Displaying 5 results from an estimated 5 matches for "authoritykeyidentifier".
2006 Jun 13
1
SSL fingerpring mismatch and issuer certificate problem
I have a remote server running centos 4.3 and a home desktop running
suse 10.1. I have generated an SSL certificate on the server, copied
it on the desktop and run on the desktop:
>openssl x509 -in mynewcertCert.pem -fingerprint -subject -issuer -serial -hash -noout
>c_rehash .
getting this warning:
>
> Doing .
> WARNING: mynewcertPrivateKey.pem does not contain a certificate or
2016 Apr 19
2
VPN suggestions centos 6, 7
...he important bit is the extendedKeyUsage line; I'm pretty sure that
>an OpenVPN server needs the serverAuth extension. For instance, here
>is the X509 extensions configuration for a server used by EasyRSA:
>
> basicConstraints = CA:FALSE
> subjectKeyIdentifier = hash
> authorityKeyIdentifier = keyid,issuer:always
> extendedKeyUsage = serverAuth,clientAuth
> keyUsage = digitalSignature,keyEncipherment
>
>You can ask openssl to tell you the purpose of a certificate:
>
>[bash]$ openssl x509 -noout -purpose -in cert.pem | grep SSL
>SSL client : Yes
>SSL client...
2016 Apr 18
2
VPN suggestions centos 6, 7
>
>
>Folks
>
>I would like to have my windows 7 laptop communicate with my home
>server via a VPN, in such a way that it appears to be "inside" my
>home network. It should not only let me appear to be at home for
>any external query, but also let me access my computers inside my home.
>
>I already have this working using M$'s PPTP using my home
2016 Apr 18
0
VPN suggestions centos 6, 7
...'t hurt anything.
The important bit is the extendedKeyUsage line; I'm pretty sure that
an OpenVPN server needs the serverAuth extension. For instance, here
is the X509 extensions configuration for a server used by EasyRSA:
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
extendedKeyUsage = serverAuth,clientAuth
keyUsage = digitalSignature,keyEncipherment
You can ask openssl to tell you the purpose of a certificate:
[bash]$ openssl x509 -noout -purpose -in cert.pem | grep SSL
SSL client : Yes
SSL client CA : No
SSL server : Yes
SSL ser...
2016 Apr 19
0
VPN suggestions centos 6, 7
...dedKeyUsage line; I'm pretty sure that an
>> OpenVPN server needs the serverAuth extension. For instance, here is the
>> X509 extensions configuration for a server used by EasyRSA:
>>
>> basicConstraints = CA:FALSE
>> subjectKeyIdentifier = hash
>> authorityKeyIdentifier = keyid,issuer:always
>> extendedKeyUsage = serverAuth,clientAuth
>> keyUsage = digitalSignature,keyEncipherment
>>
>> You can ask openssl to tell you the purpose of a certificate:
>>
>> [bash]$ openssl x509 -noout -purpose -in cert.pem | grep SSL
>&g...