search for: notaft

...09 -in /usr/local/samba/private/tls/cert.pem -noout -enddate I did the first command and I got this: openssl s_client -connect devsamba.lucas.ufes.br:636 socket: Connection refused connect:errno=111 Then I copy-paste the certificate and got this: openssl x509 -in mycert.pem -noout -enddate notAfter=Sep 26 16:56:46 2018 GMT Then the third command: openssl x509 -in /usr/local/samba/private/tls/cert.pem -noout -enddate notAfter=Sep 26 16:56:46 2018 GMT Seriously, I can't understand why I can't access it! It was perfect before, and now this... Lucas

...l engine" #ssl_crypto_device = # SSL extra options. Currently supported options are: # no_compression - Disable compression. # no_ticket - Disable SSL session tickets. #ssl_options = =========================== # openssl x509 -dates -in mydomain.com.crt notBefore=Nov 11 16:31:35 2020 GMT notAfter=Nov 11 16:31:35 2022 GMT -----BEGIN CERTIFICATE----- : =========================== # openssl pkey -in mydomain.com.key -----BEGIN PRIVATE KEY----- : Thanks for taking a look. Any ideas on what I should do next to debug? Mike -------------- next part -------------- A...

...tions are: > > # no_compression - Disable compression. > > # no_ticket - Disable SSL session tickets. > > #ssl_options = > > > > =========================== > > # openssl x509 -dates -in mydomain.com.crt > > notBefore=Nov 11 16:31:35 2020 GMT > > notAfter=Nov 11 16:31:35 2022 GMT > > -----BEGIN CERTIFICATE----- > > : > > =========================== > > # openssl pkey -in mydomain.com.key > > -----BEGIN PRIVATE KEY----- > > : > > > > Thanks for taking a look. Any ideas on...

..._client -CAfile /usr/lib/ssl/glusterfs.ca -connect c01.gluster:24007 CONNECTED(00000003) depth=0 CN = c01.gluster verify return:1 --- Certificate chain 0 s:CN = c01.gluster i:CN = c01.gluster a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jan 26 08:27:12 2024 GMT; NotAfter: Feb 25 08:27:12 2024 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIDDTCCAfWgAwIBAgIULCwcIV9jWFzeZoeO1Xs5TJ9J5rkwDQYJKoZIhvcNAQEL BQAwFjEUMBIGA1UEAwwLYzAxLmdsdXN0ZXIwHhcNMjQwMTI2MDgyNzEyWhcNMjQw MjI1MDgyNzEyWjAWMRQwEgYDVQQDDAtjMDEuZ2x1c3RlcjCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEB...

Thanks Gabben and Andrew. I've understood but a new question emerged: Each DC server on my domain has a different pair cert/key and a different CA cert after deployment, correct? If so, is it a best practice to generate new cert for each DC server and sign them with a unique CA? OBS: Every DC servers belongs to the same domain. -- Igor Sousa Em dom., 14 de jun. de 2020 ?s 16:46, Andrew

...s_client -CAfile /usr/lib/ssl/glusterfs.ca -connect c01.gluster:24007 CONNECTED(00000003) depth=0 CN = c01.gluster verify return:1 --- Certificate chain 0 s:CN = c01.gluster i:CN = c01.gluster a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jan 26 08:27:12 2024 GMT; NotAfter: Feb 25 08:27:12 2024 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIDDTCCAfWgAwIBAgIULCwcIV9jWFzeZoeO1Xs5TJ9J5rkwDQYJKoZIhvcNAQEL BQAwFjEUMBIGA1UEAwwLYzAxLmdsdXN0ZXIwHhcNMjQwMTI2MDgyNzEyWhcNMjQw MjI1MDgyNzEyWjAWMRQwEgYDVQQDDAtjMDEuZ2x1c3RlcjCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCA...

Hi, I''ve recently been trying to setup Mongrel behind Pound so that I can do mutual SSL authentication. I''ve had a few problems with Pound (documented at [1]), but now have it working correctly. However, I think there is a problem with Mongrel and how it deals with the headers Pound adds to the HTTP header block. One of the extra headers Pound adds is