k views

I will illustrate my question by looking at SSL certificates: In general, we can expect a SSL/TLS certificate to be using, at least, a 2048-bit RSA key. Now, as long as quantum computers are not a ...
Antoine's user avatar
  • 81
0 votes
2 answers
183 views

Consider this scenario in an HTTPS (m)TLS [*] request: A trusted client sends a select query (the request) to a read-only database server The server uses a self-signed certificate, so it is ...
SOFe's user avatar
  • 133
4 votes
1 answer
117 views

I have this project where I am trying to to intercept HTTPS traffic of an APK. I have done this plenty of times with HTTP Toolkit and Bypassing pinning. This project however has been very difficult as ...
D J's user avatar
  • 41
0 votes
1 answer
134 views

Apple hosts https://ocsp2.apple.com even though it’s supposedly not possible to encrypt OCSP requests, which supposedly need to be sent unencrypted over port 80. How does Apple use HTTPS anyway and ...
Patrick Dark's user avatar
  • 340
0 votes
3 answers
274 views

Cracking HTTP with TLS 1.3 would take longer than anyone's life. Some articles said cracking AES 256 by brute force would take around 2,158,000,000,000 years. With VPN, I can bypass geo-blocks - hide ...
MineOnlyDiamonds's user avatar
  • 1
0 votes
1 answer
141 views

I couldn't understand why IPsec was used when the application data we were going to send was already encrypted by TLS. Or, if at the end of the day, all the data we send is encrypted at the bottom ...
Utku's user avatar
  • 9

15 30 50 per page
1
2 3 4 5
395