similar to: tls

We have the requirement to provide SSL on some IP addresses, but not others on our servers. Providing SSL is the easy part and we're able to use multiple SSL certificates now. (thanks Timo!) All is working ok, but we several IP hosts that do not require SSL and do not have valid certificates. While we can limit access via a firewall ACL to TLS connect ports (993/995) we can't do so on

On Tue, 1 Jan 2019 10:35:17 -0800 Gregory Sloop via samba <samba at lists.samba.org> wrote: > I'm working to put up a production FeeeNAS box tied to Samba/AD for > authentication for users connecting to the FreeNAS share(s). In > joining FreeNAS to the AD domain, one immediately runs into > "problems" with TLS/encryption. I do not know why, by default you will be

On Thu, 14 Jun 2018, Patrick Begou wrote: > Hi, > > I'm facing a problem with setting up LDAP+TLS client authentication in a > kickstart script on CentOS7 for several days. > > Setting up manualy the config with system-config-authentication works but I > need to automate this in kickstart for deploying cluster nodes. > This show that the server side is running fine.

RPvs> On Tue, 1 Jan 2019 10:35:17 -0800 RPvs> Gregory Sloop via samba <samba at lists.samba.org> wrote: >> I'm working to put up a production FeeeNAS box tied to Samba/AD for >> authentication for users connecting to the FreeNAS share(s). In >> joining FreeNAS to the AD domain, one immediately runs into >> "problems" with TLS/encryption. RPvs>

Hi, I want to dovecot connect to openldap with ssl/tls, and got error. When without tls/ssl, it works ok. from /var/log/maillog got: Sep 24 05:38:03 mail dovecot: auth: Error: LDAP: ldap_start_tls_s() failed: Connect error Sep 24 05:38:03 mail dovecot: auth: Error: LDAP: ldap_start_tls_s() failed: Can't contact LDAP server Sep 24 05:38:03 mail dovecot: auth: Error: LDAP:

Hello all, lately i am facing problems with Certification Authorities. I have used centos script /etc/pki/tls/misc/CA my own certificate authority. In next steps i am generating requests for certificates to services such as LDAP,NNRPD and lately signing requests with CA. My approach is to import my own CA into Windows Vista OS as root CA and trusted, to avoid messages in clients such as

I'm running Ubuntu 10.04, recently upgraded. My dovecot version is 1.2.9. My SSL/TLS authentication with dovecot from non-local IP's has stopped working, and I can no longer access my mail securely. I have changed all entries to refer to my server as "host". I am the only user, and am OK with the a self-signed cert. When I try to connect using Thunderbird, the certificate

This issue is peripherally related to the following thread Re: [Dovecot] client certs with godaddy ssl cert This is running on CentOS 5.2 with latest Atrpms for Dovecot as of this weekend. # rpm -qa | grep dovecot dovecot-sieve-1.1.5-8.el5 dovecot-1.1.4-0_81.el5 With assistance from Rainer Frey (Inxmail GmbH), I am able to successfully use client ssl certs for imap access on both my Nokia

I'm working to put up a production FeeeNAS box tied to Samba/AD for authentication for users connecting to the FreeNAS share(s). In joining FreeNAS to the AD domain, one immediately runs into "problems" with TLS/encryption. Samba, in the defaults requires TLS. I could disable TLS security in Samba, but that's probably not a great idea. So, I'll need a key/cert for the

On 11.01.2018 13:20, Hauke Fath wrote: >/On Thu, 11 Jan 2018 12:20:45 +0200, Aki Tuomi wrote: />>/Was the certificate path bundled in the server certificate? />/No, as a separate file, provided from the local (intermediate) CA: />//>/ssl_cert = </etc/openssl/certs/server.cert />/ssl_key = </etc/openssl/private/server.key />/ssl_ca =

Hello, all. After many pages of googling and testing in the lab, I'm still a bit perplexed about how to implement tls protection for the asterisk manager. manager.conf allows one to specify the cert file but one normally must also specify the private key file. If I simply enter the cert file: sslenable=yes sslbindport=5038 sslbindaddr=172.x.x.8 sslcert=/etc/pki/tls/certs/pbxc.pem ; path

May I add I could successfully (if pjsip show transports has any meaning) add a PJSIP TLS-transport with: [transport-tls] type=transport protocol=tls bind=0.0.0.0:5061 cert_file=/etc/asterisk/keys/asterisk.crt priv_key_file=/etc/asterisk/keys/asterisk.key method=tlsv1 Le lun. 6 janv. 2020 à 18:33, Olivier <oza.4h07 at gmail.com> a écrit : > Hello, > > On a newly re-installed

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hi, i've built dovecot latest cvs on OSX 10.4.7. i'm making a 1st attempt @ trying/failing to get TLS operation up-n-running ... my install's OK: Install prefix ...................... : /usr/local/dovecot File offsets ........................ : 64bit I/O loop method ..................... : poll File change notification method

Hi, I can no longer connect to Dovecot (IMAP). The connection is terminated by Dovecot after Client Helo. My server: Dovecot 2.3.3 Debian buster/sid Architecture: ppc My problems started in late August after upgrading Dovecot. SSL settings: ssl_dh = </etc/ssl/dh2048.pem ssl_min_protocol = TLSv1.2 ssl_cipher_list =

hi all, i've dovecot TLS working correctly w/ locally generated *RSA* CA cert, domain privkey & self-signed domain cert. to that end, my dovecot.conf includes: ssl_key_file = /var/Security/mail.testdomain.com.privkey.rsa.pem ssl_cert_file = /var/Security/mail.testdomain.com.cert.rsa.pem ssl_ca_file =

After reading about the 2 major SSL (and TLS?) weaknesses discovered this year, I was wondering how it affects asterisk. Does the SIP authentication use TLS - or something that was recently broken? Is there a risk of exposing passwords? Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:06.openssl Security Advisory The FreeBSD Project Topic: OpenSSL timing-based SSL/TLS attack Category: crypto Module: openssl Announced:

Op 25-10-2023 om 17:13 schreef Alex via samba: > And will Samba regenerate it's own server certs from that CA, or do I need > to externally generate & renew them with openssl? > Does anything else need to be done before or after replacing the certs in > Samba? This won't break server/domain trust with domain joined workstations? Anything that server that uses TLS will

The openssl library in Debian unstable (targeting Buster) supports TLS1.2 by default. The library itself supports also TLS1.1 and TLS1.0. If the admin decides to also support TLS1.[01] users he can then enable the lower protocol version in case the users can't update their system. Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> --- src/config/all-settings.c

And will Samba regenerate it's own server certs from that CA, or do I need to externally generate & renew them with openssl? Does anything else need to be done before or after replacing the certs in Samba? This won't break server/domain trust with domain joined workstations? Thanks On Wed, Oct 25, 2023 at 8:08?AM Kees van Vloten via samba < samba at lists.samba.org> wrote: