Displaying 19 results from an estimated 19 matches for "certfic".
Did you mean:
certific
2012 Oct 15
3
Puppet 3 and master cert error ...
...tch the agent''s
private key.
Certificate fingerprint:
8F:24:92:B9:89:0C:E7:04:C5:3F:B6:11:F8:13:4B:6A:9E:F4:EA:08:E7:4E:75:1B:DA:1C:A6:47:04:DB:55:81
To fix this, remove the certificate from both the master and the agent and
then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean netadmin.domain.tld
On the agent:
rm -f /var/lib/puppet/ssl/certs/netadmin.domain.tld.pem
puppet agent -t
Error: Try ''puppet help ca list'' for usage
Does anyone have an idea what is going on here? if not I will open a ticket.
--
You...
2013 Aug 12
0
Asterisk WebRTC Support : WSS connection setup fails with error:00000000
...k pbx via wss, from sipml5.org
demo page (http://sipml5.org/call.htm).
I used the guide from
https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial ,
to setup the tls.
I could make a secure sip call ( SRTP) using the PhonerLite sip
client. ( This confirms my sip - tls settings and tls certficates. (
I'd added the tls client certficate file to the configuration of the
the sip client)
In the WSS option, I assume browsers negotiates for the the tls
certficate and keys.
Below are my debug code and the brief logs, http.conf :
Here, ssl_err is my addition to debug further, in main/tcp...
2011 Jun 17
7
Questions for puppet 2.6.8 client certificate management
How do I initiate a certificate request without going into non-daemon mode ?
According to "Pro Puppet" book, so far the only way I know that can
trigger a certficate request with puppet master is like this
puppet agent --server=puppetmaster.test.com --no-daemonize --verbose
but doing so will break my intention of automation I need to create a
puppet client package. A control-C is needed to terminate the process.
I have puppetmaster configured to be auto g...
2012 Nov 29
7
Puppet CA corruption
...wing:
Error: The certificate retrieved from the master does not match the agent''s
private key.
Certificate fingerprint: *<fingerprint removed>*
To fix this, remove the certificate from both the master and the agent and
then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean puppetmaster.site
On the agent:
rm -f /var/lib/puppet/ssl/certs/puppetmaster.site.pem
puppet agent -t
Error: Try ''puppet help ca list'' for usage
I have tried following said instructions which did not work at all.
Eventually I was able...
2008 Apr 17
1
Multiple ssl certificates
Hello,
I wonder if there is some possibility to force dovecot to use more than
one ssl certificate.
I would like to use a few certficates: one per IP We are hosting many
different domains
and I had to use stunnel to ensure encrypted connection for our clients
using different
certificates. But stunnel isn't a good solution and sometimes I need to
restart stunnels
because of some of it's processes hangs - after some improv...
2005 Aug 07
1
Question about SSL/TLS for ldap and samba
...penLDAP library still
provides support for the older method of securing communication
between clients and servers."
What is the difference between LDAPs and ldapv3 start-tls ?
I select the ldaps protocol in my smb.conf because I don't kown how
samba manage certificate.
If samba can use a certficate, it's not a problem. But I think that
samba use the certificate used with openLDAP client.
If is exact can I suggest to add some parameter in smb.cobnf for
specify certificate for samba only.
thanks
St?phane Purnelle
- --
St?phane Purnelle <stephane.purnelle@tiscali.be>
Site W...
2014 Oct 24
1
What is a client certificate?
...my certificates from cacert.org, to whom I am very grateful.
I follow what I take to be the official procedure,
first creating <server>.key and <server>.csr on my server
and then getting <server>.crt by going to Server Certificate=>New
at the cacert site.
I then place the key certficate *.key in /etc/pki/tls/private/
and what I call the client certificate *.crt in /etc/pki/tls/certs/ .
But I notice that there at www.cacert.org there is
a Client Certificate folder as well as the Server Certificate folder,
and it seems that one can create a "client certificate" there....
2012 Aug 13
4
CA and multiple masters
I did a quick look for it but I could not find it. When it comes to puppet
masters, is it required to copy the puppet/ssl/ca directory to each puppet
master or is there a configuration to make the puppet master not try to
generate its own CA if there is a ca_server option specified?
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To
2016 Apr 15
5
file rights tls key files.
Hai,
Im seeing the following..
[2016/04/15 09:57:55.135038, 0] ../source4/lib/tls/tls_tstream.c:1216(tstream_tls_params_server)
Invalid permissions on TLS private key file 'server.key.pem':
owner uid 0 should be 0, mode 0440 should be 0600
This is known as CVE-2013-4476.
It there anyway to override this setting? I do need 0440 here. ( or 0400 )
0600 is not
2012 Feb 29
3
Private key troubles after a new install and a reboot
...certificate retrieved from the
master does not match the agent''s private key.
Certificate fingerprint: E5:B1:52:B2:DC:DE:8C:DE:A7:AF:ED:
19:C8:E3:F5:12
To fix this, remove the certificate from both the master and the agent
and then start a puppet run, which will automatically regenerate a
certficate.
On the master:
puppet cert clean client.domain.com
On the agent:
rm -f /var/lib/puppet/ssl/certs/client.domain.com.pem
puppet agent -t
If I do what it says, then puppet gets new certs (I guess that''s what
it''s doing) and everything works fine.
But I cannot figure out w...
2016 Apr 15
0
file rights tls key files.
...nd what your saying.
But i have a "server" certificate, which i use for multple services.
And since some of these services "run as" other user/group i have a special group for that. So logical i set 0440 on my key file and 444 on my cert files.
And why does the key file ( any certficicate file ) a 6, 4 is sufficient.
Its just not logical make copies of the certificates thats not why i have a "server" certificate...
Im just not happy with samba "enforcing" my security settings..
So anyway to overrule this?
Greetz,
Louis
> -----Oorspronkelijk...
2016 Apr 15
1
file rights tls key files.
...ng.
>
> But i have a "server" certificate, which i use for multple services.
> And since some of these services "run as" other user/group i have a special group for that. So logical i set 0440 on my key file and 444 on my cert files.
> And why does the key file ( any certficicate file ) a 6, 4 is sufficient.
>
> Its just not logical make copies of the certificates thats not why i have a "server" certificate...
>
> Im just not happy with samba "enforcing" my security settings..
> So anyway to overrule this?
>
>
> Greetz,
>...
2012 Mar 26
0
puppetca trouble (The certificate retrieved from the master does not match the agent's private key)
...certificate retrieved from the master does not match the agent''s
private key.
Certificate fingerprint: D1:B4:88:24:24:31:FA:13:90:FA:1F:8A:CB:BF:2D:AB
To fix this, remove the certificate from both the master and the agent and
then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean foreman-proxy.example.com
On the agent:
rm -f /var/lib/puppet/ssl/certs/foreman-proxy.example.com.pem
puppet agent -t
i have tried the suggested solution, but i have no success.
The normal puppet run works without Problems
any idea?
rgds flo
--
You...
2010 Jun 07
3
X509 based certificate authentication in OpenSSH
Hello,
I would like to know whether OpenSSH supports x509 certificate based
authentication.
It looks like OpenSSH has dependency on OpenSSL so does this mean that
OpeSSH also supports x509 certificate based authentication.
If it does support, can you please point me to the necessary
documentation.
Thanks
Naitik
2005 Mar 12
2
corrupted inboxes
...ar 11 14:59:18 core postfix/smtp[8250]: verify error:num=19:self signed
certificate in certificate chain
Mar 11 14:59:18 core postfix/smtp[8250]: Peer verification: CommonName
in certificate does not match: tloin.butterzone.net != blade.butterzone.net
Mar 11 14:59:18 core postfix/smtp[8250]: Peer certficate could not be
verified
Mar 11 14:59:18 core postfix/smtp[8250]: 6F63A2798580:
to=<r at butterzone.net>, orig_to=<r-ethr at kuci.org>,
relay=blade.butterzone.net[208.37.27.136], delay=0, status=sent (250 Ok:
queued as 4783AC2C130)
Mar 11 14:59:18 core postfix/qmgr[7238]: 6F63A27985...
2003 May 07
4
VPN through BSD for Win2k, totally baffled
Scenario:
FreeBSD box running IPFW acting as a gateway to private network. The private
network is made up of entirely routeable IP addresses. External users
running Win2k and XP on DSL connections with dynamic IPs.
Goal:
To have the FreeBSD gateway securely authenticate and encrypt the traffic
between the outside users and the internal network.
I've spent the last 3 days running up and
2005 Nov 26
7
Reflections on Trusting Trust
or "How do I know my copy of FreeBSD is the same as yours?"
I have recently been meditating on the issue of validating X.509
root certificates. An obvious extension to that is validating
FreeBSD itself.
Under "The Cutting Edge", the handbook lists 3 methods of
synchronising your personal copy of FreeBSD with the Project's copy:
Anonymous CVS, CTM and CVSup. There are
2012 Jul 09
11
manifest for files executable on windows
Hello Puppet Users,
I need a puppet master (Ubuntu) to push the executable files to the agent
(windows 7) and install those executables
I believe the manifest file should be set up to push such config to the
windows agent. I came up with something like this:
class wireshark {
exec { ''wireshark'':
command =>
2013 Feb 16
22
How to manually create Puppet CA and client certificates using openssl?
...rtificate fingerprint: 4F:08:AE:01:B9:14:AC:A4:EA:A7:92:D7:02:E9:34:39:1C:5F:0D:93:A0:85:1C:CF:68:E4:52:B8:25:D1:11:64
Feb 16 09:35:20 test puppet-master[81728]: To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.
Feb 16 09:35:20 test puppet-master[81728]: On the master:
Feb 16 09:35:20 test puppet-master[81728]: puppet cert clean test
Feb 16 09:35:20 test puppet-master[81728]: On the agent:
Feb 16 09:35:20 test puppet-master[81728]: rm -f /var/puppet/ssl/certs/test.pem
Feb 16 09:35:20 test puppet-ma...