search for: cacert

I was not able to find specific help for configuring the crt file for CaCert. I gleaned from examples the following order: server certificate CaCert class 3 certificate Cacert root certificate However, when I try to configure my mail reading for IMAP, Dovecot shows the following error in the log: dovecot: imap-login: Aborted login (no auth attempts): I am assuming, base...

....4 server on FreeBSD. LBSD2# pkg_info | grep openldap openldap-sasl-client-2.4.23 Open source LDAP client implementation with SASL2 support openldap-sasl-server-2.4.23 Open source LDAP server implementation I put my cert file, key file and CA certfile in a directory called /usr/local/etc/openldap/cacerts Here's how it looks: [root at LBSD2:/usr/local/etc/openldap/cacerts]#ls -l total 48 dr--r----- 2 root ldap 512 Nov 21 17:12 bak -r--r----- 1 root ldap 1960 Nov 21 07:05 bsd2.summitnjhome.com.crt -r--r----- 1 root ldap 4604 Nov 21 17:16 gd_bundle.crt -r--r----- 1 root ldap 4689 N...

...9;s my old blog article on installing Citrix Receiver on OpenSUSE : * https://www.microlinux.fr/citrix-receiver-opensuse-leap-15-0/ The application's certificate store is incomplete, so here's how I resolved the problem under OpenSUSE : # cd /opt/Citrix/ICAClient/keystore/ # rm -rf cacerts/ # ln -s /etc/ssl/certs cacerts Once this is done, Citric Receiver works perfectly under OpenSUSE. Now I tried to do the same thing under CentOS 7. The certificates are stored in a different directory, so here's what I did. # cd /opt/Citrix/ICAClient/keystore/ # rm -rf cacerts/ # ln...

Hola Alfonso, buenos días: Lo he probado pero no me va, eso sí ha cambiado el error, el código utilizado es: library(ROAuth)library(twitteR) download.file(url="http://curl.haxx.se/ca/cacert.pem", destfile="cacert.pem") reqURL <- "https://api.twitter.com/oauth/request_token"accessURL <- "http://api.twitter.com/oauth/access_token"authURL <- "http://api.twitter.com/oauth/authorize"consumerKey <- "Hola_amigo"consumerSecre...

...,dc=com timelimit&nbsp;1 bind_timelimit&nbsp;1 nss_initgroups_ignoreusers&nbsp;root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm uri&nbsp;ldaps://auth1.xa.xxxx.com:636&nbsp;ldaps://auth2.xa.xxxx.com:636 ssl&nbsp;on tls_checkpeer&nbsp;yes tls_cacertdir&nbsp;/etc/openldap/cacerts tls_cacertfile&nbsp;/etc/openldap/cacerts/cacert.pem pam_password&nbsp;md5 bind_policy&nbsp;soft &nbsp; [root at xxxx&nbsp;~]#&nbsp;cat&nbsp;/etc/openldap/ldap.conf&nbsp; URI&nbsp;ldaps://auth1.xa.xxxx.com:636&nbsp;ldaps://...

Thanks for the response. My current chain is as follows: caroot -> child-ca1 -> server cert My cacert.pem file has both the caroot and the child-ca1 certs. I have recompiled libvirt on my machine with some extra debug statements and verified that both the caroot cert and the child-ca1 certs are being loaded. But when I try to connect the caroot and child-ca1 certs only appear under the "Accept...

Hi, My puppet master can''t bind ( ldap ) with my central server which has CACert assigned certificate. Are there any problem with Puppet with CACert? Or, how can I make that certificate trusted in my Puppet master? Any kind of help or hint appreciated. -- Best, Zico -- You received this message because you are subscribed to the Google Groups "Puppet Users" group...

Hola comunidad, ¿Qué tal? Tengo una duda que creo que es sencilla, pero me veo algo torpe. Estoy tratando de darme de alta para poder acceder, vía R a la api de Twitter, soy un poco novato en esto y por esto lanzo la pregunta. Aunque ya me han ayudado y me han pasado alguno link del pasado, aún no consigo dar con la solución que seguro es algo que se me escapa He usado este código

...m?one # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 ssl no # OpenLDAP SSL options # Require and verify server certificate (yes/no) #tls_checkpeer yes # CA certificates for server certificate verification tls_cacertfile /etc/openldap/cacerts/cacert.pem tls_cacertdir /etc/openldap/cacerts # Client certificate and key tls_cert /etc/openldap/cacerts/servercert.pem tls_key /etc/openldap/cacerts/serverkey.pem Relevant parts of /etc/pam.d/system-auth: auth required pam_env.so...

Hi all, We are running "dovecot-1.0.7-7.el5" on a CentOS release 5.5 (Final) box. I know, its an old version, but it cames up with the CentOS release (yum). Anyway. Is there a way to import the certificate, which was generated with "mkcert_dovecot.sh", permanently to the outlook 2003 clients? Every time, when our office 2003 clients fetches there emails (POP3s) from our

...dap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP ldap.domain.org:6636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 12.34.56.78:6636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 TLS: certdb config: configDir='/etc/openldap/cacerts' tokenDescription='ldap(0)' certPrefix='' keyPrefix='' flags=readOnly TLS: cannot open certdb '/etc/openldap/cacerts', error -8018:Unknown PKCS #11 error. TLS: error: connect - force handshake failure: errno 0 - moznss error -12226 TLS: can't connect: TLS...

...21:05:29 10.10.10.213 dovecot: pop3-login: Can't load CA file /etc/dovecot/all.der: Success May 7 21:05:29 10.10.10.213 dovecot: imap-login: Can't load CA file /etc/dovecot/all.der: Success /etc/dovecot/all.der was generated by concatinating the following (all in der format) http://www.cacert.org/certs/root.der http://www.cacert.org/certs/class3.der http://crl.cacert.org/revoke.crl http://crl.cacert.org/class3-revoke.crl # dovecot --version 1.0.10 reiserfs filesystem # uname -a Linux mail.cacert.org 2.6.22-vs2.2.0.7-gentoo #1 SMP Mon May 5 20:21:30 EST 2008 x86_64 GNU/Linux # dovec...

...s "Native (Windows)". Now wine doesn't run... What do I need to change back to the it's original state and where do I find it? Regards, Morgan. -- Getting errors: "There are problems with the signature" (or similar)? Update your system by installing certificates from CAcert Inc, see here: http://wiki.cacert.org/wiki/BrowserClients?#head-259758ec5ba51c5205cfb179cf60e0b54d9e378b Or, if Internet Explorer is your default browser, simply click this link: http://www.cacert.org/index.php?id=17 Morgan Read NEW ZEALAND <mailto:mstuffATreadDOTorgDOTnz> fedora + freedom;...

...rning doesn't matter. Or does it? I don't get the warning from other IMAP servers. But I was wondering if my setup in /etc/pki/tls/certs/ is correct. I have 3 .crt files: ca-bundle.crt from CentOS installation (actually from ca-certificates*.rpm), gayleard.crt , the certificate I got from CAcert.org cacert.crt , the Class 3 root certificate from CAcert.org . I'm wondering if I am supposed to append the cacert.crt to ca-bundle.crt , and if failure to do that could be the cause of the warning? Alternatively, should I use the Class 1 root certificate from CAcert? (I didn't because C...

...m?one # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 ssl no # OpenLDAP SSL options # Require and verify server certificate (yes/no) #tls_checkpeer yes # CA certificates for server certificate verification tls_cacertfile /etc/openldap/cacerts/cacert.pem tls_cacertdir /etc/openldap/cacerts # Client certificate and key tls_cert /etc/openldap/cacerts/servercert.pem tls_key /etc/openldap/cacerts/serverkey.pem Relevant parts of /etc/pam.d/system-auth: auth required pam_env.so...

..../configure --prefix=/opt/ssh && make && make install in both server and client machines - Create minimal openssl ca structure under /opt/ssh/etc/ca ( self signed CA certificate, server certificate signed by CA, client certificate signed by CA ). I now have certificates cacert.pem, server.pem and client.pem and keys for all three - Build server host id using (under /opt/ssh/etc): cat server-key.pem > ssh_host_key_cert cat server.pem >> ssh_host_key_cert chmod 0600 ssh_host_key_cert ../bin/ssh-keygen -y > ssh_host_key_cert.pub // entering...

...CAs. I am trying to get the machines to trust each other across the different intermediate CAs. This is what I have so far: Libvirtd is starting and listening on tls port 16514 I have configured client/server certs/keys and it seems to be using all of these correctly. I have also configured the cacert.pem file (which has two certs in the chain). I have confirmed (recompiling with various debug statements) that the gnutls libraries are successfully loading both certs from the cacert.pem file. When I try to connect with openssl s_client -connect <host>:16514 I get something similar to this:...

...wildcard certificate and using it for all the above services, but I don't know if this is actually the proper way of doing things! Cheers, James PS - Once I've worked out how exactly I'm supposed to be doing this, I'll probably get some "officially" signed certs. I hear CACert are a good, free way of doing this. Anyone got any comments on that? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32) iQEVAwUBRGkGT/8Z3wLA10m9AQLt3wf/RBAvhZ/B+t0L4XFqf3Jds44esvdDAhVw Mvv1Qp9AfwnHImH/cAQpWAihcyK3dIs9KgOtpBsOxbBgPiJUX508Apn4e9IiCC/S xh/OjqpdjnqyMc3r4gBJbMwn0DUXqd+E9w...

A very ignorant question, sans doute. I get my certificates from cacert.org, to whom I am very grateful. I follow what I take to be the official procedure, first creating <server>.key and <server>.csr on my server and then getting <server>.crt by going to Server Certificate=>New at the cacert site. I then place the key certficate *.key in /etc/pki...

...ome reference to a file relative to the source. Seems to be a selinux issue on the former and a beagle issue on the latter. Any ideas what's going on? Thanks -- Getting errors: "There are problems with the signature" (or similar)? Update your system by installing certificates from CAcert Inc, see here: http://wiki.cacert.org/wiki/BrowserClients?#head-259758ec5ba51c5205cfb179cf60e0b54d9e378b Or, if Internet Explorer is your default browser, simply click this link: http://www.cacert.org/index.php?id=17 Morgan Read NEW ZEALAND <mailto:mstuffATreadDOTorgDOTnz> fedora + freedom;...