search for: verify_peer

I have tried all the suggestions up till now but the error message is still there. I have tried this configuaration for roundcube: $config['imap_conn_options'] = array( 'ssl' => array( 'peer_name' => '<FQDN_OF_DOVECOT_CERTIFICATE>', 'verify_peer' => true, 'verify_depth' => 3, // 'cafile' => '/dont/need/to/set/this/option', ), ); and this one: $config['imap_conn_options'] = array( 'ssl' => array( 'verify_peer' => false, 'verify_peer_name' =...

...> This could mean that the client has indicated it was unable to verify the server's certificate. > > With regards to Roundcube, see this in config/defaults.inc.php: > > //$config['imap_conn_options'] = array( > // 'ssl' => array( > // 'verify_peer' => true, > // 'verify_depth' => 3, > // 'cafile' => '/etc/openssl/certs/ca.crt', > // ), > // ); > >

...e REST service because my xml input gets url-encoded, but that''s ok... I really want to get this working with ActiveResource, not by using Net:HTTP directly. The solution that ultimately made Apache happy with that standalone code was to also set Net::HTTP.verify_mode to OpenSSL::SSL::VERIFY_PEER and to provide the certificate authority file that I used to sign the cert to Net:HTTP and Apache. So, I added these things to environment.rb, giving me: class Net::HTTP def cert OpenSSL::X509::Certificate.new(File.read(RAILS_ROOT + "/config/certs/client_signed.pem")) end...

...some PHP scripts where I set a connect timeout using streams. Example using https, but should be easily adaptable to non-s http.: $pbxsh_bin = @file_get_contents("https://blah.blah.blah", FALSE, @stream_context_create(array('https' => array('timeout' => 5, "verify_peer"=>false, "verify_peer_name"=>false)))); On 09/14/2018 01:40 PM, Carlos Chavez wrote: > On 9/13/2018 8:04 PM, Patrick Wakano wrote: > >> Hello list, >> Hope you all doing  well! >> >> Recently, I had an issue with a FastAGI PHP script, which under...

Hi, I have set up a mail server with postfix+dovecot 2.2.13 on my raspberry pi running Raspbian Jassie OS. Now I would like to add an on-line e-mail client like Squirrelmail or Roundcube. I was able to start up these two clients but when I try to login I get this error message in the dovecot log: tlsv1 alert unknown ca: SSL alert number 48 But I have inserted the self-signed certificate and

...ing streams. >> >> Example using https, but should be easily adaptable to non-s http.: >> >> $pbxsh_bin = @file_get_contents("https://blah.blah.blah", FALSE, >> @stream_context_create(array('https' => array('timeout' => 5, >> "verify_peer"=>false, "verify_peer_name"=>false)))); >> >> On 09/14/2018 01:40 PM, Carlos Chavez wrote: >> > On 9/13/2018 8:04 PM, Patrick Wakano wrote: >> > >> >> Hello list, >> >> Hope you all doing well! >> >> >> &g...

hi, i have a certificate file in pem format. i need to read the pem file. Need help on how to read the certificate in ruby on rails Thanks -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to

Dear all, I see this error message in my *masterhttp.log* repeatedly: ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 > read client certificate A: tlsv1 alert unknown ca > I saw a similar mail in the list but there was no definitive answer to that post. Does anyone know what am I missing here? I do understand what *unknown ca* means but I can''t think

...L.SSLv3_METHOD) # SSLv3 only + #ctx = SSL.Context(SSL.SSLv3_METHOD) # SSLv3 only + ctx = SSL.Context(SSL.TLSv1_METHOD) # TLSv1 only ctx.use_certificate_file(key_and_cert) ctx.use_privatekey_file(key_and_cert) ctx.load_client_ca(ca_cert) @@ -45,7 +46,8 @@ verify = SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT ctx.set_verify(verify, our_verify) ctx.set_verify_depth(10) - - ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1) + #ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1) + ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1 | SSL.OP_NO_SSLv3) r...

...PS)_on_a_Samba_AD_DC That's the strange part. I have set up using TLS certificate (Lets Encrypt) as recommended in guide. When I do # ldbsearch -U Administrator --password='[password]' -H ldaps://dc.ad-lan.com:636 I get TLS ../source4/lib/tls/tls_tstream.c:1609 - check failed for verify_peer[ca_only] and peer_name[dc.ad-lan.com] status 0x42 (invalid signer_not_found ) Failed to connect to ldap URL 'ldaps://dc.ad-lan.com:636' - LDAP client internal error: NT_STATUS_INVALID_PARAMETER Failed to connect to 'ldaps://dc.ad-lan.com:636' with backend 'ldaps': LDAP cl...

...L.SSLv3_METHOD) # SSLv3 only + #ctx = SSL.Context(SSL.SSLv3_METHOD) # SSLv3 only + ctx = SSL.Context(SSL.TLSv1_METHOD) # TLSv1 only ctx.use_certificate_file(key_and_cert) ctx.use_privatekey_file(key_and_cert) ctx.load_client_ca(ca_cert) @@ -45,7 +46,8 @@ verify = SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT ctx.set_verify(verify, our_verify) ctx.set_verify_depth(10) - - ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1) + #ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1) + ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1 | SSL.OP_NO_SSLv3) r...

...d QuickCert to generate leys and loaded them into my public directory of my web server. That code looked like this: ******************************************************************* def hello opts = {} opts[''protocol.http.ssl_config.verify_mode''] = ''OpenSSL::SSL::VERIFY_PEER'' opts[''protocol.http.ssl_config.client_cert''] = ''public/healeyt/cert_healeyt.pem'' opts[''protocol.http.ssl_config.client_key''] = ''public/healeyt/healeyt_keypair.pem'' opts[''protocol.http.ssl_config.ca_fi...

Hello list, Hope you all doing well! Recently, I had an issue with a FastAGI PHP script, which under some specific situation would run into an infinity loop, consuming all CPU resources. This also was preventing Asterisk to terminated the call properly because it was waiting for the AGI to return... The application uses AGIspeedy to process the AGI calls, not sure if this can be affecting this

Also: -H ldap://10.100.0.4 should probably be ldaps://URI You can potentially this in smb.conf, but that is definitely not recommended. https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC Kris Lou klou at themusiclink.net On Wed, Sep 5, 2018 at 2:10 AM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Wed, 05 Sep 2018 15:46:04 +0700

...ed $config['managesieve_usetls'] = false; // Connection scket context options // See http://php.net/manual/en/context.ssl.php // The example below enables server certificate validation //$config['managesieve_conn_options'] = array( // 'ssl' => array( // 'verify_peer' => true, // 'verify_depth' => 3, // 'cafile' => '/etc/openssl/certs/ca.crt', // ), // ); $config['managesieve_conn_options'] = null; // default contents of filters script (eg. default spam filter) $config['managesieve_default']...

...set it for getting data http = Net::HTTP.new(uri.host, uri.port) request = Net::HTTP::Get.new(uri.request_uri, header) http.use_ssl = true if uri.scheme == ''https'' # Enable ssl verification to ensure we are talking to the correct people http.verify_mode = OpenSSL::SSL::VERIFY_PEER # Cert Auth: # Set certificate paths # puppet certificate authority file if File.readable?(sslcafile) then # Puppet ca file http.ca_file = sslcafile puts "readable? " + sslprivdir + ''/'' + hostname + ''.pem'' if $debug if File.rea...

...sted but then not found: Unable to enumerate members for > alias, (-1073741487,The specified local group does not exist.) > Exporting users > Skipping wellknown rid=500 (for username=root) > Next rid = 13001 > > Program received signal SIGSEGV, Segmentation fault. > lpcfg_tls_verify_peer (lp_ctx=0x0) at default/lib/param/param_functions.c:352 > 352 FN_GLOBAL_INTEGER(tls_verify_peer, tls_verify_peer) > (gdb) OK, so here's the full backtrace again. Not sure if I have all the debugging symbols in place, though. # gdb --args python /usr/bin/samba-tool domain classicupgr...

On Fri, 2017-02-17 at 07:48 +1100, Tom Robinson via samba wrote: > Anyone? Can you please post a gdb backtrace --full? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 862 bytes Desc: This is a digitally signed message part URL: