search for: sslcertificatechainfile

...ame vhost.domain#.com:443 ServerAlias box.domain#.com:443 ServerAlias calcbox.domain#.com:443 ServerAlias proxybox.domain#.com:443 ... SSLEngine on SSLStrictSNIVHostCheck on SSLCertificateFile /etc/httpd/conf/ssl.crt/domain#-host.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain#-host.key SSLCertificateChainFile /etc/httpd/conf/ssl.crt/server-chain.crt ... </VirtualHost> only https://domain1.com/... works https://domain2.com/... results in a certificate CN mismatch ... what is missing in my config.? Thanks, Walter

Bad day today. Why this new JIRA system not working. I have created issue and submit and i got blank page.. Please someone help me to create BUG!!!!!!!!!!! -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20110608/e99afa31/attachment.htm>

...riginal path (and also owner) of both files and seems to puppet still works... what problems could it cause to my conf? # grep lib mongrel.conf SSLCertificateFile /var/lib/puppet/ssl/certs/gridinstall.pic.es.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/gridinstall.pic.es.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem TIA, Arnau --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the G...

...gt; SSLEngine on SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/puppet-master2.test.net.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet-master4.test.net.pem #SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem #SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem # If Apache complains about invalid signatures on the CRL, you can try disabling # CRL checking by commenting the next line, but this is not recommended. #SSLCARevocationFile /var/lib/pu...

.... --8<------------------------------------------------ ... DocumentRoot "/var/www/html/default/html" ServerName sd-41893.dedibox.fr:443 ... SSLCertificateFile /etc/letsencrypt/live/sd-41893.dedibox.fr/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/sd-41893.dedibox.fr/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/sd-41893.dedibox.fr/fullchain.pem --8<------------------------------------------------ After restarting Apache, the website shows up correctly. https://sd-41893.dedibox.fr/ But when I test it using Qualys SSL Labs Server Test, the results are a disappointment. https://w...

...var/log/httpd/puppet_error_log" SSLEngine on SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA SSLCertificateFile /drbd01/puppet/var/lib/puppet/ssl/certs/ puppetmaster.foo.bar.pem SSLCertificateKeyFile /drbd01/puppet/var/lib/puppet/ssl/ private_keys/puppetmaster.foo.bar.pem SSLCertificateChainFile /drbd01/puppet/var/lib/puppet/ssl/ca/ ca_crt.pem SSLCACertificateFile /drbd01/puppet/var/lib/puppet/ssl/ca/ ca_crt.pem # CRL checking should be enabled; if you have problems with Apache complaining about the CRL, disable the nex t line # SSLCARevocationFile /var/lib/puppet/ssl/ca/...

...ility. SSLProtocol All -SSLv2 SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/<puppetmaster>.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/ <puppetmaster>.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertDat...

...needed for compatibility. SSLProtocol All -SSLv2 SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/pmaster.localdomain.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/pmaster.localdomain.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertData DocumentRoot...

...n SSLProtocol -all +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/medion.chatillon.betrancourt.net.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/medion.chatillon.betrancourt.net.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem # CRL checking should be enabled; if you have problems with Apache complaining about the CRL, disable the next line SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient...

...on SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/sys-ubuntu.arl.qwestip.net.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/sys-ubuntu.arl.qwestip.net.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem # If Apache complains about invalid signatures on the CRL, you can try disabling # CRL checking by commenting the next line, but this is not recommended. SSLCARevocationFile...

Hello All, I don''t seem to be able to get reports to display on the foreman interface. I copied extras/puppet/foreman/files/foreman-report.rb to / usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ Passenger, Puppet 0.25.4. The reports are coming from the clients, because I can see them in

...43 > ServerAlias calcbox.domain#.com:443 > ServerAlias proxybox.domain#.com:443 > > ... > SSLEngine on > > SSLStrictSNIVHostCheck on > > SSLCertificateFile /etc/httpd/conf/ssl.crt/domain#-host.crt > SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain#-host.key > SSLCertificateChainFile /etc/httpd/conf/ssl.crt/server-chain.crt > > ... > </VirtualHost> > > only > https://domain1.com/... > works > https://domain2.com/... > results in a certificate CN mismatch ... > > what is missing in my config.? > > Thanks, > Walter > > &...

...f the implementation requirements. Although it does seem that OpenSSL supports this concept. I am aware that Apache HTTPD (via mod_ssl) and Courier-IMAP offer support for this feature. Here's a link to information from the Apache HTTPD manual: http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslcertificatechainfile Thank you for the continued development of a great project. Matt

..._cert = </etc/ssl/certs/dovecot/ca.pem ---- I even cat mail.mymailserver.com.crt sub.class1.server.ca.pem certs/dovecot/ca.pem into one singe file, and define ssl_cert = < /path/to/the/singcertfile.pem, but it doesn't work too. In my apache httpd server httpd.conf file I can define: -- SSLCertificateChainFile /etc/pki/dovecot/certs/sub.class1.server.ca.pem SSLCACertificateFile /etc/pki/dovecot/certs/ca.pem -- And it well work fine. Thinks for any suggest. Bu Xiaobing

...ppserver:8010/ </Proxy> ProxyPass / balancer://hotcluster/ ProxyPassReverse / balancer://hotcluster/ SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateKeyFile "/home/sasi/test.key" SSLCACertificateFile "/home/sasi/test.cer" SSLCertificateChainFile "/home/sasi/test1.cer" <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/usr/local/apache2/cgi-bin"> SSLOptions +StdEnvVars </Directory> BrowserMatch ".*MSIE.*" \ nokeepalive s...

...q -P'%p' lprm command = lprm -P'%p' %j map archive = No print command = lpr -r -P'%p' %s printing = bsd Intermediate certificates (tls/ad-rep2.example.com-2020-intermediate.pem) are ordered as mentioned in sectigo's documentation : "SSLCertificateChainFile: Intermediate(s)/Root only, PEM encoded (it contains the certificates from the leaf, without the certificate itself, to the root)" Thanks -- Jean Louis Mas

...ost *:8140> SSLEngine on SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/puppet.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem # If Apache complains about invalid signatures on the CRL, you can try disabling # CRL checking by commenting the next line, but this is not recommended. SSLCARevocationFile...

...s_dkey_file smtpd_tls_eccert_file smptd_tls_eckey_file smtpd_tls_CAfile Apache2.4 wants SSLCertificateFile SSLCertificateKeyFile repeated multiple times for different cert types. Making it worse, Apache2.4.8 wants the whole cert chain in the above, but earlier versions wanted SSLCertificateChainFile to have the non-leaf chain. Courier IMAP SSL wants TLS_CERTFILE specifying a file containing both the certificate and private key catenated. OpenVPN wants ca certificate chain used for signing.pem cert certificate.pem key privatekey.pem crl-verify crl.pem OpenLDAP appears...

...LSv1 > SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP > > SSLCertificateFile > /var/lib/puppet/ssl/certs/vmm-atds-pup-05.cern.ch.pem > SSLCertificateKeyFile > /var/lib/puppet/ssl/private_keys/vmm-atds-pup-05.cern.ch.pem > SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem > SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem > # If Apache complains about invalid signatures on the CRL, you can > try disabling > # CRL checking by commenting the next line, but this is not > recommended. &g...

Hi all, This topic is one that I am ignorant on and appreciate any guidance. My scenario; I have a wild card SSL installed on one of my CentOS boxes. As I understand it, this server was used as a sort of master when originally generating and receiving the wild card SSL cert (got the cert from GoDaddy BTW). So, now I must export some file(s) from that server so that I can import it/them to