Displaying 3 results from an estimated 3 matches for "cdhe".
Did you mean:
ecdhe
2015 Feb 16
1
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
...ediate CA cert
>> Intermediate CA CRL
>> Root CA cert
>> Root CA CRL"
>
> that is how you can and should build your PEM files for *every* SSL aware software, Apache and Postfix are happy with exactly that format
>
> i go even so far and include the CDHE and DHE params there which means in case of a recent httpd you can make DHE compatible which most clients even if your RSA certificate is 4096 Bit (read the hint about 2.4.7 or later at http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatefile if you want to know why)
>
> there is...
2015 Feb 16
0
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
...ssuing CA CRL
> Intermediate CA cert
> Intermediate CA CRL
> Root CA cert
> Root CA CRL"
that is how you can and should build your PEM files for *every* SSL
aware software, Apache and Postfix are happy with exactly that format
i go even so far and include the CDHE and DHE params there which means
in case of a recent httpd you can make DHE compatible which most clients
even if your RSA certificate is 4096 Bit (read the hint about 2.4.7 or
later at
http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatefile if
you want to know why)
there is also...
2015 Feb 16
2
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
Why not /etc/dovecot/private? That's where I put my dovecot certs. Dovecot's needs are a bit different from other software, and so it is unclear whether the files won't be unique to it. For example, I haven't seen the following before I read it on the Dovecot wiki:
"The CA file should contain the certificate(s) followed by the matching CRL(s). Note that the CRLs are required