search for: signkey

...ey and cert. But he is using the wrong common name (where does dovecot get this name from?). I tried deleting them and installing a handcrafted cert with this: openssl genrsa -out mail.key 2048 openssl req -new -key mail.key -out mail.csr openssl x509 -req -days 4312 -in mail.csr -out mail.cert -signkey mail.key after that i tried to update the dovecont.conf to point to the new files. But dovecot refuses to read them, i allways get an error, that dovecot can't read the certificate file. With dpkg-reconfigure dovecot-common, dovecot generates new ones, and they are working fine, but have t...

...{DATANAME}.2 cat ${DATA} ${DATA} > ${DATA2} -rm -f $OBJ/sshsig-*.sig $OBJ/wrong-key* $OBJ/sigca-key* +rm -f $OBJ/sshsig-*.sig $OBJ/wrong-key* $OBJ/sigca-key* $OBJ/allowed_signers* sig_namespace="test-$$" sig_principal="user-$$@example.com" @@ -66,11 +66,22 @@ for t in $SIGNKEYS; do $hashalg_arg < $DATA > $sigfile 2>/dev/null || \ fail "sign using $t / $h failed" (printf "$sig_principal " ; cat $pubkey) > $OBJ/allowed_signers + echo "" > $OBJ/allowed_signers.empty trace "$tid: key type $t verify with hash...

Hello, I'm currently evaluating using `ssh-keygen -Y verify` to check OS artifacts (e.g. packages) and I noticed that the `-f allowed_signers_file` option can be passed only once. A side remark: technically it can be passed multiple times without a warning but the last invocation overrides all previous ones. Tested using: $ ssh-keygen -Y verify -f allowed_signers -f /dev/null -n file -s

Hi all; Thinking I'd like to have a bit of security, I followed the example for dovecot from allgoodthings.org Guessing between the lines I made a few substitutions to localize it for me, but when I run the line to dump the configs, the output is very short because I do not have the *.pem files. Where can a usable set of these ssl 'keyfiles' be obtained? Cheers, Gene --

...o use the xen-api with key and cert System: - Debian Etch - Xen 3.1 compiled from source - python-pam installed - python-pyopenssl installed I did set up a key and a self signed cert: openssl genrsa -out ca.key 1024 openssl req -new -key ca.key -out ca.csr openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt put that under /root/ssl and modified /etc/ (xen-api-server ((9367 pam '''' /root/ssl/ca.key /root/ssl/ca.crt) (unix none))) restarted xend: /etc/init.d/xend restart seems to work : since in /var/log/xen/xend.log i found this line [2007-...

...server key generated above(output will be PEM formatted.) /usr/sbin/openssl req -new -key /etc/stunnel/swat.key -out /etc/stunnel/swat.csr 3. Create a self-signed certificate (X509 structure) the output will be PEM formatted. /usr/sbin/openssl x509 -req -days 365 -in /etc/stunnel/swat.csr -signkey /etc/stunnel/swat.key -out /etc/stunnel/swat.crt 4. Prepare certificate for stunnel. According to samba / stunnel documentation says that a blank line is needed between private key and certificate and another blank line at the end of the file echo "" > ~/blankline.txt cat /etc/...

...} --------------------------END------------------------------------------------------------------ certificate are created in bsd with following commands: openssl req -new -nodes -newkey rsa:1024 -sha1 -days 1095 -keyout bsd.private -out request.pem openssl x509 -req -in request.pem -days 1095 -signkey bsd.private -out bsd.public openssl pkcs12 -export -inkey bsd.private -in bsd.public -out win.p12 -name "win cert" ln -s bsd.public `openssl x509 -noout -hash -in bsd.public`.0 I have used win.p12 in windows 2000 prof. box for this process. Please anyone help me out to confi...