Displaying 20 results from an estimated 4328 matches for "pem".
Did you mean:
mem
2023 Feb 06
2
Still Struggling with Secure Connections
I made a special pair of keys just for Icecast with this command:
$ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout
key.pem -out cert.pem
I combined the two files like this:
$ cat cert.pem key.pem > icecast.pem
I placed icecast.pem in /etc/icecast2 and used 'chown icecast2:icecast
icecast.pem' to change owner to icecast2:icecast.
I also changed its protection to 600 with 'chmod 600 icecast.pem' s...
2018 Aug 29
3
SNI Dovecot
Hi all,
I'm testing the SNI configuration from dovecot's wiki page, to have multiple domains.
I'm using letsencrypt certificates.
On the 10-ssl.conf, when I only use one domain, like this, it works :
ssl_ca = </etc/letsencrypt/live/mail.mydomain.fr/chain.pem
ssl_cert = </etc/letsencrypt/live/mail.mydomain.fr/cert.pem
ssl_key = </etc/letsencrypt/live/mail.mydomain.fr/privkey.pem
I got a warning of course when using my second domain, mydomain2.fr.
If I do the config :
local_name mail.mydomain.fr {
ssl_ca = </etc/letsencrypt/live/mail.mydomain...
2015 Aug 15
3
Multidomain / IP Address Setup (Dovevot 2.2.10 on CentOS7 ) is failing: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM
...g
ausearch -m avc shows no deniead messages
>
>> ### This works (Thunderbird, Outlook 2013, Opera Mail ect.) ####
>>
>> local mydomain01.tld {
>>
>> protocol imap {
>> ssl_cert =
>> </etc/ssl/domains/mydomain.tld/imap/imap.mydomain02.tld.crt.pem
>> ssl_key =
>> </etc/ssl/domains/mydomain.tld/imap/imap.mydomain02.tld.key.pem
>> }
>>
>> }
>>
Sorry the above has some typo errors, forget it.
Ok, this works well:
Configfile: /etc/dovecot/conf.d/10-ssl.conf
protocol imap {
ssl_cert =
</etc/s...
2012 Jul 16
1
Selective TLS per local IP
...up for SSL with valid key/certs, if you have a self signed or no CERT at all, it starts connection warnings and errors on the client side.
So is there any way possible to turn off advertising of TLS on port or turn it off/on per IP?
Something like:
ssl = yes
ssl_cert = </etc/ssl/cert/default.pem
ssl_key = </etc/ssl/cert/default.pem
local 10.1.1.1 {
protocol imap {
ssl_cert = </etc/ssl/cert/site1.pem
ssl_key = </etc/ssl/cert/site1.pem
}
protocol pop3 {
ssl_cert = </etc/ssl/cert/site1.pem
ssl_key = </etc/ssl/cert/site1.pem
}
}
local 10.1.1.2...
2017 Oct 29
2
dovecot-2.3 (-git) Warning and Fatal Compile Error
...te:
>> This problem below is still present in 2.3 -git, as of version 2.3.devel
>> (6fc40674e)
>>
>>>>> Secondly, this ssl_dh messages is always printed from doveconf:
>>>>>
>>>>> doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem
>>>>> doveconf: Warning: You can generate it with: dd
>>>>> if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh
>>>>> -inform der > /etc/dovecot/dh.pem
>>>>>
>>>>> Yet the file is there:
>>>>>...
2020 Jun 11
3
SSL-Question
Hello!
Sorry, but SSL in my windows where is installed icecast not work.
Create certificate (.crt) and convert to .pem with openssl x509 -in
mycert.crt -out mycert.pem -outform PEM
certificate.pem copy to c:/icecast/cert/
Edit icecast.xml:
<ssl-certificate>./cert/icecast.pem</ssl-certificate>
<listen-socket>
<port>8443</port>
<ssl>1</ssl>
</listen-socket&...
2016 Apr 01
2
Libreswan PEM format
I have tried
openssl rsa -in bicester_left.pub -outform pem > bicester_left.pem
I get
unable to load Private Key
140372295030648:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:701:Expecting: ANY PRIVATE KEY
On 1 April 2016 at 13:59, Eero Volotinen <eero.volotinen at iki.fi> wrote:
> You can do any kind of format conversions...
2014 Oct 11
0
]UG] Dovecot 2.2.9 SSL client cert verification fails: openssl verify: OK
Greetings all,
I have verified a bug that has long been attributed to lack of knowledge
on the part of the user.
Dovecot rejects StartSSL client certificates due to reject StartSSL root
CA when doing client verification even though the appropriately
constructed ca-bundle.pem has been created and applied vi ssl_ca =
</etc/dovecot/ca-bundle.pem.
openssl verify -CAfile ca-bundle.pem -crl_check_all -policy_check
-x509_strict -verbose client-cert.pem returns:
client-cert.pem: OK
However dovecot reports the following:
Oct 11 01:41:17 hostname dovecot: imap-login: Inva...
2018 Dec 14
2
Upgrade to 2.3.1 has failed
...vecot v2.2 working just fine under openSUSE Leap 42.3. But we
upgraded openSUSE to Leap 15.0.
In the process, Dovecot got upgraded from 2.2 to 2.3.1. It no longer
works and I haven't figured out how to downgrade to the older working
version.
The key issue seems to be the change to requiring dh.pem and changing s
sl_protocols to ssl_min_protocols.?I think I've navigated both
correctly, but it still doesn't work.
The error is
auth: Error: stats: open(old-stats-user) failed: Permission denied
as a consequence of which we get
imap-login: Error: Failed to initialize SSL serv...
2015 Sep 09
2
Working with PEM content
Hi,
If I need to script some management of text files with PEM content, are
there already some tools that exist that do this safely?
e.g.
somecert.pem that might contain
-----BEGIN CERTIFICATE-----
blah blah
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
more blah
-----END DH PARAMETERS-----
What I would like is a utility that can read that file,...
2007 Feb 26
2
Certs file
I'm running 1.0rc23 on FreeBSD 6.2-RELEASE, and seeing the following:
Starting dovecot.
Error: Can't use SSL key file /etc/ssl/private/dovecot.pem: No such
file or directory
In the config file I have:
ssl_cert_file=/usr/local/certs/imapd.pem
Looking for dovecot.pem on the config file there's only:
% grep dovecot.pem dovecot.conf
#ssl_cert_file = /etc/ssl/certs/dovecot.pem
#ssl_key_file = /etc/ssl/private/dovecot.pem
So the two entr...
2015 Aug 14
2
Multidomain / IP Address Setup (Dovevot 2.2.10 on CentOS7 ) is failing: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM
.../var/log/maillog
*dovecot: master: Dovecot v2.2.10 starting up for imap, pop3, lmtp (core
dumps disabled)
### This works (Thunderbird, Outlook 2013, Opera Mail ect.) ####
local mydomain01.tld {
protocol imap {
ssl_cert =
</etc/ssl/domains/mydomain.tld/imap/imap.mydomain02.tld.crt.pem
ssl_key =
</etc/ssl/domains/mydomain.tld/imap/imap.mydomain02.tld.key.pem
}
}
### this 10-ssl.conf ### --- FAILS (the error occurs after an email
client accesses IMAP Folders)
local mydomain01.tld {
protocol imap {
ssl_cert =
</etc/ssl/domains/mydomain.tld/imap/imap....
2010 Aug 24
5
Reading pem file in ruby on rails
hi,
i have a certificate file in pem format. i need to read the pem file.
Need help on how to read the certificate in ruby on rails
Thanks
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email t...
2008 Feb 13
1
Openssh + x509 patch problem
...igure --prefix=/opt/ssh && make && make
install in both server and client machines
- Create minimal openssl ca structure under /opt/ssh/etc/ca
( self signed CA certificate, server certificate signed by CA,
client certificate signed by CA ).
I now have certificates cacert.pem, server.pem and client.pem and
keys for all three
- Build server host id using (under /opt/ssh/etc):
cat server-key.pem > ssh_host_key_cert
cat server.pem >> ssh_host_key_cert
chmod 0600 ssh_host_key_cert
../bin/ssh-keygen -y > ssh_host_key_cert.pub
// entering ssh...
2011 Dec 08
4
Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/node13.pem
...e request for node13
info: Certificate Request fingerprint (md5): 74:5D:F2:AA:
9C:DC:F5:E3:2D:FE:B7:6B:A0:35:67:11
warning: peer certificate won''t be verified in this SSL session
err: Could not request certificate: Error 400 on SERVER: Could not
write /var/lib/puppet/ssl/ca/requests/node13.pem to csrdir: Could not
find a default provider for user
Exiting; failed to retrieve certificate and waitforcert is disabled
here is the outpupt for the same command with --debug option:
debug: Failed to load library ''rubygems'' for feature ''rubygems''
debug: Puppet...
2017 Oct 29
2
dovecot-2.3 (-git) Warning and Fatal Compile Error
...reuben-dovecot at reub.net>
>>> wrote:
This problem below is still present in 2.3 -git, as of version 2.3.devel
(6fc40674e)
>>> Secondly, this ssl_dh messages is always printed from doveconf:
>>>
>>> doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem
>>> doveconf: Warning: You can generate it with: dd
>>> if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh
>>> -inform der > /etc/dovecot/dh.pem
>>>
>>> Yet the file is there:
>>>
>>> thunderstorm conf.d # ls -la /etc...
2010 Aug 19
1
[virt-tools-list] Client certificate paths?
On 08/12/2010 10:29 AM, Lars Kellogg-Stedman wrote:
> Hello all,
>
> I'm trying to get virsh (and virt-manager) to talk to a remote libvirt
> instance. I cannot for the life of me figure out how to tell either
> tool where to find client or CA certificates. Do they *really* need
> to access the ones in /etc/pki? In particular, the client seems to
> want to read the
2018 Nov 13
2
dovecot 2.2/openssl 1.0 vs dovecot 2.3/openssl 1.1.1 ssl regression
...n from 2.2.36 run with openssl 1.0.2o to
dovecot 2.3.3 run with openssl 1.1.1.
Currently I have both variants running with identical configs and certs
(the only differences are due to config syntax changes in dovecot 2.3),
so for example on both I have:
ssl_ca = </etc/openssl/certs/wildcard_ca.pem
(this file contains single intermediate certificate of my CA)
ssl_cert = </etc/openssl/certs/wildcard_crt.pem
(this contains single cerificate for my *.example.com domain)
ssl_key = # hidden, use -P to show it
(and one key)
No alt certs in use.
Chain is:
- CA trusted by clients (this certif...
2013 Aug 07
1
puppet-3.2.2 runs fine - but doesn't work. 2.7.22 works fine.
...;750", :loglevel=>:debug, :path=>"/var/lib/puppet/.puppet/ssl/private"}''
Aug 7 14:33:38 puppetmaster-02 puppet-master[27451]: Using settings: adding file resource ''hostcert'': ''File[/var/lib/puppet/.puppet/ssl/certs/puppetmaster-02.example.dk.pem]{:links=>:follow, :ensure=>:file, :backup=>false, :mode=>"644", :loglevel=>:debug, :path=>"/var/lib/puppet/.puppet/ssl/certs/puppetmaster-02.example.dk.pem"}''
Aug 7 14:33:38 puppetmaster-02 puppet-master[27451]: Using settings: adding file resource ...
2019 Jul 18
4
Dovecot with MySQL over SSL.
Hello!
I'm attempting to get Dovecot working with MySQL user database on
another machine. I can connect to the MySQL (5.7.26) instance with SSL
enabled:
?mysql -h db.mrst.ee --ssl-ca=/etc/dovecot/ca.pem
--ssl-cert=/etc/dovecot/client-cert.pem
--ssl-key=/etc/dovecot/client-key.pem --ssl-cipher=DHE-RSA-AES256-SHA -u
vmail -p
However if I use the same values in dovecot-sql.conf.ext, I get the
following error:
Jul 19 00:20:18 turin dovecot: master: Dovecot v2.3.7 (494d20bdc)
starting up for ima...