search for: nscerttyp

Displaying 11 results from an estimated 11 matches for "nscerttyp".

Did you mean: nscerttype
2016 Apr 19
2
VPN suggestions centos 6, 7
...;### start ### >[ ca ] >default_ca = CA_default > >[ CA_default ] >x509_extensions = server_cert > >[ server_cert ] >basicConstraints=CA:FALSE >keyUsage = nonRepudiation, dataEncipherment, digitalSignature, keyEncipherment >extendedKeyUsage = serverAuth, clientAuth >nsCertType = server, client >### end ### > >I think the nsCertType directive may be unnecessary these days, but >I keep it around because it doesn't hurt anything. > >The important bit is the extendedKeyUsage line; I'm pretty sure that >an OpenVPN server needs the serverAuth ex...
2016 Apr 18
2
VPN suggestions centos 6, 7
> > >Folks > >I would like to have my windows 7 laptop communicate with my home >server via a VPN, in such a way that it appears to be "inside" my >home network. It should not only let me appear to be at home for >any external query, but also let me access my computers inside my home. > >I already have this working using M$'s PPTP using my home
2016 Apr 18
0
VPN suggestions centos 6, 7
...ts of bits ellided for clarity's sake: ### start ### [ ca ] default_ca = CA_default [ CA_default ] x509_extensions = server_cert [ server_cert ] basicConstraints=CA:FALSE keyUsage = nonRepudiation, dataEncipherment, digitalSignature, keyEncipherment extendedKeyUsage = serverAuth, clientAuth nsCertType = server, client ### end ### I think the nsCertType directive may be unnecessary these days, but I keep it around because it doesn't hurt anything. The important bit is the extendedKeyUsage line; I'm pretty sure that an OpenVPN server needs the serverAuth extension. For instance, here...
2016 Apr 19
0
VPN suggestions centos 6, 7
...gt;> >> [ CA_default ] >> x509_extensions = server_cert >> >> [ server_cert ] >> basicConstraints=CA:FALSE >> keyUsage = nonRepudiation, dataEncipherment, digitalSignature, >> keyEncipherment >> extendedKeyUsage = serverAuth, clientAuth >> nsCertType = server, client >> ### end ### >> >> I think the nsCertType directive may be unnecessary these days, but I keep >> it around because it doesn't hurt anything. >> >> The important bit is the extendedKeyUsage line; I'm pretty sure that an >> Ope...
2006 Jul 07
2
Authentication by certificats (a bug or my misconfiguration)
...e authentication. If my memory serves right, beta8 had no problems with it (although it was some time ago and on different machine). Similar setup works perfectly well for postfix (for authentication that is, on the same machine). Originally I thought I overdid some certificate settings (keyUsage, nsCertType, etc.), so for the sake of testing I've simplified the setup to bare minimum - 1 simple selfsigned root certificate, another 1 for dovecot, and the last one for the user. Unfortunately, the results were the same. Configuration: OpenBSD 3.9 (stable branch), i386, no nfs or afs (only local ffs...
2006 Oct 26
2
Re: openssl server/client classes
...ur file distribution tree. If you''re doing a lot of them, then you''d want some way to automatically create them, which isn''t the easiest to do in Puppet right now. > And it should provide some options in specifying fancy things like subject > alternative name and NScertType et all. Puppet''s CA does not support this, but I wouldn''t think it''d be that difficult to do. > I was thinking about using QuickCert for this because it''s in ruby and seems > like a good way to generate those things. I used QuickCert to show me how to...
2010 Jul 06
2
Jul 06 00:06:15 dict: Error: dict client: Broken handshake
...ovecot-openssl.cnf | grep -v "^$" [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] C=CA ST=Ontario L=Toronto O=Blastwave OU=IMAP server CN=titan.blastwave.org emailAddress=postmaster at blastwave.org [ cert_type ] nsCertType = server # /opt/csw/bin/openssl req -new -x509 -nodes -config ./dovecot-openssl.cnf -out /etc/opt/csw/dovecot/certs/dovecot.pem -keyout /etc/opt/csw/dovecot/private/dovecot.pem -days 365 Generating a 1024 bit RSA private key ...........................++++++ ....................++++++ writing new...
2006 Aug 02
1
Openvpn problem not able to access the other machines on remote subnet
...tial packet from xx.xx.xx.xx:1194, ---->> public ip address on pix firewall sid=7c6f6585 62ec6b5f Tue Aug 1 23:11:21 2006 VERIFY OK: depth=1, /C=IN/ST=DE/L=ND/O=OpenVPN-TEST/OU=VPN_Server/CN= server1.test.net/emailAddress=postmater at localhost.localdomain Tue Aug 1 23:11:21 2006 VERIFY OK: nsCertType=SERVER Tue Aug 1 23:11:21 2006 VERIFY OK: depth=0, /C=IN/ST=DE/O=OpenVPN-TEST/OU=VPN_Server/CN=server1.test.net/emailAddress=postmater at localhost.localdomain Tue Aug 1 23:11:23 2006 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Aug 1 23:11:23 2006 Data Channel...
2005 Aug 08
4
Bug#322036: logcheck: [manual] typo in SYNOPSIS (TIOS => OPTIONS)
Package: logcheck Version: 1.2.35 Severity: minor Manual page reads: SYNOPSIS logcheck [TIONS] Perhaps it was intended to read: SYNOPSIS logcheck [OPTIONS] -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked
2005 Jun 14
3
Bug#313601: logcheck-database: ignore mount version messages
Package: logcheck-database Version: 1.2.39 Severity: wishlist These are the subject of an am-utils FAQ <URL:http://www.am-utils.org/docs/am-utils/FAQ.txt> and would be useful in the ignored list. Note that it's either `newer' or `older'. Jun 14 14:32:25 albion kernel: nfs warning: mount version newer than kernel Jun 14 14:37:54 dlsy kernel: nfs warning: mount version older
2005 Jul 11
3
Bug#317741: logcheck-database: fails to ignore properly some lines from 'rbldnsd'
Package: logcheck-database Version: 1.2.40 Severity: normal Tags: patch There are one line that is not properly ignored. I include in the report a better version. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (400, 'testing'), (300, 'unstable'), (200, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale: