similar to: ssl_require_crl does not work as expected

Displaying 20 results from an estimated 200 matches similar to: "ssl_require_crl does not work as expected"

2015 Feb 11
2
[PATCH] Fix for client certificate validation does not work
Hi all, As I reported earlier (with a typo in the work [BUG]) client certification validation *does not* work even if you do everything exactly according to all documentation and attempts at helpful advice. I have seen this issue with both startssl.com and self-signed certificates, and based on what I've seen from searching the web, this is a problem that has gotten little attention because
2006 Jun 01
1
ssl-proxy: client certificates and crl check
Skipped content of type multipart/alternative-------------- next part -------------- --- ssl-proxy-openssl.c.orig 2006-04-04 10:32:58.000000000 +0200 +++ ssl-proxy-openssl.c 2006-06-01 09:24:57.000000000 +0200 @@ -498,7 +498,7 @@ const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy) { X509 *x509; - char buf[1024]; + char buf[256]; const char *name; if
2012 Nov 10
4
imap-login hanging when firewall blocks ssl handshaking
imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little
2012 Dec 06
0
dovecot Digest, Vol 116, Issue 11
On December 5, 2012 2:07:14 AM PST, Ben Morrow <ben at morrow.me.uk> wrote: > At 1AM -0800 on 5/12/12 Erik A Johnson wrote: >> FYI, the tcpdump I sent previously was with one of our >> previously-discussed patches in place: >> >> if (!proxy->client_proxy && net_geterror(proxy->fd_ssl) == EBADF) { >> >> I'm attaching that dump
2007 Feb 07
3
How to use apps and DLLs from XP partition?
I have a Dell Latitude D600 with Windows XPsp2 on the first partition and Ubuntu Feisty (Linux kernel 2.6.20) with Wine 0.9.30 on the second partition, set up to dual-boot. The XP share is NTFS and mounted read-only for Linux. What I want to do is run my Windows apps from the XP partition under Wine, because I really hate using Windows. A lot of the apps seem to ask for DLLs they can't find.
2008 Dec 31
4
problems with games
I've bought my 12 yr old son a used laptop (Dell Latitude D600) and convinced him to use a version of linux unstead of Windows. The laptop came with PCLinuxOS release 2007. He really wants to be able to run some of his games, so I used the Synaptic Package Manager to install Wine. The version available for PCLinuxOS was Wine 0.9.58. So far I've tried two games, and I've struck out
2004 Mar 22
2
samba with vmware
Hi, I just installed Red Hat 9 on a Dell Latitude D600 laptop. Then I installed VMware 4 and installed Windows XP as the guest operating system. I want to run Samba on the Red Hat 9 host to share files with the Windows XP guest. Each OS individually is running fine. I compiled Samba 3.0.2 on the Red Hat host, but I can't start Samba. I try starting it with "/usr/sbin/smbd -D",
2016 Nov 22
3
New laptop recomendation
On 11/22/2016 1:14 PM, wwp wrote: > D800 series (810, etc.), E6500 series (E6500, E6530, etc.), at least. D series are 10 years or more old. ancient in laptop terms. I had a D600 for a long time (new in 2003). The E6x00, '10, '20, and '30 are also fairly old (2008, 2010, 2011, and 2012, respectively). The current models branded like Latitude 15 5000, 14 7000, etc, are in
2005 Apr 07
4
MSSql Connections cannot be established
Hi All, I''m using shorewall on my laptop(2 NIC) to connect my desktop to the Internal LAN. For some reason, MS''s SQL query analyser is not able to connect to the SQL server. I alway get the "Server does not exist" I even tried to connect to it using IP address rather than netbios name and it still doesn''t work. All of the access is fine. (eg: WEB/ping etc)
2004 Apr 27
1
Problem with CVS prune on samba shares?
Platform: Dell Latitude D600 laptop, Pentium M debian sarge (testing/unstable) samba 3.0.2a-1 VMWare Workstation 4.5.1-7568 w/XP Professional I'm running XP under VMWare. The directory I'm working on, is actually a network share exported by samba from the linux host. The reason is that I don't wish to fill up my disk with VMWare virtual disk images. Performancewise this
2016 Nov 23
0
New laptop recomendation
On Tuesday 22 November 2016 21:49:52 John R Pierce wrote: > On 11/22/2016 1:14 PM, wwp wrote: > > D800 series (810, etc.), E6500 series (E6500, E6530, etc.), at > > least. > > D series are 10 years or more old. ancient in laptop terms. I > had a D600 for a long time (new in 2003). > > The E6x00, '10, '20, and '30 are also fairly old (2008, 2010,
2007 Aug 09
0
False hangups with TDM400P and Kewlstart
Hello all! I have tried and tried to resolve this one to no avail. Hopefully one of you can help... The system in question is a Compaq Evo D600 (iirc) business desktop, with a 1.4GHz Pentium 4 and 512mb of RAM, running a stock install of PoundKey 1.2. It has two Digium cards installed: a TDM400P with four FXO modules, and a TE110P hooked to a Carrier Access Adit 600 which serves 8
2004 Dec 24
4
Ingress and Classifier & netfilter
Hi all, Whenever I start up TC and implement traffic policing using ingress, I get logs that goes something like this: Classifier actions preferred over ingress. What does that mean?? This are the relevent lines : tc qdisc add dev $DEV handle ffff: ingress tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
2006 Jul 07
2
Authentication by certificats (a bug or my misconfiguration)
Today I've been trying to get dovecot (1.0 rc2) to use certificates for client side authentication. If my memory serves right, beta8 had no problems with it (although it was some time ago and on different machine). Similar setup works perfectly well for postfix (for authentication that is, on the same machine). Originally I thought I overdid some certificate settings (keyUsage, nsCertType,
2004 Jul 09
1
RED/GRED implementation for InBound Traffic Control (from ISP)
Hi all, Can anyone show me pointers on how to get this implemented on a Linux box with tc rules? I also want to know, just how efficient is this Algorithm. AFAIK, inbound traffic control can''t really be achieved without losing bandwidth. In some of the howtos'' I''ve read, one guy had to limit his downspeed to 1/2 his bandwidth to actually control it. And he was saying
2015 Feb 17
0
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
On 2015/2/16 16:28, Jochen Bern wrote: > On 02/16/2015 04:23 PM, Reindl Harald wrote: >>> "The CA file should contain the certificate(s) followed by the >>> matching CRL(s). Note that the CRLs are required to exist. For a >>> multi-level CA place the certificates in this order: >>> >>> Issuing CA cert >>> Issuing CA CRL
2015 Feb 16
1
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
Thanks for the note. I had never seen anything in the postfix and apache documentation that the CRLs could be intermingled with the CRTs in the CRT file. The documentation for those programs suggests putting the CRLs in a separate file (e.g. apache SSLCARevocationFile) or doesn't talk about putting CRLs in with the certs (e.g. postfix smtpd_tls_cert_file). If it works to put them all in one
2015 Feb 16
2
/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
Why not /etc/dovecot/private? That's where I put my dovecot certs. Dovecot's needs are a bit different from other software, and so it is unclear whether the files won't be unique to it. For example, I haven't seen the following before I read it on the Dovecot wiki: "The CA file should contain the certificate(s) followed by the matching CRL(s). Note that the CRLs are required
2008 Aug 18
3
Samba 3.0.x access rights issue with secondary groups or Unix rights
Hi experts I have a trouble in access rights I am running Samba 3.0.31 on Solaris 10 x86 64 bits as member server of an Active Directory 2003 R2 domain (MYDOMAIN) using Identity Management for Unix I set rights to access a sub folder of a Samba share. On Solaris the user "toto" jdoe can write a new file. From Windows, the same user can't. Itlooks like OK when the primary group
2003 Jan 30
0
X.509 certificates support in OpenSSH - version f is ready
Hi all, I have pleasure to announce new version f of "X.509 certificates support in OpenSSH" Please to update your bookmarks/favorites with new location: http://roumenpetrov.info/openssh Old location is available too: http://satva.skalasoft.com/~rumen/openssh What's new: * support "Certificate Revocation Lists" (CRLs) * ssh-keyscan can show hostkey with