similar to: SSL Bug

On Mon, 18 Apr 2016, david wrote: > FOLLOWUP & REPORT > > I had lots of suggestions, and the most persuasive was to try > OpenVPN. I already had a CA working, so issuing certificates was > easy. The HOW-TO guides were less helpful than I could hope, but > comparing several of them, applying common sense, and trying things > out, I arrived at a dead-end. Here's

On Tue, 19 Apr 2016, david wrote: > > > > At 09:09 AM 4/18/2016, you wrote: >> On Mon, 18 Apr 2016, david wrote: >> >> > FOLLOWUP & REPORT >> > >> > I had lots of suggestions, and the most persuasive was to try OpenVPN. I >> > already had a CA working, so issuing certificates was easy. The HOW-TO >> > guides were less

At 09:09 AM 4/18/2016, you wrote: >On Mon, 18 Apr 2016, david wrote: > >>FOLLOWUP & REPORT >> >>I had lots of suggestions, and the most persuasive was to try >>OpenVPN. I already had a CA working, so issuing certificates was >>easy. The HOW-TO guides were less helpful than I could hope, but >>comparing several of them, applying common sense, and

> > >Folks > >I would like to have my windows 7 laptop communicate with my home >server via a VPN, in such a way that it appears to be "inside" my >home network. It should not only let me appear to be at home for >any external query, but also let me access my computers inside my home. > >I already have this working using M$'s PPTP using my home

Today I've been trying to get dovecot (1.0 rc2) to use certificates for client side authentication. If my memory serves right, beta8 had no problems with it (although it was some time ago and on different machine). Similar setup works perfectly well for postfix (for authentication that is, on the same machine). Originally I thought I overdid some certificate settings (keyUsage, nsCertType,

Hi, I followed the TLS/SRTP tutorial on the wiki [0] using Asterisk 11.8.1 on CentOS 6.5 x86_64 and CSipSimple on a Nexus with Android 4.4.x local wifi. The phone seems to register but directly after that things fall apart (turning SELinux off made no difference): *CLI> -- Registered SIP 'encrypted' at 10.0.0.137:58079 > Saved useragent

This (very quick) patch allows you to connect with the commercial ssh.com windows client and use x509 certs for hostkeys. You have to import your CA cert (ca.crt) in the windows client and certify your hostkey: $ cat << 'EOF' > x509v3.cnf CERTPATHLEN = 1 CERTUSAGE = digitalSignature,keyCertSign CERTIP = 0.0.0.0 [x509v3_CA]

Hi All, I am using "asterisk-11.12.0" version and I am trying to setup secure call (TLS + SRTP) between two extensions and while making a call, I got following error *CLI> == Using SIP RTP CoS mark 5 -- Executing [6004 at from-office:1] Dial("SIP/6003-00000000", "SIP/6004,20") in new stack == Using SIP RTP CoS mark 5 -- Called SIP/6004 SSL certificate

Hi Guys, After some moths the server has been running in SELinux Permesive mode ... Some avc: denied messages has been recored ... I thought it was time to go to the next step and set SELinux Enforcing mode in the server ... it is a mail(postfix+cyrus+sasl), web, snmp with mrtg, squid sever with a local TLS configured for webmail access ... I took a look to the Deployment Guide about how to do

Hello Samba Dancers, I tried to do function level upgrade on my testing instalation of samba. Finished upgrade from 4.18 to 4.20. I put ad dc functional level = 2016 line to smb.conf, restarted samba. But command samba-tool domain schemaupgrade --schema=2019 ends with error. Could I ask you check my progress or find solution? samba-tool domain schemaupgrade --schema=2019 Temporarily overriding

Everyone, I have been working on a new installation of CentOS 5.0 on a x86_64 machine. The installation has gone well except for httpd. When I start httpd with LogLevel turned to debug all I get is an immediate failure with the following errors the logs: /var/log/httpd/error_log: [Sun Jul 22 13:00:31 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) /var/log/ssl_error.log:

Hello, After countless hours on, this I found the root cause of HTTPS settings on Debian Buster. All this came from ast_tls_cert script using 1024 bits-long keys where Debian's defaut was to require at least 2048-long keys ! Simply passing -b 2048 to ast_tls_cert solved it. 1. May I suggest mentioning explicitly this possibility in wiki page [1] ? 2. What would you say of adding an extra

Hello, Le lun. 6 janv. 2020 à 19:01, Olivier <oza.4h07 at gmail.com> a écrit : > May I add I could successfully (if pjsip show transports has any meaning) > add a PJSIP TLS-transport with: > > [transport-tls] > type=transport > protocol=tls > bind=0.0.0.0:5061 > cert_file=/etc/asterisk/keys/asterisk.crt > priv_key_file=/etc/asterisk/keys/asterisk.key >

Hello I will try give you best answer what I can. - alma linux 9, fresh installation, for testing only in virtualbox - packages from Sernet, installad via YUM from oficial repo - installed version 4.18 (same on original linux) - moved backup from original server, /var/lib/samba + /etc/krb, /etc/default/samba, /etc/samba - original domain created if I remember on 4.15 or 4.16, then schema

Thanks for getting back to me. Sadly I've not had the time today to attempt the reproduction. Can you, just to save me time, double-check if this happens on a server with the Samba 4.20 being a just from-our-tarball Samba and show the logs that gives? Thanks, Andrew Bartlett On Wed, 2024-04-10 at 10:04 +0000, Tom?? Havl?n via samba wrote: > HelloI will try give you best answer what I can.

Hello All, I'm having issues joining some Ubuntu servers to an Active Directory domain with trusts. All my machines are running samba and winbind. I have a two domains, we'll call them CORPORATE and CUSTOMER. CUSTOMER has a one way trust with CORPORATE, such that any resources CUSTOMER can access, CORPORATE can as well, but not vice-versa. On all of my CORPORATE machines, users are

Thanks, that looks like success to me. Perhaps mail SerNet and let them know? Andrew Bartlett On Thu, 2024-04-11 at 08:51 +0000, Tom?? Havl?n via samba wrote: > Hello,please check my progress > I did it on the same virtual Centos 9 to avoid posibilities of > differencies between original and new installed linux- backup > /var/lib/samba storage- uninstalled sernet-samba- installed samba

Hello, please check my progress I did it on the same virtual Centos 9 to avoid posibilities of differencies between original and new installed linux - backup /var/lib/samba storage - uninstalled sernet-samba - installed samba 4.20.0 from tar source code - location default /usr/local/samba - replaced files from /var/lib/samba to /usr/local/samba (to right location) - started samba - done -

Folks I would like to have my windows 7 laptop communicate with my home server via a VPN, in such a way that it appears to be "inside" my home network. It should not only let me appear to be at home for any external query, but also let me access my computers inside my home. I already have this working using M$'s PPTP using my home Centos 6 gateway/router as the PoPToP server.

Hi folks, I've ran into an interesting issue when I was trying to set up Winbind client to use smart card for authentication. >From what I was able to gather, Winbind doesn't support smart card auth. To my surprise, I was able to authenticate without pam_pkcs11 or pam_krb5 in my PAM stack, using only pam_winbind, after I've added config like this into /etc/krb5.conf: ```