Displaying 20 results from an estimated 220 matches for "privkeys".
Did you mean:
privkey
2017 Jun 02
3
Let's encrypt privkey : Specified certificate file could not be used
Hello
I get the following error when using our Let's Encrypt ssl certificate
for webRTC calls :
[Jun 2 14:29:28] == DTLS ECDH initialized (secp256r1), faster PFS enabled
[Jun 2 14:29:28] ERROR[27360][C-00000ae5]: res_rtp_asterisk.c:1441
ast_rtp_dtls_set_configuration: Specified certificate file
'/etc/letsencrypt/live/ws.mydomain.tld/privkey.pem' for RTP instance
2018 Aug 29
3
SNI Dovecot
Hi all,
I'm testing the SNI configuration from dovecot's wiki page, to have multiple domains.
I'm using letsencrypt certificates.
On the 10-ssl.conf, when I only use one domain, like this, it works :
ssl_ca = </etc/letsencrypt/live/mail.mydomain.fr/chain.pem
ssl_cert = </etc/letsencrypt/live/mail.mydomain.fr/cert.pem
ssl_key =
2020 Feb 10
6
question about pubkey and passphrase
Hi folks,
Since Docker can bind-mount every .ssh directory I am looking for
some way to forbid unprotected private keys.
AFAICS it is currently not possible on the sshd to verify that
the peer's private key was protected by a passphrase. Can you
confirm?
Regards
Harri
2020 Jul 01
4
local stanza only generated for IPv6
I have a mail server with multiple IP addresses and associated DNS names
In the dovecot configuration I have a listen directive:
??? listen = mail.example.com.com,mail.otherexample.com,localhost
Multiple local stanzas are of the form:
local mail.example.com {
? protocol imap {
???? ssl_cert = </etc/letsencrypt/live/mail.example.com/fullchain.pem
???? ssl_key =
2005 Sep 11
1
DSA support for TLS?
hi all,
i've dovecot TLS working correctly w/ locally generated *RSA* CA cert, domain
privkey & self-signed domain cert. to that end, my dovecot.conf includes:
ssl_key_file =
/var/Security/mail.testdomain.com.privkey.rsa.pem
ssl_cert_file = /var/Security/mail.testdomain.com.cert.rsa.pem
ssl_ca_file =
2013 May 24
1
Utility to scan for unpassworded SSH privkeys?
...th passwords.?
-------- Original message --------
From: Dan Kaminsky <dan at doxpara.com>
Date: 05/23/2013 5:39 PM (GMT-08:00)
To: "Dan Mahoney, System Admin" <danm at prime.gushi.org>
Cc: openssh-unix-dev at mindrot.org
Subject: Re: Utility to scan for unpassworded SSH privkeys?
Effectively nobody passphrases their ssh keys.? They're used as a way to *suppress* password entry in the real world -- use this, and things just work rather than poking you each time.
Sent from my iPhone
On May 23, 2013, at 5:19 PM, "Dan Mahoney, System Admin" <danm at prime...
2020 Jan 23
3
PJSIP and Grandstream Wave with TSL and SRTP
On Thursday, January 23, 2020 11:31:46 PM CET Sean Bright wrote:
> On 1/21/2020 9:18 PM, hw wrote:
> > [transport-tls]
> > type = transport
> > protocol = tls
> > bind = 0.0.0.0:5061
> > tos = cs5
> > cert_file = /etc/asterisk/cert/asterisk.pem
> > ca_list_file = /etc/pki/tls/certs/ca-bundle.crt
> > method = sslv23
>
> This is what mine
2016 Apr 13
2
Warning: Global setting won't change the setting inside an earlier filter
Hi,
I'm using the Dovecot Prebuilt Binary:
deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.2 main
I configured multiple SSL certificates with client TLS SNI (see
http://wiki2.dovecot.org/SSL/DovecotConfiguration).
Since my last update I get some warnings:
doveconf: Warning: /etc/dovecot/conf.d/10-ssl.conf line 12: Global
setting ssl_cert won't change the setting inside an
2018 Jul 22
4
ot: LE server conf setup/ iPhone 'expired cert' message
I've installed LE certs on my Dovecot a while back, and, it has been
working OK since, but, today, an iPhone user said he can't get emails as
iphone says 'cert is expired', searching around, I see some other iPhone
similar issues reported, do I have my conf correct, I have;
# cat dovecot.conf | grep ssl
ssl = required
verbose_ssl = no
ssl_cert =
2020 May 25
2
How to make IMAPS SSL Cert for Dovecot that works with Thunderbird
Hello Aki and all,
The below lines are in the dovecot config file. This seems to be the
same as Aki's suggestion. correct? I have also double checked file
perms, tried with several new key gens, several versions of thunderbird
and created completely new thunderbird profiles.
Thank you,
ssl_cert = </etc/letsencrypt/live/...../fullchain.pem
ssl_key =
2019 May 27
1
pam authentication error?
Getting this:
auth-worker(5045): Error: pam(kremels,xxx.xxx.xxx.xxx: pam_authenticate() failed: authentication error (/etc/pam.d/dovecot missing?)
# cat /etc/pam.d/dovcot
auth required pam_unix.so nullok
account required pam_unix.so
(file was last updated in April of 2018)
passdb {
username_filter = "!*@*"
driver = pam
}
userdb {
driver = passwd
}
service auth {
2018 Dec 14
2
Upgrade to 2.3.1 has failed
Problem:
We had Dovecot v2.2 working just fine under openSUSE Leap 42.3. But we
upgraded openSUSE to Leap 15.0.
In the process, Dovecot got upgraded from 2.2 to 2.3.1. It no longer
works and I haven't figured out how to downgrade to the older working
version.
The key issue seems to be the change to requiring dh.pem and changing s
sl_protocols to ssl_min_protocols.?I think I've navigated
2020 May 25
2
How to make IMAPS SSL Cert for Dovecot that works with Thunderbird
s_client: Option unknown option -trace
***
x509: Unknown parameter text
On 5/25/20 11:49 AM, Aki Tuomi wrote:
> Hi!
>
> Can you do
>
> openssl x509 text -noout </etc/letsencrypt/live/...../fullchain.pem
>
> and check these things:
>
> your server hostname isn included in SubjectAlternativeNames, and that the cert hasn't got MUST-STAPLE attribute? You can see
2018 Dec 14
2
Upgrade to 2.3.1 has failed
Aki hello, thank you. Hopefully excerpts and top posting are acceptable
in the mailing list??
On that assumption:
Thanks for the input. I've checked out your suggestions (details below)
but unfortunately no joy.
I also restored my backup 10-ssl.conf. It indeed has the "<" sign with
a space before the explicit paths to the files:
? ? ssl_cert =
2007 Mar 21
1
[RFC]: OpenSSH vpn lists
I've got an idea for using OpenSSH to establish a sort of internal
secure network, where everything going back and forth between certain
services (i.e. MySQL, how horrid) is encrypted even if the
application/server doesn't support launching the service over SSL. This
has some issues; so I'm probing for ideas on a new feature that would
resolve them and make this easier.
Let's
2018 Mar 05
3
How do I combine my ssl certs?
I have https/ssl on my site ok, but it uses two certificates from letsencrypt which renew automatically every three months.
However - Icecase says.
ssl-certificate
If specified, this points to the location of a file that contains both the X.509 private and public key. This is required for HTTPS support to be enabled. Please note that the user Icecast is running as must be able to read the file.
2018 Jul 22
0
ot: LE server conf setup/ iPhone 'expired cert' message
Do you have restarted Dovecot to reload the renewed certificate?
Am 22. Juli 2018, 15:04, um 15:04, Voytek Eymont <voytek at sbt.net.au> schrieb:
>I've installed LE certs on my Dovecot a while back, and, it has been
>working OK since, but, today, an iPhone user said he can't get emails
>as
>iphone says 'cert is expired', searching around, I see some other
2018 Aug 31
0
SNI Dovecot
FYI?
dovecot 2.2.10 from RedHat 7 has an issue with clients, which won't
send SNI.?As you are using version 2.2.27 you might encounter the same
behaviour.
If the client won't send SNI, my server randomly answers with any cert
instead of?the default cert,? --Perhaps dovecot just utilises the last
used cert? One speciality?of my certs is, that both share the same
Common Name (CN) but differ
2001 Dec 07
2
Authentication 'failure' success
We are using OpenSSH (portable) version 3.0.1p1 on Linux 2.2.14-10 with
RedHat's distribution of PAM 0.72-20.6.x for rsync'ing RRDTool data
between two machines (among other things). When running 'rsync -essh
-avz', everything works fine but the system log on the sshd side shows:
PAM_pwdb[8021]: authentication failure; (uid=0) -> rrd for sshd service
sshd[8021]: Accepted
2002 Jul 19
1
OpenSSH 3.4p1 hostbased auth - howto?
How do you enable hostbased authentication in OpenSSH?
I have two Red Hat 7.3 machines running openssh-3.4p1, and I would like to
be able to ssh from either of the machines to the other, as any user,
without using passwords or per-user keys.
My /etc/ssh/sshd_config contains:
[...]
IgnoreRhosts no
HostbasedAuthentication yes
[...]
My /etc/ssh/ssh_config contains:
[...]