search for: genkey

The RHEL 5 documentation talks about a utility called genkey, apparently part of a package called crypto-utils: https://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Deployment_Guide-en-US/s1-httpd-secure-server.html However, I can't find that package or that utility on CentOS 5 - did a few digging with yum but nothing showed up. Anybody know...

...le. script listed below: class bacula-client { # define which server to use case $datacenter { 1: { $backupserver = "coeus" } 2: { $backupserver = "ulysses" } } $directorpassword = generate("/etc/puppet/bin/genkey") $monitorpassword = generate("/etc/puppet/bin/genkey") package { "hdup_supplemental": ensure => absent, } package { "hdup": ensure => absent, require => Package["hdup_s...

Hi, Does anyone have a pointer to correct documantation for generating and installing a self signed ssl cert for use on httpd on a C-5 machine? The docs say to use genkey but AFAIK upstream rm'd crypto-utils from the distro and as such it is not available. I tried generating the cert on a C-4 machine using genkey and installing on the C-5 machine but I get the following error when I try to connect: [Thu Oct 25 12:48:03 2007] [debug] ssl_engine_kernel.c(1770): O...

...gned certificate. The csr created from a private key with [ openssl genpkey -algorithm RSA ] and signed by a CA with [ ecdhe_ecdsa ] works with no error. But as stated in the initial message it does not work if the private key for the csr is generated with [ openssl ecparam -name brainpoolP512t1 -genkey ].

Hi all , I set up https on CentOS 4.4. I did the below sets of commands, first removed existing files rm /etc/httpd/conf/ssl.key /server.key rm /etc/httpd/conf/ssl.crt/server.crt Next, I created key. Change to the /usr/share/ssl/certs/ directory and type in the following command: make genkey then issued below command, make testcert finaly /sbin/service httpd restart Then I got the below error? Starting httpd: Apache/2.0.52 mod_ssl/2.0.52 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass...

...www at example.at> An: gjn+www at example.at ################# SSL Certificate Warning ################ Certificate for hostname 'www.example.at', in file (or by nickname): /etc/pki/tls/certs/localhost.crt The certificate needs to be renewed; this can be done using the 'genkey' program. Browsers will not be able to correctly connect to this web site using SSL until the certificate is renewed. ########################################################## Generated by certwatch(1) what is the best way to correct this Problem? --...

...http://campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServerfor postfix setup. At one stage it says, Configuring The Server Setup SSL Certificate Now generate an SSL certificate for postfix and dovecot to have TLS support. Replace mail.example.com with your server hostname. > genkey --days 3650 mail.example.com My doubt is , 1. I have to install a SSL certificate for for web server (apache case). I am planning to purchase a SSL certificate and put it. The same certificate will be useful for both web server and mail server OR both web and mail server needs to separate separa...

Hi, facing [ no shared cipher ] error with EC private keys. This happens when the private key is generated with [ openssl ecparam -name brainpoolP512t1 -genkey ] with OpenSSL 1.1.0hh on the same machine Dovecot is running on. Tried some variations of [ ssl_cipher_list ] but to no avail - the [ no shared cipher ] error persists. Once the key is generated with [ openssl genpkey -algorithm RSA ] however the error is gone. Thus wondering whether (1) I am m...

...Crypt > > " > In order to generate an EC key, you must first choose a curve from the > output of this command: > > openssl ecparam -list_curves > > If you choose the curve prime256v1, generate and EC key with the command: > > openssl ecparam -name prime256v1 -genkey | openssl pkey -out > ecprivkey.pem > > Then generate a public key out of your private EC key > > openssl pkey -in ecprivkey.pem -pubout -out ecpubkey.pem > " > > -Dave I'm going on a limb and guess that there is something strange happening with ruby and openss...

> On 11 April 2019 00:49 David Salisbury via dovecot <dovecot at dovecot.org> wrote: > > > >>> > >> Yes. I gave it a try here, and it seems to work. Does it give any extra > >> information if you include -i flag? > >> > >> Aki > >> > > > > Yes, I had tried that, and it doesn't give much extra information, at

...ivate key with [ openssl genpkey -algorithm RSA >> ] and signed by a CA with [ ecdhe_ecdsa ] works with no error. >> >> But as stated in the initial message it does not work if the private key >> for the csr is generated with [ openssl ecparam -name brainpoolP512t1 >> -genkey ]. >> >> > Can you try, with your ECC cert, > > openssl s_client -connect server:143 -starttls imap > > and paste result? > This is for the certificate where the csr is generated with an EC private key and the [ no shared cipher ] error: CONNECTED(00000003) write:err...

https://bugzilla.mindrot.org/show_bug.cgi?id=2006 Bug #: 2006 Summary: AIX 5.2 /32 bit - a windows Putty session will not connect to AIX box Classification: Unclassified Product: Portable OpenSSH Version: 6.0p1 Platform: All OS/Version: All Status: NEW Severity: normal

...4) dovecot 2.0.15-0~auto+21 ((f6a2c0e8bc03) from http://xi.rename-it.nl/debian openssl 1.0.0e-2 from testing (as the default 0.9.8o-4squeeze3 needs also the parameter -cipher ECCdraft for testing) creating keys+cert for ecc (i.e. curves prime192v1, secp521r1) # openssl ecparam -name prime192v1 -genkey -out prime192v1.key # openssl req -new -key prime192v1.key -out prime192v1.csr # openssl req -x509 -in prime192v1.csr -key prime192v1.key -out prime192v1.crt testing these in 2 windows # openssl s_server -cert prime192v1.crt -key prime192v1.key -www # openssl s_client note: when using the defaul...

...sr created from a private key with [ openssl genpkey -algorithm RSA > ] and signed by a CA with [ ecdhe_ecdsa ] works with no error. > > But as stated in the initial message it does not work if the private key > for the csr is generated with [ openssl ecparam -name brainpoolP512t1 > -genkey ]. > > Hi! Can you show doveconf ssl_cipher_list? Aki

...r created from a private key with [ openssl genpkey -algorithm RSA > ] and signed by a CA with [ ecdhe_ecdsa ] works with no error. > > But as stated in the initial message it does not work if the private key > for the csr is generated with [ openssl ecparam -name brainpoolP512t1 > -genkey ]. > > Can you try, with your ECC cert, openssl s_client -connect server:143 -starttls imap and paste result? Aki

...i: https://wiki.dovecot.org/Plugins/MailCrypt " In order to generate an EC key, you must first choose a curve from the output of this command: > openssl ecparam -list_curves If you choose the curve prime256v1, generate and EC key with the command: > openssl ecparam -name prime256v1 -genkey | openssl pkey -out ecprivkey.pem Then generate a public key out of your private EC key > openssl pkey -in ecprivkey.pem -pubout -out ecpubkey.pem " -Dave

...thm RSA >>>> ] and signed by a CA with [ ecdhe_ecdsa ] works with no error. >>>> >>>> But as stated in the initial message it does not work if the private key >>>> for the csr is generated with [ openssl ecparam -name brainpoolP512t1 >>>> -genkey ]. >>>> >>>> >>> Can you try, with your ECC cert, >>> >>> openssl s_client -connect server:143 -starttls imap >>> >>> and paste result? >>> >> This is for the certificate where the csr is generated with an EC >&g...

...genpkey -algorithm RSA > >> ] and signed by a CA with [ ecdhe_ecdsa ] works with no error. > >> > >> But as stated in the initial message it does not work if the private key > >> for the csr is generated with [ openssl ecparam -name brainpoolP512t1 > >> -genkey ]. > >> > >> > > Can you try, with your ECC cert, > > > > openssl s_client -connect server:143 -starttls imap > > > > and paste result? > > > > This is for the certificate where the csr is generated with an EC > private key and the [ n...

...1d0 log c7t0d0 cache c6t0d0 # zpool set keysource=raw,file:///root/tank.key tank Invalid keysource change. # zpool key -l tank Key Load Error: Invalid keysource property value. However if a keysource was set at pool creation ''zpool set'' can perform the valid changes. # pktool genkey keystore=file keytype=aes keylen=256 outkey=tank.key # zpool create -o keysource=raw,file:///root/tank.key -f tank mirror c0t0d0 c0t1d0 log c7t0d0 cache c6t0d0 # zpool get keysource tank NAME PROPERTY VALUE SOURCE tank keysource raw,file:///root/tank.key default # zpool...

With new kernel, appeared some problems with build proccess here. After many minutes waiting for rpmbuild were over, a gpg problem appears!!: ... scripts/modsign/mod-extract.c:311: warning: format '%lx' expects type 'long unsigned int', but argument 3 has type 'Elf64_Xword' + KEYFLAGS='--no-default-keyring --homedir ..' + KEYFLAGS='--no-default-keyring