search for: oscp

...) So as a script it would be something like: if call != 25th ; then go elsewhere ; fi (make sense?) Where every 25th call or so would go through, the others would go wherever, not important. -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E

That is one of the reasons I do not bother since long with public CAs but rather deploy my own, including own OSCP responder. Which has of course has some drawbacks like redundancy, resilience, bandwidth provision, geographical spread, implementing CA security standards and CA trust in clients. Latter though could be easily overcome if browser and email clients were to support DNSSEC/DANE validation. It may n...

...ns I can't just revoke their certificates by removing the DNS certificate, I'll need to provide an OCSP server for when one of their private keys gets compromised. I found https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.1/html/Deploy_and_Install_Guide/install-oscp.html but it looks like that is intended for enterprise, more complex than I need. Anyone know of a good simple script for providing OCSP ?? -=- Not relevant to question but just important for me to note, I will *not* be asking people to install my root certificate in their e-mail clients. I t...

...cates by removing the DNS certificate, I'll >> need to provide an OCSP server for when one of their private keys gets >> compromised. >> >> I found >> https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.1/html/Deploy_and_Install_Guide/install-oscp.html >> >> but it looks like that is intended for enterprise, more complex than I >> need. >> >> Anyone know of a good simple script for providing OCSP ?? >> >> -=- >> >> Not relevant to question but just important for me to note, I will *not*...

..."}' Will get a quickie soon from my Acme's, nCites, etc. when I have time. For those NOT familiar with it, please Google it as I don't feel like typing anymore ;) (sorry) -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett 42B0 5A53 6505 6638 44BB 3943 2BF7 D83F 210A 95AF http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF

...no ACL's, no fw rules, nada. The only differentiator between these phones are the high MS times are Cisco phones. Any thoughts? Possible firmware corruption? I'm at a loss to figure this one out. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP "Enough research will tend to support your conclusions." - Arthur Bloch "A conclusion is the place where you got tired of thinking" - Arthur Bloch 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E

...'ll >>>> need to provide an OCSP server for when one of their private keys gets >>>> compromised. >>>> >>>> I found >>>> https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.1/html/Deploy_and_Install_Guide/install-oscp.html >>>> >>>> >>>> but it looks like that is intended for enterprise, more complex than I >>>> need. >>>> >>>> Anyone know of a good simple script for providing OCSP ?? >>>> >>>> -=- >>>> &...

...revoke their certificates by removing the DNS certificate, I'll > need to provide an OCSP server for when one of their private keys gets > compromised. > > I found > https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.1/html/Deploy_and_Install_Guide/install-oscp.html > but it looks like that is intended for enterprise, more complex than I > need. > > Anyone know of a good simple script for providing OCSP ?? > > -=- > > Not relevant to question but just important for me to note, I will *not* > be asking people to install my root c...

...e DNS certificate, I'll >>> need to provide an OCSP server for when one of their private keys gets >>> compromised. >>> >>> I found >>> https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.1/html/Deploy_and_Install_Guide/install-oscp.html >>> >>> but it looks like that is intended for enterprise, more complex than I >>> need. >>> >>> Anyone know of a good simple script for providing OCSP ?? >>> >>> -=- >>> >>> Not relevant to question but just impo...

...rity.provider.certpath.OCSP.check(Ljava/security/cert/X509Certif Has anyone succesfully implemented this on CentOS 6.x ? Tomcat is running fine behind Apache. All software up to date. Tried many things already, also install Oxalis from source but that fails with different problems. I found that OSCP checking is default disabled in Java (true ?) and tried to enable it with by adding the commandline switches: java -Dcom.sun.security.enableCRLDP=true \ -Dcom.sun.net.ssl.checkRevocation=true but no luck I filed a bug report on github, details about the exact error: https://github.com/difi/oxali...

On 2018-07-30 19:45, ????? wrote: > That is one of the reasons I do not bother since long with public CAs > but rather deploy my own, including own OSCP responder. May I ask, how you create a CA which is valid for clients without them having to install your root cert? Cheers, K. C. -- regards Helmut K. C. Tessarek KeyID 0x172380A011EF4944 Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944 /* Thou shalt not fol...

...ot;|awk -F : '($11 > 10800) {print "/usr/sbin/asterisk -rx \"soft hangup " $1 "\""}'|sh You don't necessarily have to keep restarting it at midnight. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP "Enough research will tend to support your conclusions." - Arthur Bloch "A conclusion is the place where you got tired of thinking" - Arthur Bloch 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E

...ot;|awk -F : '($11 > 10800) {print "/usr/sbin/asterisk -rx \"soft hangup " $1 "\""}'|sh You don't necessarily have to keep restarting it at midnight. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP "Enough research will tend to support your conclusions." - Arthur Bloch "A conclusion is the place where you got tired of thinking" - Arthur Bloch 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E ___________...

...ve. If you care to dabble with MySQL you can create quite an impressive hosts based IPS that is custom tailored to your infrastructure. Anyhow, was bored (ADHD) and wanted to ramble on for a little while. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP "Enough research will tend to support your conclusions." - Arthur Bloch "A conclusion is the place where you got tired of thinking" - Arthur Bloch 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E

...print bill) etc. I'd appreciate real world experiences and have already been down the VoIP-Info road looking at the majority of platforms offered (A2Billing, Supertec, etc.) with no success. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP "Enough research will tend to support your conclusions." - Arthur Bloch "A conclusion is the place where you got tired of thinking" - Arthur Bloch 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E

...st) I'm using Asterisk 1.4. For those running managed PBX's that are concerned with security, feel free to contact me off-list for an explanation of the request for this script, etc. -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E

I have an interesting observation which I thought I'd pass along to save other people from spending time trying to 'fix' it. One of my clients uses Charter's so called "business phone service". They provide 'analog' phone lines over IP. In general, they've worked OK. End users were saying that the phone are "cutting out" at times. What

I don't know how to get both RSA and ECC cert from letsencrypt. Aki > On 30 July 2018 at 20:43 David Mehler <dave.mehler at gmail.com> wrote: > > > Hello, > > What acme implementation do you use for your letsencrypt certificates? > If it's acme.sh how do you get both rsa and ecc certificates? What > configuration options are you using in your

Is there a convenient way to limit the number of call files (outgoing directory) that are processed concurrently? -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3234 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20090226/a46e68fa/attachment.bin