similar to: Self-signed certificates

Hello, This may be a really stupid question, but can a gel type marine battery be used in a UPS? Thanks

Hi all , I set up https on CentOS 4.4. I did the below sets of commands, first removed existing files rm /etc/httpd/conf/ssl.key /server.key rm /etc/httpd/conf/ssl.crt/server.crt Next, I created key. Change to the /usr/share/ssl/certs/ directory and type in the following command: make genkey then issued below command, make testcert finaly /sbin/service httpd restart Then I got the

Hello, This is a selfsigned cert. Both of the below methods were used. May I ask for 1. pointer to info setting up "intermediate certs" and where the certfile goes? The objective is to generate a self-signed cert and use it for just internal use with IMAPS dovecot. Separately, what are your thoughts as to why evolution works and thunderbird does not? Thank you, ==1 openssl

I would expect the public cert to be imported as a "server" not an "auth" The attached image shows that TBird wants an httpS url for a webserver, for the source. Ages ago, I think it prompted for "do you want to trust this new cert" and YES added it (assuming that is the public key) to the server list.? A bit confused by this. <see attached thunderbird

Hi, i am trying to setup dovecot over ssl in the last couple days unsuccessfully My notes are from here: http://wiki.dovecot.org/SSL My OpenSSL commands are: mkdir -pv /opt/certificates/dovecot/ cd !$ (just to prevent questions about Common Name) [ebal at myhome:~]? hostname myhome openssl req -new -x509 -nodes -out dovecot.crt -keyout dovecot.key -days 1825 # Country Name (2 letter code)

Recently thunderbird and Dovecot IMAPS cannot agree on SSL however Evolution, on the exact same system, is working fine with the same accounts. Tried recreating the Dovecot cert and also the thunderbird accounts from scratch. The OpenSSL raw client works fine as well. Would someone also confirm the openssl commands to create a selfsigned cert for dovecot imaps. They cert created does work

Hello, I am getting a new computer and am going to need to move the files from the old to the new. What is the best way to do this? Should I install CentOS from scratch on the new computer then move the directories I need? How do I maintain permissions if this is the best way? TIA Eddie

ssh-keygen already supports importing and exporting ssh keys using various formats. The "-m PEM" which should have been the easiest to be used with various of external application expects PKCS#1 encoded key, while many applications use SubjectPublicKeyInfo encoded key. This change adds SubjectPublicKeyInfo support, to ease integration with applications. Examples: ## convert

Hello all, What are the instructions for making an SSL cert for Dovecot IMAPS? Two methods have been tried, and work, with Evolution; however generate the following error when Thunderbird tries to connect. Thank you, method 1 : self signed openssl req -newkey rsa:4096 -sha512 -x509 -days 365 -nodes -keyout mykey.key -out mycert.pem method 2 : Let's Encrypt (LE) CA Created with Certbot

Hello, is Apache 2.2 which is part of the CentOS distribution capable of SNI? I have troubles that are coming from server side (CentOS 6.8, Apache 2.2.15) just did 'yum update' in /etc/httpd/conf/httpd.conf I've the following NameVirtualHost ipaddr:443 Include /etc/httpd/conf/vhosts/vhost-ssldom1-box.conf Include /etc/httpd/conf/vhosts/vhost-ssldom2-box.conf both

Hi all - I am trying to figure out how to add a wild card certificate given to me for a CentOS installation. I have a script that sets up HTTPS so I am a little familiar with things - but they provided me two files: name_ee.crt name_i1.crt I'm not sure how to apply that to the /etc/httpd/conf.d/ssl.conf file? Anyone done that before ? My initial searches were not helpful. Thanks, Jerry

I made a special pair of keys just for Icecast with this command: $ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem I combined the two files like this: $ cat cert.pem key.pem > icecast.pem I placed icecast.pem in /etc/icecast2 and used 'chown icecast2:icecast icecast.pem' to change owner to icecast2:icecast. I also changed its protection to

I thought this worked. Many web pages tell you it works. But bash is ignoring tabs in my here docs. Worst, where there are two tabs, it is functioning as a command expand in bash, where all files in the current directory are listed to complete the command. The following is the here doc I am using. Most likely the tabs will be converted to spaces in this email. But the bottom line is,

That is good to know. I was working on the wrong assumption, attempting to create a client certificate on the Windows/Thunderbird side. I am using the SSL Certificate that comes with the distribution, so the conclusion is Thunderbird does not trust it. I have this in my notes from ages ago, for generating my own self-signed certificate: % openssl req -x509 -newkey rsa:4096 -sha256 -keyout

Hi all, following http://reductivelabs.com/trac/puppet/wiki/UsingMongrel it says that hostkey/cert must be owned by puppet:puppet. I tried to keep original path (and also owner) of both files and seems to puppet still works... what problems could it cause to my conf? # grep lib mongrel.conf SSLCertificateFile /var/lib/puppet/ssl/certs/gridinstall.pic.es.pem SSLCertificateKeyFile

Hello, Does anyone have this working? I have been looking for a couple of hours trying to find docs on how to set this up and so far the only thing I have found is how to enable ssl in vsftpd.conf. TIA

Hello there, Anyone have a Howto for me how i can configure dovecot to work with a PostgreSQL Database? (the docs are small), i want to use it with Exim4 and i have a error with SSL "imap-login: Can't load private key file /var/dovecot/ssl/private/imapd.pem: error:0906D06C:PEM routine:PEM_read_bio:no start line" i make my cert with this command (i don't like the included

Am 17.12.2014 um 18:42 schrieb Les Mikesell <lesmikesell at gmail.com>: > On Wed, Dec 17, 2014 at 11:14 AM, Xinhuan Zheng > <xzheng at christianbook.com> wrote: >> I have a requirement that I need to use encryption technology to encrypt >> very large tar file on a daily basis. The tar file is over 250G size and >> those are data backup. Every night the server

Main question: is it safe, to open a port for an openssl server? e.g.: server side - generate a self-signed cert. time openssl req -x509 -nodes -days 365 -newkey rsa:8192 -keyout mycert.pem -out mycert.pem openssl s_server -accept 52310 -cert mycert.pem Is it secure? - it could be DOSed' [DenialofService] or could it be attacked in any way? Are there any iptables rule for restricting