search for: dnfu0qg

...SA PRIVATE KEY----- > ... > -----BEGIN CERTIFICATE----- > ... > -----BEGIN CERTIFICATE----- > > ... where the first BEGIN CERTIFICATE is the specific hostname one, and > the second BEGIN CERTIFICATE is the Let's Encrypt X3 intermediate > certificate that ends with "DNFu0Qg==". > Tried that, but without success. But your usage doesn't seem right to me. The parameters are not called ssl_cert and ssl_key for nothing. ;-) Normally you don't want your private key to have any other permissions than 600. > You're also manually specifying these non-de...

Hello Folks, my StartCom SSL-Certificate expires soon and so I wanted to switch to Let's Encrypt Certificates instead. Unfortunatelly Thunderbird seems not to like it, although all -tested- other Clients work without any problems. When I connect with Thunderbird it sends an "Encrypted Alert" directly after the TLS handshake although Dovecot wants to continue the session. In the

...e contains, in this order: -----BEGIN RSA PRIVATE KEY----- ... -----BEGIN CERTIFICATE----- ... -----BEGIN CERTIFICATE----- ... where the first BEGIN CERTIFICATE is the specific hostname one, and the second BEGIN CERTIFICATE is the Let's Encrypt X3 intermediate certificate that ends with "DNFu0Qg==". You're also manually specifying these non-default parameters: ssl_cipher_list = ... ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 For testing, I would simplify. Does it work without any of those three things set? -- Robert L Mathews, Tiger Technologies, http://www....

...gt; -----BEGIN CERTIFICATE----- > > ... > > -----BEGIN CERTIFICATE----- > > > > ... where the first BEGIN CERTIFICATE is the specific hostname one, and > > the second BEGIN CERTIFICATE is the Let's Encrypt X3 intermediate > > certificate that ends with "DNFu0Qg==". > > > Tried that, but without success. But your usage doesn't seem right to > me. The parameters are not called ssl_cert and ssl_key for nothing. ;-) > Normally you don't want your private key to have any other permissions > than 600. > > > You're al...

> On 05/07/2020 19:43 Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote: > > > > > > Hello, > > > > I'm trying to configure roundcube / dovecot to work with keycloak. > > I activated xoauth2 oauthbearer in dovecot. > > But a problem

...Wh9KEik3JHRRHGJo uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/ wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6 KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== -----END CERTIFICATE----- --- Server certificate subject=/CN=webtatic.com issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 --- No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3370 bytes and written...

...eksfg== -----END CERTIFICATE----- ?1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 ?? i:O = Digital Signature Trust Co., CN = DST Root CA X3 -----BEGIN CERTIFICATE----- MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ ...... (more lines) KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== -----END CERTIFICATE----- --- Server certificate subject=CN = my.keycloak.host issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL han...

...RTIFICATE----- >>> ... >>> -----BEGIN CERTIFICATE----- >>> >>> ... where the first BEGIN CERTIFICATE is the specific hostname one, and >>> the second BEGIN CERTIFICATE is the Let's Encrypt X3 intermediate >>> certificate that ends with "DNFu0Qg==". >>> >> Tried that, but without success. But your usage doesn't seem right to >> me. The parameters are not called ssl_cert and ssl_key for nothing. ;-) >> Normally you don't want your private key to have any other permissions >> than 600. >> &...

On 8/29/19 3:03 AM, Gary Stainburn wrote: > https://us-east.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized." What do you see when you run: ??? openssl s_client -showcerts -connect us-east.repo.webtatic.com:443

...e contains, in this order: -----BEGIN RSA PRIVATE KEY----- ... -----BEGIN CERTIFICATE----- ... -----BEGIN CERTIFICATE----- ... where the first BEGIN CERTIFICATE is the specific hostname one, and the second BEGIN CERTIFICATE is the Let's Encrypt X3 intermediate certificate that ends with "DNFu0Qg==". You're also manually specifying these non-default parameters: ssl_cipher_list = ... ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 For testing, I would simplify. Does it work without any of those three things set? -- Robert L Mathews, Tiger Technologies, http://www....