top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration Why to Join

Facebook Login
Site Registration

How do I get a valid HTTPS certificate for a box that is behind a firewall and does not have a DNS entry?

0 votes

How do I get a valid certificate for a box that is behind a firewall and does not have a DNS entry?

I was looking at but currently it looks like a valid DNS entry is needed, of which I don't have.

There is nothing special about my setup, its just a box that is not directly on the internet, no DNS entry but I need HTTPS to run correctly.

How do I generate a trusted certificate base on IP or something?

How can I do that? Thanks,

posted Sep 29, 2016 by anonymous

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

2 Answers

0 votes

You create a self-signed certificate.

The first time a browser connects, it will give the user a warning. You can suppress that warning when connecting with scripts - either by globally accepting any self-signed certificate or by setting up your own CA that the script tools are scripted to trust.

I believe self-signed work with either IP or with a hostname on your local network.

answer Sep 29, 2016 by Vijay Shukla
0 votes

use most the PKI/SSL tool on the box to generate a certificate signing request (CSR), copy this small test file any way you want (copy/paste from a terminal session? put on a USB stick?) and send it to a certificate authority, they generate a signed certificate, you bring the resulting CRT back and import it back into the server's key store.

if this is https just for private use, you could run your own private root CA, sign your own certificates, it would simply be necessary to import your CA's public key into any browser that you want to trust the signed private keys.

answer Sep 29, 2016 by Kaushik
Similar Questions
0 votes

how to manage the secured connection error in HTTPS?

+1 vote

How do I checks what ciphers are available to the https compiled binary, and how do I check with of those are active in the configuration?

Is there any technical reason that ECDHE-RSA-AES128-SHA256 cannot be used on a server with a self-signed cert (there's no e-commerce or any financial data of any sort on the server).

If an existing server wants to switch so that all traffic is encrypted using DH if possible (interested in implementing Perfect Forward Secrecy) are there any "Gotcha's" lurking in the bushes?

If you enable ECDHE-RSA-AES128-SHA256, should you disable EDH?

To be accessible for most people (including some Windows XP users), what else do I need to enable in the cipher suite? RC4? RC4-SHA? TLSv1? AES?

Which ones do I need to avoid?

+1 vote

I'm using apache 2.2 as front end and apache tomcat 6.0.37 as backend. I'm using mod_jk for connecting them.

The problem is. I'm using ssl certificates and configured ssl on apache. when I connect the site with https it works but when I click on an link it no more secure i.e. its not secure browsing anymore.

My requirement is as follows.

If user connects as https all the links should work as https. If the user connects as http all the links should work as http is such thing is possible?

0 votes

How to use multiple virtual hosts with a single SSL instance running on the standard https port.

+1 vote

I have an application that runs on weblogic 10.3.6 and struts 2.3.8. The weblogic is behind a loadbalancer that does https to http translation. When the application uses a redirect it will use HTTP instead of the original HTTPS protocol. Is there a way to force redirect to use HTTPS?

Contact Us
+91 9880187415
#280, 3rd floor, 5th Main
6th Sector, HSR Layout
Karnataka INDIA.