search for: certificate

Displaying 20 results from an estimated 5631 matches for "certificate".

2018 May 25
4
Suggestion: Deprecate SSH certificates and move to X.509 certificates
I suggest deprecating proprietary SSH certificates and move to X.509 certificates. The reasons why I suggest this change are: X.509 certificates are the standard on the web, SSH certificates provide no way to revoke compromised certificates, and SSH certificates haven't seen significant adoption, It's also a bad idea to roll your own crypt...
2013 Jun 12
4
certificate problem
When I try to connect to my new puppet master, I get an error because of a self-signed certificate: ---snip--- # puppet agent --test --noop Warning: Unable to fetch my node definition, but the agent run will continue: Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [self signed certificate in certificate chain for /CN=Puppet CA: sapdisk...
2004 Jul 30
3
SSL CA root certificate
In reading through the mailing list, this question seems to have come up before, but never quite answered. I bought a certificate from Digital Signature Trust which is a well known certificate authority. The reason I bought my certificate, was so that email clients connecting to my imaps server wouldn't be bothered with warnings of unrecognized certificate authority as they would see with a self-signed server certificate...
2017 Jul 07
5
STARTTLS issue with sieve
Hi all, I am currently struggling with an odd sieve/Pigeonhole issue. Some weeks ago I had to replace our dovecot certificate due to expiration. In the past I did use a self-signed certificate, but because we now have a little openssl based CA I have decided to create signed certificate for imaps. Dovecot is happily accepting the new certificate which has integrated the whole cert-chain. Unfortunately Pigeonhole does...
2018 May 25
3
Suggestion: Deprecate SSH certificates and move to X.509 certificates
How can I revoke one SSH certificate without having to replace the root certificate and all certificates signed by it? Regarding the second statement, do you have sources? On Fri, May 25, 2018 at 6:58 AM, Peter Moody <mindrot at hda3.com> wrote: > On Thu, May 24, 2018 at 8:36 PM, Yegor Ievlev <koops1997 at gmail.com>...
2019 Mar 14
5
regarding ssl certificates
Excuse dopey question. I'm not exactly clear about certificates. Apache2 default install has this snake oil certificate Can make a new one for apache Can make one for dovecot Can make one for ssl Is there supposed to be the one (self signed ) certificate pair in one place for the machine that each process hands out ? Can they be moved to another machine ? mi...
2012 Aug 28
8
Unable to generate certificate on Puppet Agent through Master
Hi, I have a puppet master and agent installed. I want to generate and configure master-agent certificate and followed the steps: Master: ========== 1. Cleaned up all certificate on Master: [root@puppet-server manifests]# puppet cert sign --all No waiting certificate requests to sign [root@puppet-server manifests]# puppet cert clean --all notice: Revoked certificate w...
2008 Nov 19
2
Could not request certificate: Certificate does not match private key
...added a new client to an existing configuration but cannot get it recognised. Both client and server are running 0.24.5, installed on gentoo linux using portage. This is what I dis: Server: /etc/init.d/puppetmaster start * Starting puppetmaster ... [ ok ] Client: puppetd --test warning: peer certificate won''t be verified in this SSL session notice: Did not receive certificate notice: Set to run ''one time''; exiting with no certificate Server: puppetca --generate client.here.there Generating certificate for client.here.there Client: puppetd --waitforcert 60 --test warni...
2018 May 25
5
Suggestion: Deprecate SSH certificates and move to X.509 certificates
That's not a very good source, since it's only available to one person. On Fri, May 25, 2018 at 7:12 AM, Peter Moody <mindrot at hda3.com> wrote: > On Thu, May 24, 2018 at 9:09 PM, Yegor Ievlev <koops1997 at gmail.com> wrote: >> How can I revoke one SSH certificate without having to replace the >> root certificate and all certificates signed by it? > > there is no chaining of ssh certificates. > >> Regarding the second statement, do you have sources? > > yes. my day job. > >> On Fri, May 25, 2018 at 6:58 AM, Peter Moody &lt...
2012 Aug 10
3
SSL issues - certificate verify failed
...lib/puppet/ssl: find . -type f -delete I would appreciate any help that''s available ... thanks & greetings! Axel. ... and now the little dump: (CLIENT) *root@l1311022:/var/lib/puppet/ssl$* *puppet agent --test* info: Creating a new SSL key for l1311022.our.domain.de warning: peer certificate won''t be verified in this SSL session (2x) info: Creating a new SSL certificate request for l1311022.our.domain.de info: Certificate Request fingerprint (md5): 19:60:00:FE:95:D8:1B:D1:7A:0A:08:C1:1F:E1:94:4E warning: peer certificate won''t be verified in this SSL session (3x) Exi...
2006 Nov 02
6
certificate not trusted
Hello, I try to install puppet on freebsd 6.X. All is well but i cannot get the certificte to install and be recognized. I run .19.3. I run the puppetd --test --waitforcert 60 then sign and then i got: err: No certificate; running with reduced functionality. info: Creating a new SSL key at /usr/local/.aqadmin/puppet/conf/ssl/private_keys/xxxxxxxxxxxxxx.pem info: Creating a new certificate request for xxxxxxxxxxxxxxxxx info: Requesting certificate warning: peer certificate won''t be verified in this SSL sess...
2011 Feb 15
11
Puppetmasterd not receiving certificate request
Hi: I''m trying to configure Puppet on Ubuntu, and strangely I am never able to generate a certificate because my server never shows any pending certificate requests. Put differently, on the server I am running puppetmasterd and on the client I am able to connect to the server, but the client continues printing notice: Did not receive certificate warning: peer certificate won''t be v...
2017 Aug 09
3
is a self signed certificate always invalid the first time?
Thanks Ralph, i?ll look into that. I think let?s encrypt uses certbot though and it can?t do email certificates (although i?m sure i can convert the cert i get from let?s encrypt, i?ll look into it. > On 9 Aug 2017, at 16:40, Ralph Seichter <m16+dovecot at monksofcool.net> wrote: > > On 09.08.2017 17:20, Alef Veld wrote: > >> So i?m using dovecot, and i created a self signed certif...
2010 Jun 27
6
Borked Client Cert in 0.25
Here we go with puppet 0.25 certificate problems again. I had a system where puppet was running fine. I reinstalled it. Running puppet on the client causes this: "Could not request certificate: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key". Fin...
2007 Oct 24
3
fetchmail log messages I don't understand
I see these messages every time fetchmail pops my mail. I don't understand what certificates it is talking about, or how to straighten this out. fetchmail: Server CommonName mismatch: localhost != mail.mydomain.com fetchmail: Server certificate verification error: self signed certificate fetchmail: Server certificate verification error: certificate has expired What do I need to read up...
2018 Jul 30
2
2.3.2.1 - EC keys suppport?
...gt;> >>>> It does - Thunderbird 60.0b10 (64-bit) >>>> >>>> [ security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384;true ] >>>> >>>> It seems there is a difference between the private key (rsa vs. ecc -> >>>> SSL_CTX?) used for the certificate signing request and the signed >>>> certificate. >>>> >>>> The csr created from a private key with [ openssl genpkey -algorithm RSA >>>> ] and signed by a CA with [ ecdhe_ecdsa ] works with no error. >>>> >>>> But as stated in...
2013 Mar 11
3
SSL Certificate
Dear All This is my continuation of postfix setup. Following link http://campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServerfor postfix setup. At one stage it says, Configuring The Server Setup SSL Certificate Now generate an SSL certificate for postfix and dovecot to have TLS support. Replace mail.example.com with your server hostname. > genkey --days 3650 mail.example.com My doubt is , 1. I have to install a SSL certificate for for web server (apache case). I am planning to purchase a SSL certif...
2011 Jun 28
2
[LLVMdev] New Certificate Installed; llvm.org Back Up; Issues Linger
Dear All, The good news is that the new llvm.org SSL certificate is installed and appears to be configured correctly. The bad news is that some machines seem to recognize the intermediate SSL certificate (which is apparently used to sign the SSL certificates UIUC buys starting this year) while others do not. In particular, our internal Linux machines show...
2018 Mar 10
3
Extra intermediate certificate when using ssl_alt_cert
...support.it</a>> wrote: </div> <div> <br> </div> <div> <br> </div> <div> On 08/03/18 18:43, Peter Linss wrote: </div> <blockquote type="cite"> <div> I just added an ECDSA certificate to my mail server using ssl_alt_cert (the RSA certificate is specified by ssl_cert), both certificate files contain the certificate and a single intermediate (which currently happens to be the same intermediate from Let’s Encrypt). </div> </blockquote> <blockquote type=&quo...
2010 Feb 18
1
using signed certificates for TLS/SSL
Hi, I have, in one customer, a web server running on a Verisign-signed certificate SSL certificate. Everything works fine, IE and Firefox connects on https without asking anything, which usually happens on self-signed certificates. I'm trying to use that certificate on dovecot, but clients (Thunderbird basically) keeps saying the certificate is not valid. yes i'...