Displaying 20 results from an estimated 24 matches for "sslcarevocationfil".
Did you mean:
sslcarevocationfile
2009 Feb 09
1
puppet + mongrel + host_cert/key owner
...mongrel.conf
SSLCertificateFile /var/lib/puppet/ssl/certs/gridinstall.pic.es.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/gridinstall.pic.es.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
TIA,
Arnau
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe...
2012 Dec 17
1
multiple puppet masters
...et.pem
#SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
#SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# If Apache complains about invalid signatures on the CRL, you can try disabling
# CRL checking by commenting the next line, but this is not recommended.
#SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
# The `ExportCertData` option is needed for agent certificate expiration warnings
SSLOptions +StdEnvVars +ExportCertData
# This header needs to be set if using a loadbalancer or proxy
RequestH...
2015 Feb 16
1
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
Thanks for the note. I had never seen anything in the postfix and apache documentation that the CRLs could be intermingled with the CRTs in the CRT file. The documentation for those programs suggests putting the CRLs in a separate file (e.g. apache SSLCARevocationFile) or doesn't talk about putting CRLs in with the certs (e.g. postfix smtpd_tls_cert_file). If it works to put them all in one file for those programs, that's good to know.
On 2015/2/16 07:23, Reindl Harald wrote:
>
> Am 16.02.2015 um 15:53 schrieb dovecot@lists.killian.com:
>>...
2012 Feb 06
1
Puppet / Passenger SSL Problems with DRBD
...tmaster.foo.bar.pem
SSLCertificateChainFile /drbd01/puppet/var/lib/puppet/ssl/ca/
ca_crt.pem
SSLCACertificateFile /drbd01/puppet/var/lib/puppet/ssl/ca/
ca_crt.pem
# CRL checking should be enabled; if you have problems with Apache
complaining about the CRL, disable the nex
t line
# SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
# The following client headers allow the same configuration to
work with Pound.
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_C...
2013 Jul 23
3
Debugging Puppetmaster with Apache/Rack/Passenger
...tificateFile /var/lib/puppet/ssl/certs/<puppetmaster>.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
<puppetmaster>.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars +ExportCertData
# These request headers are used to pass the client certificate
# authentication information on to t...
2013 May 30
4
Could not request certificate: Error 405 on SERVER
...W:-EXP
SSLCertificateFile
/var/lib/puppet/ssl/certs/pmaster.localdomain.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/pmaster.localdomain.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars +ExportCertData
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
<Directory /usr/share/puppet/rack/puppetmasterd/>
Option...
2012 Apr 22
2
centos 6.2 - puppet 2.7.13 - SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert protocol version
.../private_keys/medion.chatillon.betrancourt.net.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# CRL checking should be enabled; if you have problems with Apache
complaining about the CRL, disable the next line
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
# The following client headers allow the same configuration to work
with Pound.
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_...
2010 Aug 20
5
puppet dashboard gui looks odd from apache2
...LCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# If Apache complains about invalid signatures on the CRL, you
can try disabling
# CRL checking by commenting the next line, but this is not recommended.
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
RackBaseURI /
<Directory /usr/share/puppet/rack/puppetmasterd/>
O...
2010 Jun 09
12
Foreman -- Reporting
Hello All,
I don''t seem to be able to get reports to display on the foreman
interface. I copied extras/puppet/foreman/files/foreman-report.rb to /
usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/
lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/
Passenger, Puppet 0.25.4.
The reports are coming from the clients, because I can see them
in
2012 Jun 14
15
Problem with Load Balancing Puppet masters with Apache mod_proxy
...SSLCertificateFile /var/lib/puppet/ssl/certs/
puppetlb.example.com.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
puppetlb.example.com.pem
SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_V...
2009 Oct 19
7
Passenger Woes
...CertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# If Apache complains about invalid signatures on the CRL, you
can try disabling
# CRL checking by commenting the next line, but this is not recommended.
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
DocumentRoot /etc/puppet/rack/public/
RackBaseURI /
<Directory /etc/puppet/rack/>
Options None
AllowOverri...
2012 Jun 12
1
Dashboard with RackbaseURI / and RailsAutoDetect off
...uppet/ssl/ca/ca_crt.pem
> SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
> # If Apache complains about invalid signatures on the CRL, you can
> try disabling
> # CRL checking by commenting the next line, but this is not
> recommended.
> SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
> SSLVerifyClient optional
> SSLVerifyDepth 1
> SSLOptions +StdEnvVars
>
> ErrorLog logs/puppet_error_log
> TransferLog logs/puppet_access_log
> LogLevel warn
> # This heade...
2014 Aug 29
0
Using puppet with Apache mod_disk_cache and passenger over SSL
...!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
SSLCertificateFile /var/lib/puppet/ssl/certs/hostname.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/hostname.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars +ExportCertData
# These request headers are used to pass the client certificate
# authentication information on to the puppet master process...
2009 Sep 07
2
passenger-status error messages
...uppet/ssl/private_keys/sys-ubuntu.arl.qwestip.net.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# If Apache complains about invalid signatures on the CRL, you can
try disabling
# CRL checking by commenting the next line.
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
# The following client headers allow the same configuration to work with Pound.
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
Requ...
2012 May 13
6
Puppetmaster with apache/passenger on SL6
Dear experts,
Since I''ve moved my *puppetmaster* form SL5 (Scientific Linux) to SL6 with
SELinux on, I''m facing loads of trouble. I also move away from WEBrick to
apache/passenger, following the instruction here:
http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger
>
and I can''t start httpd any more. It fails with this:
Starting httpd: (98)Address
2011 Jun 29
0
Setting up puppetmaster-passenger on Debian
...SSLCACertificateFile /var/lib/puppet/ssl/certs/ca.pem
SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem
# If Apache complains about invalid signatures on the CRL, you
can try disabling
# CRL checking by commenting the next line, but this is not recommended.
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
# Set to require if this puppetmaster doesn''t issue certificates
# to puppet clients.
# NB: this requires SSLCACertificateFile
/var/lib/puppet/ssl/certs/ca.pem
# issuing puppet client certificate.
SSLVerifyC...
2011 May 31
3
uploading files via REST?
Hello,
I am a bit confused by the REST syntax - how can I PUT an arbitrary file in
the bucket? Downloading works fine (Perl+LWP), see below, but for PUT I only
see this line in the docs (http://docs.puppetlabs.com/guides/rest_api.html):
PUT /{environment}/file_bucket_file/md5/{checksum}
Should I compute the MD5 of the file and port its contents at the url ?
my code:
my $ua =
2007 Nov 21
6
mod_proxy_balancer under heavy load.
...VirtualHost xxx.xxx.xxx:8140>
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLCertificateFile /path/to/certfile.pem
SSLCertificateKeyFile /path/to/certkeyfile.pem
SSLCertificateChainFile /path/to/certchainfile.pem
SSLCACertificateFile /path/to/cacertfile.pem
SSLCARevocationFile /path/to/carevocfile.pem
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +StdEnvVars
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
<Location />...
2009 Feb 10
3
something wrong with mongrel?
...C4+RSA
SSLCertificateFile /var/lib/puppet/ssl/certs/gridinstall.pic.es.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/gridinstall.pic.es.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
<Location />
SetHandler balancer-manager...
2011 Dec 16
12
Seperate CA's/Master behind load balancer
...ppet/ssl/certs/loadbalancer.pem
SSLCertificateKeyFile /etc/puppet/ssl/private_keys/loadbalancer.pem
SSLCertificateChainFile /etc/puppet/ssl/certs/ca.pem
SSLCACertificateFile /etc/puppet/ssl/ca/ca_crt.pem
# CRL checking should be enabled
# disable next line if Apache complains about CRL
#SSLCARevocationFile /etc/puppet/ssl/ca/ca_crl.pem
# optional to allow CSR request, required if certificates
distributed to client during provisioning.
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
# The following client headers record authentication information for
down stream workers....