search for: newreq

Hi, sorry for the stupid question, but however i am following all howtos and tutorials it is not working 1) i have created CA certificate - /etc/pki/tls/misc/CA -newca 2) i have generated a new request - /etc/pki/tls/misc/CA -newreq 3) i have signed certificate /etc/pki/tls/misc/CA -signreq SO i have CA in /etc/pki/CA i have newkey.pem i have newcert.pem i have also cealrkey.pem (without passphrase) *$ openssl rsa < newkey.pem > clearkey.pem* What to do next?? What to put in slapd.conf in order to make it work?? What...

...dholland Locality Name (eg, city) []:Amsterdam Organization Name (eg, company) [Internet Widgits Pty Ltd]:AHM Organizational Unit Name (eg, section) []:Suckers from Hell Common Name (eg, YOUR name) []:smb.ahm.nl Email Address []:wastebin@office.desk % openssl req -newkey rsa:1024 -nodes -keyout newreq.pem -out newreq.pem A challenge password []: <pass> An optional company name []:. % etc.... The result is newreq.pem. Have the CA sign the CSR: % ./misc/CA.sh -sign Using configuration from /etc/ssl/openssl.cnf Enter PEM pass phrase: <ca pass> Certificate is to be certified...

...cording to experience, probably 15/16 chars. Maybe I was wrong about this point. However, when I first set a very long password, it couldn't work.) (2) Common name must be used as fully qualified domain name. For example: mis3.fgs.org.tw mis3# openssl req -new -nodes -keyout newreq.pem -out newreq.pem mis3# ../misc/CA.sh -sign mis3# cp demoCA/cacert.pem . mis3# mv newcert.pem servercrt.pem mis3# mv newreq.pem privatekey.pem mis3# chmod 600 privatekey.pem Reference: http://www.openldap.org/faq/data/cache/185.html (b) Config...

...Most documentation, when not outdated, seems targeted at much more complex scenarions. Is this sequence of actions and commands correct and complete for my case, or not: 1) cd /usr/share/ssl 2) modify openssl.cnf to have your Common Name and other parameters 3) run: ./CA -newca ./CA -newreq-nodes 4) move the private key from the .pem file to a separate file 5) put the cert and key file in a location where Postfix, 6) Dovecot and Apache can all use them 7) configure each of those servers to use the certificate What have I missed? Thank you in advance for any feedback (I'll have a...

...A certificate and ke y data May 25 13:27:51 test1 postfix/smtpd[4095]: connect from test1.sun.net[192.168.1.125] May 25 13:27:51 test1 postfix/smtpd[4095]: disconnect from test1.sun.net[192.168.1.125] May 25 13:29:37 test1 postfix/smtpd[4257]: warning: cannot get private key fr om file /etc/postfix/newreq.pem May 25 13:29:37 test1 postfix/smtpd[4257]: warning: TLS library problem: 4257 :error:0906406D:PEM routines:DEF_CALLBACK:problems getting password:pem_lib.c:10 5: May 25 13:29:37 test1 postfix/smtpd[4257]: warning: TLS library problem: 4257 :error:0906A068:PEM routines:PEM_do_header:bad password...

...I thought at first it was kashmir that was the problem, but I am able to initiate a sync from kashmir to my Mac: kashmir:~> rsync -avz -e ssh myca archer:/Users/mikec/tmp mikec@archer's password: building file list ... done myca/ myca/CA.pl myca/demoCA/ [...] myca/mail.aviate.org.pem myca/newreq.pem wrote 7454 bytes read 148 bytes 50.51 bytes/sec total size is 11967 speedup is 1.57 kashmir:~> Archer -> Kashmir also works fine: [archer:~/Pictures] mikec% rsync -avz -e ssh ~/Pictures kashmir:/export/home/mikec/temp/tmp rsync: open connection using ssh kashmir rsync --server -vlogD...

HI, I know this is OT and I apologize in advance, but with the wealth of knowledge on this list I hope that some kind soul will help (off list is fine). I run CentOS 5.6 with the usual LAMP stack. One of the virtual sites on this server failed a PCI Compliance (credit card security stuff) because, of all things, a URL with a non-existent request after the .php doesn't return a 404 and

...9;t be verified. I'm assuming that that's because I am using a self-signed certificate. Now, I'm also using postfix, and it allows for me creating my own CA certificate, and using it to sign my own certificates. The /etc/postfix/main.cf entries are: smtpd_tls_key_file = /etc/postfix/newreq.pem smtpd_tls_cert_file = /etc/postfix/newcert.pem smtpd_tls_CAfile = /etc/postfix/cacert.pem but while I see the following two lines in /etc/dovecot.conf: ssl_cert_file = /usr/share/ssl/certs/dovecot.pem ssl_key_file = /usr/share/ssl/private/dovecot.pem I don't see how to specify my CA cert...

So I just upgraded from Dovecot 0.99 to the latest 1.0 RC2 because I was having all sorts of Authentication problems and crashes in 0.99. The upgrade did not solve the problem apparently. Dovecot still crashes periodically and always needs to be manually rebooted. The log file errors at the time of the crash: dovecot: Jul 12 14:30:59 Error: imap-login: Can't connect to auth server at