search for: pem

I made a special pair of keys just for Icecast with this command: $ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem I combined the two files like this: $ cat cert.pem key.pem > icecast.pem I placed icecast.pem in /etc/icecast2 and used 'chown icecast2:icecast icecast.pem' to change owner to icecast2:icecast. I also changed its protection to 600 with 'chmod 600 icecast.pem' s...

Hi all, I'm testing the SNI configuration from dovecot's wiki page, to have multiple domains. I'm using letsencrypt certificates. On the 10-ssl.conf, when I only use one domain, like this, it works : ssl_ca = </etc/letsencrypt/live/mail.mydomain.fr/chain.pem ssl_cert = </etc/letsencrypt/live/mail.mydomain.fr/cert.pem ssl_key = </etc/letsencrypt/live/mail.mydomain.fr/privkey.pem I got a warning of course when using my second domain, mydomain2.fr. If I do the config : local_name mail.mydomain.fr { ssl_ca = </etc/letsencrypt/live/mail.mydomain...

...g ausearch -m avc shows no deniead messages > >> ### This works (Thunderbird, Outlook 2013, Opera Mail ect.) #### >> >> local mydomain01.tld { >> >> protocol imap { >> ssl_cert = >> </etc/ssl/domains/mydomain.tld/imap/imap.mydomain02.tld.crt.pem >> ssl_key = >> </etc/ssl/domains/mydomain.tld/imap/imap.mydomain02.tld.key.pem >> } >> >> } >> Sorry the above has some typo errors, forget it. Ok, this works well: Configfile: /etc/dovecot/conf.d/10-ssl.conf protocol imap { ssl_cert = </etc/s...

...up for SSL with valid key/certs, if you have a self signed or no CERT at all, it starts connection warnings and errors on the client side. So is there any way possible to turn off advertising of TLS on port or turn it off/on per IP? Something like: ssl = yes ssl_cert = </etc/ssl/cert/default.pem ssl_key = </etc/ssl/cert/default.pem local 10.1.1.1 { protocol imap { ssl_cert = </etc/ssl/cert/site1.pem ssl_key = </etc/ssl/cert/site1.pem } protocol pop3 { ssl_cert = </etc/ssl/cert/site1.pem ssl_key = </etc/ssl/cert/site1.pem } } local 10.1.1.2...

...te: >> This problem below is still present in 2.3 -git, as of version 2.3.devel >> (6fc40674e) >> >>>>> Secondly, this ssl_dh messages is always printed from doveconf: >>>>> >>>>> doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem >>>>> doveconf: Warning: You can generate it with: dd >>>>> if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh >>>>> -inform der > /etc/dovecot/dh.pem >>>>> >>>>> Yet the file is there: >>>>>...

Hello! Sorry, but SSL in my windows where is installed icecast not work. Create certificate (.crt) and convert to .pem with openssl x509 -in mycert.crt -out mycert.pem -outform PEM certificate.pem copy to c:/icecast/cert/ Edit icecast.xml: <ssl-certificate>./cert/icecast.pem</ssl-certificate> <listen-socket> <port>8443</port> <ssl>1</ssl> </listen-socket&...

I have tried openssl rsa -in bicester_left.pub -outform pem > bicester_left.pem I get unable to load Private Key 140372295030648:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:701:Expecting: ANY PRIVATE KEY On 1 April 2016 at 13:59, Eero Volotinen <eero.volotinen at iki.fi> wrote: > You can do any kind of format conversions...

Greetings all, I have verified a bug that has long been attributed to lack of knowledge on the part of the user. Dovecot rejects StartSSL client certificates due to reject StartSSL root CA when doing client verification even though the appropriately constructed ca-bundle.pem has been created and applied vi ssl_ca = </etc/dovecot/ca-bundle.pem. openssl verify -CAfile ca-bundle.pem -crl_check_all -policy_check -x509_strict -verbose client-cert.pem returns: client-cert.pem: OK However dovecot reports the following: Oct 11 01:41:17 hostname dovecot: imap-login: Inva...

...vecot v2.2 working just fine under openSUSE Leap 42.3. But we upgraded openSUSE to Leap 15.0. In the process, Dovecot got upgraded from 2.2 to 2.3.1. It no longer works and I haven't figured out how to downgrade to the older working version. The key issue seems to be the change to requiring dh.pem and changing s sl_protocols to ssl_min_protocols.?I think I've navigated both correctly, but it still doesn't work. The error is auth: Error: stats: open(old-stats-user) failed: Permission denied as a consequence of which we get imap-login: Error: Failed to initialize SSL serv...

Hi, If I need to script some management of text files with PEM content, are there already some tools that exist that do this safely? e.g. somecert.pem that might contain -----BEGIN CERTIFICATE----- blah blah -----END CERTIFICATE----- -----BEGIN DH PARAMETERS----- more blah -----END DH PARAMETERS----- What I would like is a utility that can read that file,...

I'm running 1.0rc23 on FreeBSD 6.2-RELEASE, and seeing the following: Starting dovecot. Error: Can't use SSL key file /etc/ssl/private/dovecot.pem: No such file or directory In the config file I have: ssl_cert_file=/usr/local/certs/imapd.pem Looking for dovecot.pem on the config file there's only: % grep dovecot.pem dovecot.conf #ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem So the two entr...

.../var/log/maillog *dovecot: master: Dovecot v2.2.10 starting up for imap, pop3, lmtp (core dumps disabled) ### This works (Thunderbird, Outlook 2013, Opera Mail ect.) #### local mydomain01.tld { protocol imap { ssl_cert = </etc/ssl/domains/mydomain.tld/imap/imap.mydomain02.tld.crt.pem ssl_key = </etc/ssl/domains/mydomain.tld/imap/imap.mydomain02.tld.key.pem } } ### this 10-ssl.conf ### --- FAILS (the error occurs after an email client accesses IMAP Folders) local mydomain01.tld { protocol imap { ssl_cert = </etc/ssl/domains/mydomain.tld/imap/imap....

hi, i have a certificate file in pem format. i need to read the pem file. Need help on how to read the certificate in ruby on rails Thanks -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email t...

...igure --prefix=/opt/ssh && make && make install in both server and client machines - Create minimal openssl ca structure under /opt/ssh/etc/ca ( self signed CA certificate, server certificate signed by CA, client certificate signed by CA ). I now have certificates cacert.pem, server.pem and client.pem and keys for all three - Build server host id using (under /opt/ssh/etc): cat server-key.pem > ssh_host_key_cert cat server.pem >> ssh_host_key_cert chmod 0600 ssh_host_key_cert ../bin/ssh-keygen -y > ssh_host_key_cert.pub // entering ssh...

...e request for node13 info: Certificate Request fingerprint (md5): 74:5D:F2:AA: 9C:DC:F5:E3:2D:FE:B7:6B:A0:35:67:11 warning: peer certificate won''t be verified in this SSL session err: Could not request certificate: Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/node13.pem to csrdir: Could not find a default provider for user Exiting; failed to retrieve certificate and waitforcert is disabled here is the outpupt for the same command with --debug option: debug: Failed to load library ''rubygems'' for feature ''rubygems'' debug: Puppet...

...reuben-dovecot at reub.net> >>> wrote: This problem below is still present in 2.3 -git, as of version 2.3.devel (6fc40674e) >>> Secondly, this ssl_dh messages is always printed from doveconf: >>> >>> doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem >>> doveconf: Warning: You can generate it with: dd >>> if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh >>> -inform der > /etc/dovecot/dh.pem >>> >>> Yet the file is there: >>> >>> thunderstorm conf.d # ls -la /etc...

On 08/12/2010 10:29 AM, Lars Kellogg-Stedman wrote: > Hello all, > > I'm trying to get virsh (and virt-manager) to talk to a remote libvirt > instance. I cannot for the life of me figure out how to tell either > tool where to find client or CA certificates. Do they *really* need > to access the ones in /etc/pki? In particular, the client seems to > want to read the

...n from 2.2.36 run with openssl 1.0.2o to dovecot 2.3.3 run with openssl 1.1.1. Currently I have both variants running with identical configs and certs (the only differences are due to config syntax changes in dovecot 2.3), so for example on both I have: ssl_ca = </etc/openssl/certs/wildcard_ca.pem (this file contains single intermediate certificate of my CA) ssl_cert = </etc/openssl/certs/wildcard_crt.pem (this contains single cerificate for my *.example.com domain) ssl_key = # hidden, use -P to show it (and one key) No alt certs in use. Chain is: - CA trusted by clients (this certif...

...;750", :loglevel=>:debug, :path=>"/var/lib/puppet/.puppet/ssl/private"}'' Aug 7 14:33:38 puppetmaster-02 puppet-master[27451]: Using settings: adding file resource ''hostcert'': ''File[/var/lib/puppet/.puppet/ssl/certs/puppetmaster-02.example.dk.pem]{:links=>:follow, :ensure=>:file, :backup=>false, :mode=>"644", :loglevel=>:debug, :path=>"/var/lib/puppet/.puppet/ssl/certs/puppetmaster-02.example.dk.pem"}'' Aug 7 14:33:38 puppetmaster-02 puppet-master[27451]: Using settings: adding file resource ...

Hello! I'm attempting to get Dovecot working with MySQL user database on another machine. I can connect to the MySQL (5.7.26) instance with SSL enabled: ?mysql -h db.mrst.ee --ssl-ca=/etc/dovecot/ca.pem --ssl-cert=/etc/dovecot/client-cert.pem --ssl-key=/etc/dovecot/client-key.pem --ssl-cipher=DHE-RSA-AES256-SHA -u vmail -p However if I use the same values in dovecot-sql.conf.ext, I get the following error: Jul 19 00:20:18 turin dovecot: master: Dovecot v2.3.7 (494d20bdc) starting up for ima...