search for: keystores

...The obvious way to deal with that array, is to use a require, or to have the definition directly call the key function. gpg::addkey{ $keys: store => $keystore, #as passed in as $name } But, this requires that the resources be named with the keyid. Which fails when I have multiple keystores -- they can''t both define gpg::addkey["XXXXX"]. It''s hard to see a nice solution to this. If puppet supported for loops, I could do something. Or if I could pass some kind of multidimensional bit in the $name array expansion. I can get some of it, by inverting the log...

...at work. I was really, really hoping I could use the GCJ-compiled version of Tomcat supplied in the base repository. I can't get Tomcat to read a Java keystore created with the keytool utility provided (in java-1.4.2-gcj-compat-1.4.2.0-40jpp.110). The Sun and GNU keytools produce different keystores. I'll use the Tomcat nomenclature to describe the differences. Obviously, I'm looking for the correct "algorithm" (i.e., certificate signing algorithm) setting: Toolset keystoreType algorithm ------- ------------ --------- Sun JKS SunX509 GNU...

Hi, I'm currently migrating a client's workstation from OpenSUSE Leap 15.0 to my personal blend of CentOS 7 and KDE. The client has some extra software installed on his machine, and one of these applications is causing me some troubles: Citrix Receiver. Here's my old blog article on installing Citrix Receiver on OpenSUSE : *

Hi folks [ Please add me CC. Thanks ] We have here a Jboss app and web server. We signed the SSL-certificate that end-user don't have ugly error messages. I don't understand why we need to import the Root-Cert in PEM format? $ keytool -import -trustcacerts -file rootcert.pem -keystore myserver.keystore -alias root The Root-Cert is in web browser, why there is a must to import in

We have developed and tested an optimization pass using LLVM, and have been able to build other software such as gzip while running our pass by passing "clang" and "-Xclang -load -Xclang <path to .so>" as configure options. Now we would like to try and build android while running our pass only on certain files. It seems that android has its own version of LLVM built into

This would have been a bit easier to review if the keystore changes had been broken out from the tools changes. On Wed, Sep 19, 2018 at 12:37:01PM +0200, Pino Toscano wrote: > @@ -599,13 +621,21 @@ let is_btrfs_subvolume g fs = > if g#last_errno () = Guestfs.Errno.errno_EINVAL then false > else raise exn > > -let inspect_decrypt g = > +let inspect_decrypt g ks = >

Hi all, I launched a Puppet service a few month ago and it did function pretty well for some time. Last week, I tried to clean old entries but I think I deleted too much information as I can no more synchronize my clients. I get a certificate error : *[root@REBITPUPPET01 ~]# puppet agent --test Warning: Unable to fetch my node definition, but the agent run will continue: Warning: SSL_connect

Hi all, I''m setting up puppetdb to for storing facts et cetera. I installed puppetdb-1.3.0-1.el6.noarch.rpm on my puppetdb.local host (which is puppetized). This seems to work, service starts :). When I edit the settings on my puppetmaster (puppet.local), something goes wrong. I am following the guide [1]. I put the settings (storeconfigs = true, storeconfigs_backend=puppetdb) on my

https://bugzilla.mindrot.org/show_bug.cgi?id=2090 Bug ID: 2090 Summary: SSH/SSHD hang with a Match User setting in sshd_config . Classification: Unclassified Product: Portable OpenSSH Version: 6.1p1 Hardware: Other OS: AIX Status: NEW Severity: critical Priority: P5

Puppet 3.3.1 // CentOS release 6.4 (Final) rpm -qa | grep puppet puppetlabs-release-6-7.noarch puppet-3.1.1-1.el6.noarch puppetdb-1.3.0-1.el6.noarch puppet-server-3.1.1-1.el6.noarch puppetdb-terminus-1.3.0-1.el6.noarch Installed from yum packages: Running Transaction Installing : puppetdb-1.3.0-1.el6.noarch

Hi guys, I know this is a bit off topic, but I'm trying to install a Zimbra password extension so that users who aren't joined to my Samba4 domain have a method to reset their passwords via the Zimbra Webmail and part of the setup requires the exporting of the domain controller DER. These are the instructions... As root, create the /opt/zimbra/lib/ext/adpassword directory As root, copy

This allows multiple --key parameters on the command line to match a single device. For example: tool --key /dev/sda1:key:trykey1 --key /dev/sda1:key:trykey2 would try "trykey1" and "trykey2" against /dev/sda1. --- options/decrypt.c | 41 ++++++++++++++++++++++++++++++++--------- options/keys.c | 45 +++++++++++++++++++++++++++++++++++---------- options/options.h | 6

I have the following as part of a module: -------------------------------------------------------------------------------- # Ensure "lsb-release" installed package {"lsb-release": ensure => installed, } # Use our sources.list file { "/etc/apt/sources.list": owner => root, group => root, mode =>

This allows multiple --key parameters on the command line to match a single device. This could either be specified as: tool --key /dev/sda1:key:trykey1 --key /dev/sda1:key:trykey2 which would try "trykey1" and "trykey2" against /dev/sda1. And/or you can specify default keys which are tried against each device (after more specific keys fail), eg: tool --key

I have looked at let's encrypt. Key issue for me is having to add a lot python stuff that would otherwise not be on any server. Again, All CA's like "Let's Encrypt" - and others that are accepted by the "majors", e.g., Windows, Mozilla make it much easier for the "random" user to use anything you protect with SSL (better TLS) without them having to

Hi folks, I''m about to propose to my current company that we use puppet to manage releases of home grown software. The environment is a mix of Solaris 8/9/10 and RHEL 5&6. I''ve got a handle on how to create recipes to release software into the RHEL environment. The unknown for me is how to manipulate the pkgadd provider to load the locally grown package stream. Can

I am installing puppet enterprise manager (master) on a RHEL box. Though the install itself succeeds without any issues, the first run of puppet when it tries to deploy the pe_mcollective module fails with the following error. Message: change from notrun to 0 failed: sh -c ''umask 077; keytool - importkeystore -deststorepass puppet -destkeypass puppet -destkeystore broker.ks -srckeystore

Hi - I read up on this subject quite a bit, and was able to find a few posts on the mailing list, even found a wiki article. Unfortunately it doesn''t quite address what I''m looking to do. From what I understand, Puppet''s client/server authentication system - using SSL - is portable. I believe that I should be able to use the same SSL certificates and keys (and even

The first patch fixes a rather serious bug, the second patch allows multiple --key parameters and default parameters. There is a third patch to libguestfs which adds a test, coming up. I did not yet review and fix the documentation. I think we need to centralize it in one place because at the moment the same documentation for --key is copy/pasted all over the tools. Rich.

On Thursday, 20 September 2018 12:15:12 CEST Richard W.M. Jones wrote: > This would have been a bit easier to review if the keystore > changes had been broken out from the tools changes. I actually thought (even too much) about various ways of splitting it; since I wanted to not become a new Buridan's ass [1], then I lumped it all in a single patch. Splitting is not an issue, so if you