search for: certificate_fil

...identitiesonly", oIdentitiesOnly }, + { "certificatefile", oCertificateFile }, { "hostname", oHostName }, { "hostkeyalias", oHostKeyAlias }, { "proxycommand", oProxyCommand }, @@ -366,6 +368,37 @@ clear_forwardings(Options *options) } void +add_certificate_file(Options *options, const char *dir, const char *filename, + int userprovided) +{ + char *path; + int i; + + if (options->num_certificate_files >= SSH_MAX_CERTIFICATE_FILES) + fatal("Too many certificate files specified (max %d)", + SSH_MAX_CERTIFICATE_FILES); + + if (dir ==...

...us/3.0/certs/service.radius.* chown freerad:freerad /etc/freeradius/3.0/certs/service.radius.* ``` - configure eap module to use peap per default ``` # /etc/freeradius/3.0/mods-available/eap default_eap_type = peap #private_key_password = whatever private_key_file = ${certdir}/service.radius.key certificate_file = ${certdir}/service.radius.crt tls_min_version = "1.2" cache: enable = yes cache: name = ?<somename>.radius" cache: persist_dir = "${logdir}/tlscache" peap: copy_request_to_tunnel = yes ``` ### 4.5 Configure Clients - add client for UniFi ``` # /etc/freeradius...

I've been experimenting with dovecot-1.0-stable on Solaris. Storage format is mbox. Dovecot, in test, runs in parallel with an UW IMAP, with dovecot running SSL-only on port 994. It seems to work to some extent: * dovecot runs * authentication works * SSL works * all manual IMAP functionality checks seem to work fine However, I'm running into issues with IMAP clients. * Null

.../etc/freeradius/3.0/certs/service.radius.* > ``` > > - configure eap module to use peap per default > > ``` > # /etc/freeradius/3.0/mods-available/eap > default_eap_type = peap > > #private_key_password = whatever > private_key_file = ${certdir}/service.radius.key > certificate_file = ${certdir}/service.radius.crt > > tls_min_version = "1.2" > > cache: enable = yes > cache: name = ?<somename>.radius" > cache: persist_dir = "${logdir}/tlscache" > > peap: copy_request_to_tunnel = yes > ``` > > ### 4.5 Configure Cli...

...; - configure eap module to use peap per default >> >> ``` >> # /etc/freeradius/3.0/mods-available/eap >> default_eap_type = peap >> >> #private_key_password = whatever >> private_key_file = ${certdir}/service.radius.key >> certificate_file = ${certdir}/service.radius.crt >> >> tls_min_version = "1.2" >> >> cache: enable = yes >> cache: name = ?<somename>.radius" >> cache: persist_dir = "${logdir}/tlscache" >> >> peap: copy_request_to_t...

...` > > > > - configure eap module to use peap per default > > > > ``` > > # /etc/freeradius/3.0/mods-available/eap > > default_eap_type = peap > > > > #private_key_password = whatever > > private_key_file = ${certdir}/service.radius.key > > certificate_file = ${certdir}/service.radius.crt > > > > tls_min_version = "1.2" > > > > cache: enable = yes > > cache: name = ?<somename>.radius" > > cache: persist_dir = "${logdir}/tlscache" > > > > peap: copy_request_to_tunnel = yes...

> I guess we have to look at the conf files then, first these two: Thank you for the config file snippets. I can confirm mine were almost identical, so I've tweaked them so that they are now exactly the same as yours except for the "--require-membership-of=example\authorization_groupname" line in ntlm_auth. Unfortunately it's still erroring out: (7) mschap: Creating

Hello Tim, Hello samba-people, is there an uptodate guide for authenticating via freeradius somewhere? I have some Ubiquiti APs plus a Cloud Key and I want to authenticate WLAN clients via WPA2-Enterprise instead of a (shared) PSK. It seems like https://wiki.samba.org/index.php/Authenticating_Freeradius_against_Active_Directory is missing some steps (basic setup of freeradius). Can you

....local > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > Public-Key: (2048 bit) > > Now, how do I point Samba and/or Dovecot and/or kerberos and/or mutt to this cert? (dovecot.crt) > > I tried in /etc/Muttrc: > > set certificate_file=/etc/ssl/certs/OHPRS/easyrsa/issued/dovecot.crt > > mutt seemed to ignored that as the usual GoDaddy cert was used (and failed). > > I tried in 10-ssl.conf: > > ssl_key = </etc/ssl/certs/OHPRS/easyrsa/private/MAIL.key > ssl_cert = </etc/ssl/certs/OHPRS/easyrsa/issued/dov...

...confused. I have these settings: # imap styleee set folder=imap://yeled at lazy.spodder.com/ set mbox=imap://yeled at lazy.spodder.com/mbox set record=imap://yeled at lazy.spodder.com/sent set postponed=imap://yeled at lazy.spodder.com/postponed set spoolfile=imap://yeled at lazy.spodder.com/ set certificate_file=~/.mutt/certificates set mail_check=10 set timeout=10 set imap_home_namespace="" set imap_pass="foo" I have included the tcpflow files to show what the clients are doing.. Is it normal to search for folders starting with "." ? Why won't it just pick up my normal...

...at school, and I have not experienced this problem. A bug with dovecot or mutt? -------------- next part -------------- # $Id: .muttrc 410 2004-02-14 15:30:13Z hendry $ set alias_file=~/Mail/mutt.addressbook # File to search for aliases in source ~/Mail/mutt.addressbook set ssl_starttls=yes set certificate_file=~/Mail/certificates set imap_force_ssl=yes set spoolfile={hendry at mail.cs.helsinki.fi/ssl}INBOX set folder={hendry at mail.cs.helsinki.fi/ssl} #set spoolfile={hendry at dabase.com/ssl} #set folder={hendry at dabase.com/ssl} account-hook imaps://hendry at mail.cs.helsinki.fi 'set folder={h...

...:54:26 2026 GMT Subject: CN=mail.hprs.local Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Now, how do I point Samba and/or Dovecot and/or kerberos and/or mutt to this cert? (dovecot.crt) I tried in /etc/Muttrc: set certificate_file=/etc/ssl/certs/OHPRS/easyrsa/issued/dovecot.crt mutt seemed to ignored that as the usual GoDaddy cert was used (and failed). I tried in 10-ssl.conf: ssl_key = </etc/ssl/certs/OHPRS/easyrsa/private/MAIL.key ssl_cert = </etc/ssl/certs/OHPRS/easyrsa/issued/dovecot.crt mutt gave the message,...

....local > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > Public-Key: (2048 bit) > > Now, how do I point Samba and/or Dovecot and/or kerberos and/or mutt to this cert? (dovecot.crt) > > I tried in /etc/Muttrc: > > set certificate_file=/etc/ssl/certs/OHPRS/easyrsa/issued/dovecot.crt > > mutt seemed to ignored that as the usual GoDaddy cert was used (and failed). > > I tried in 10-ssl.conf: > > ssl_key = </etc/ssl/certs/OHPRS/easyrsa/private/MAIL.key > ssl_cert = </etc/ssl/certs/OHPRS/easyrsa/issued/dov...

OK, let me go through exactly what you did: you: > Here's the test (I must run mutt not telnet like i mentioned earlier to > get the imap tickets). > > root at server:~# kinit achim > Password for achim at DOMAIN.LOCAL: > [I enter my password] As root on AD/DC mail.hprs.local: me: $ kinit mark Password for mark at HPRS.LOCAL: [I enter my password] you: >