Displaying 20 results from an estimated 3000 matches similar to: "OpenSSL Advisory affects Exim"
2015 Feb 17
0
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
On 2015/2/16 16:28, Jochen Bern wrote:
> On 02/16/2015 04:23 PM, Reindl Harald wrote:
>>> "The CA file should contain the certificate(s) followed by the
>>> matching CRL(s). Note that the CRLs are required to exist. For a
>>> multi-level CA place the certificates in this order:
>>>
>>> Issuing CA cert
>>> Issuing CA CRL
2013 Apr 07
1
ssl_require_crl does not work as expected
Hi
I'm trying to use dovecot with client certificates. We produce our
certificates with our
on CA and we do NOT use certificate revocation lists.
So I put "ssl_require_crl = no" into 10-ssl.conf. I did not find a solution
neither
in the wiki nor somewhere else, so I finally started to read the source.
My impression is that openssl will always try to use CRLs. If
2015 Feb 16
1
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
Thanks for the note. I had never seen anything in the postfix and apache documentation that the CRLs could be intermingled with the CRTs in the CRT file. The documentation for those programs suggests putting the CRLs in a separate file (e.g. apache SSLCARevocationFile) or doesn't talk about putting CRLs in with the certs (e.g. postfix smtpd_tls_cert_file). If it works to put them all in one
2014 Oct 09
3
Dbox and Exim
The Dovecot wiki [1] doesn't list either Exim, Postfix or anything
else as supporting the dbox. I did some searching in the Exim
archives and have found only one message mentioning dbox, sdbox or
mdbox. [2] I think an RFC would go a long way towards getting the
format supported. Has Timo, or anyone else, considered submitting an
RFC to the IETF?
My question was how are we going to use it
2015 Feb 16
2
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
Why not /etc/dovecot/private? That's where I put my dovecot certs. Dovecot's needs are a bit different from other software, and so it is unclear whether the files won't be unique to it. For example, I haven't seen the following before I read it on the Dovecot wiki:
"The CA file should contain the certificate(s) followed by the matching CRL(s). Note that the CRLs are required
2003 Jan 30
0
X.509 certificates support in OpenSSH - version f is ready
Hi all,
I have pleasure to announce new version f of "X.509 certificates support in OpenSSH"
Please to update your bookmarks/favorites with new location:
http://roumenpetrov.info/openssh
Old location is available too:
http://satva.skalasoft.com/~rumen/openssh
What's new:
* support "Certificate Revocation Lists" (CRLs)
* ssh-keyscan can show hostkey with
2019 Jun 16
0
Self-signed TLS client certificates
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 16 June 2019 15:47 Marvin Gülker via dovecot <
<a href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>> wrote:
</div>
2019 Jun 16
2
Self-signed TLS client certificates
Dear List,
I self-host my e-mail and run Dovecot since ever I do that. Dovecot
version is 2.3.4.1 (f79e8e7e4), running on Debian testing.
Now I am trying to configure Dovecot for client TLS certificates. I have
a self-signed certificate whose private key resides on a smartcard
(Yubikey, to be exact). I wanted Dovecot to accept that TLS client
certificate instead of a password. So I searched and
2015 Feb 16
0
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
Am 16.02.2015 um 15:53 schrieb dovecot at lists.killian.com:
> Why not /etc/dovecot/private? That's where I put my dovecot certs. Dovecot's needs are a bit different from other software, and so it is unclear whether the files won't be unique to it. For example, I haven't seen the following before I read it on the Dovecot wiki:
>
> "The CA file should contain the
2015 Sep 21
4
Dovecot proxy ignores trusted root certificate store
On Mon, 21 Sep 2015, Edgar Pettijohn wrote:
> doveconf -n?
doveconf -n|grep ssl should suffice:
ssl = required
ssl_ca = </usr/local/share/certs/ca-root-nss.crt
ssl_cert = </path/to/my/file.pem
ssl_key = </path/to/my/file.pem
ssl_require_crl = no
I'm using "ssl_ca = </usr/local/share/certs/ca-root-nss.crt" as a
temporary workaround, even though this is not what
2006 May 06
4
Protectbase Plugin not working?
Alle,
I have installed and enabled (I think) the yum protectbase plugin:
[cwfox at lurker ~]$ rpm -qa | grep -i protectbase
yum-plugin-protectbase-1.1-1.c4
[cwfox at lurker ~]$ cat /etc/yum/pluginconf.d/protectbase.conf
[main]
enabled = 1
[cwfox at lurker ~]$ grep plugin /etc/yum.conf
plugins=1
[cwfox at lurker ~]$ cat /etc/yum.repos.d/CentOS-Base.repo
<SNIP>
[base]
2006 Jul 01
0
activerecord generating wrong syntax with postgresql
I''m using activerecord outside of rails and find_first generates sql
that postgresql doesnt'' like. This is rails 1.1.4, with everything up
to date via "gem update".
This is the command line:
ruby -rrubygems seca -c ../etc/seca.cnf cert --export 1 --format
pkcs12 --key root.key >root.pfx
This is the error:
(PGError: ERROR: argument of WHERE must be type
2015 Sep 22
0
Dovecot proxy ignores trusted root certificate store
On 09/21/2015 05:11 PM, Alex Bulan wrote:
> On Mon, 21 Sep 2015, Edgar Pettijohn wrote:
>
>> doveconf -n?
>
> doveconf -n|grep ssl should suffice:
>
> ssl = required
shouldn't it be:
ssl = yes
I was only aware of the choice of yes or no here, but I could be wrong.
> ssl_ca = </usr/local/share/certs/ca-root-nss.crt
> ssl_cert = </path/to/my/file.pem
>
2011 Sep 22
0
CEBA-2011:0443 CentOS 5 i386 exim Update
CentOS Errata and Bugfix Advisory 2011:0443
Upstream details at : https://rhn.redhat.com/errata/RHBA-2011-0443.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
i386:
c5b982d2a23d6d662caa7e8e6fa49572 exim-4.63-10.el5.i386.rpm
a9d31969698c378793bd125d11e64e24 exim-mon-4.63-10.el5.i386.rpm
e4e8ea181248654909c275232bdfb480
2010 Jul 14
0
CEBA-2010:0522 CentOS 5 x86_64 exim Update
CentOS Errata and Bugfix Advisory 2010:0522
Upstream details at : https://rhn.redhat.com/errata/RHBA-2010-0522.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
x86_64:
9afddfd5ba6a2970bb3b879598c22470 exim-4.63-5.el5_5.1.x86_64.rpm
c46e505349448761a61bcd844fd16660 exim-mon-4.63-5.el5_5.1.x86_64.rpm
2010 Jul 14
0
CEBA-2010:0522 CentOS 5 i386 exim Update
CentOS Errata and Bugfix Advisory 2010:0522
Upstream details at : https://rhn.redhat.com/errata/RHBA-2010-0522.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
i386:
cfbbb839962ea0448d39f47af4e732c9 exim-4.63-5.el5_5.1.i386.rpm
cf1673b7358261d72a2dc38299655b92 exim-mon-4.63-5.el5_5.1.i386.rpm
36c803608bc67c5151d2547b3b19cdc6
2011 Apr 14
0
CESA-2011:0153 Moderate CentOS 5 i386 exim Update
CentOS Errata and Security Advisory 2011:0153 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-0153.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
i386:
3dd283a3b4111978eb741a91691fb892 exim-4.63-5.el5_6.2.i386.rpm
6708092a34aa4f2c6e7e50c25b1b75fa exim-mon-4.63-5.el5_6.2.i386.rpm
2011 Apr 14
0
CESA-2011:0153 Moderate CentOS 5 x86_64 exim Update
CentOS Errata and Security Advisory 2011:0153 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-0153.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
x86_64:
26141ec1eb3f4f3df1bee4b7f010d9eb exim-4.63-5.el5_6.2.x86_64.rpm
173601fe364c919a9ff713d2e420ad26 exim-mon-4.63-5.el5_6.2.x86_64.rpm
2011 Apr 28
0
CEEA-2011:0443 CentOS 5 i386 exim FASTTRACK Update
CentOS Errata and Enhancement Advisory 2011:0443
Upstream details at : http://rhn.redhat.com/errata/RHBA-2011-0443.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
i386:
c54a8e2a9b4f2fc521d5d6c289366d4c exim-4.63-10.el5.i386.rpm
5e1012715ee15bd5e2a63daec56717ea exim-mon-4.63-10.el5.i386.rpm
2c1c675ad2128da3e584207f6fc693f2
2011 Apr 28
0
CEEA-2011:0443 CentOS 5 x86_64 exim FASTTRACK Update
CentOS Errata and Enhancement Advisory 2011:0443
Upstream details at : http://rhn.redhat.com/errata/RHBA-2011-0443.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
x86_64:
850c635829f64b93298895a1157744d2 exim-4.63-10.el5.x86_64.rpm
8ea779508f258ffcb639bdf315fc7af6 exim-mon-4.63-10.el5.x86_64.rpm