similar to: Re: POP secure access?? {result}

Since the number of responses to my query was large, Roger has asked me to summarise the information. The summary is listed below Thanks to all the people who bothered to help me out: Alan Mead <adm@ipat.com> Beattie, Jay <JBeattie@accdir.com> Bruce Elrick <bruce.elrick@saltus.ab.ca> Christian Hammers <ch@lathspell.westend.com> David J. M. Karlsen

ssh-keygen already supports importing and exporting ssh keys using various formats. The "-m PEM" which should have been the easiest to be used with various of external application expects PKCS#1 encoded key, while many applications use SubjectPublicKeyInfo encoded key. This change adds SubjectPublicKeyInfo support, to ease integration with applications. Examples: ## convert

If anybody is interested, which they are probably not, here is an improved and more rigorous version of mkcert.sh #! /bin/sh #*****************************************************************************# #| #| file : /root/apps/share/sh/create_dovecot_certificate #| #*---------------------------------------------------------------------------*# BELL="\007"

Hi, I think my problem is related to the way i make my RPMs (i'm newbie at this). Two things: 1) the generated RPMs are only 1,5 kb size. That's inpossible. 2) The rpmbuild -ba zbr.spec indeed installs the software in the building stage. That's odd, isn't it ? Following my signature is an openssl.spec file Any help would be appreciated. Warm regards, M?rio Gamito --

I made a special pair of keys just for Icecast with this command: $ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem I combined the two files like this: $ cat cert.pem key.pem > icecast.pem I placed icecast.pem in /etc/icecast2 and used 'chown icecast2:icecast icecast.pem' to change owner to icecast2:icecast. I also changed its protection to

I would like to use Client certificate verification/authentication. My MTA used this function. I've a problem to make a valid certificate. For my MTA i used : openssl req -new -nodes -x509 -keyout user_key.pem -out user_req.pem -days 365 openssl ca -out user_signed.pem -infiles user_req.pem openssl pkcs12 -in user_signed.pem -inkey user_key.pem -out user.p12 -export -name "user at

Hello there, Anyone have a Howto for me how i can configure dovecot to work with a PostgreSQL Database? (the docs are small), i want to use it with Exim4 and i have a error with SSL "imap-login: Can't load private key file /var/dovecot/ssl/private/imapd.pem: error:0906D06C:PEM routine:PEM_read_bio:no start line" i make my cert with this command (i don't like the included

<!doctype html> <html><head> <meta charset="UTF-8"> </head><body><div>I see. You need to import the cert into thundebird's trusted ca certs.</div><div><br></div><div>Aki</div><blockquote type="cite"><div>On 30/04/2020 21:36 <a

Hello all, What are the instructions for making an SSL cert for Dovecot IMAPS? Two methods have been tried, and work, with Evolution; however generate the following error when Thunderbird tries to connect. Thank you, method 1 : self signed openssl req -newkey rsa:4096 -sha512 -x509 -days 365 -nodes -keyout mykey.key -out mycert.pem method 2 : Let's Encrypt (LE) CA Created with Certbot

Main question: is it safe, to open a port for an openssl server? e.g.: server side - generate a self-signed cert. time openssl req -x509 -nodes -days 365 -newkey rsa:8192 -keyout mycert.pem -out mycert.pem openssl s_server -accept 52310 -cert mycert.pem Is it secure? - it could be DOSed' [DenialofService] or could it be attacked in any way? Are there any iptables rule for restricting

I would expect the public cert to be imported as a "server" not an "auth" The attached image shows that TBird wants an httpS url for a webserver, for the source. Ages ago, I think it prompted for "do you want to trust this new cert" and YES added it (assuming that is the public key) to the server list.? A bit confused by this. <see attached thunderbird

Fellow dove-users, Just a note to say that Dovecot 1.0rc7 is working very well indeed, supplying SPOP3, regular POP3, and TLS/SASL services on FreeBSD 6.1 Production, in conjunction with Postfix 2.3.2. I have authentication methods PAM and passwd in use. Keep the peace(es). -=-=-=-=-=-=-=-=-=-=-=- Bruce Lane, Owner & Head Hardware Heavy, Blue Feather Technologies --

That is good to know. I was working on the wrong assumption, attempting to create a client certificate on the Windows/Thunderbird side. I am using the SSL Certificate that comes with the distribution, so the conclusion is Thunderbird does not trust it. I have this in my notes from ages ago, for generating my own self-signed certificate: % openssl req -x509 -newkey rsa:4096 -sha256 -keyout

Hello, I was following directions at: http://www.sogo.nu/english/support/faq/article/how-to-install-sogo-and-sope-through-yum-1.html to install SOGo on CentOS 5.9 and, noticing that among the dependencies is memcached and rpmforge includes a much more recent version than EPEL, I preferred rpmforge and therefore I set a higher priority for rpmforge repo (see below). [Note: I guess I could have

Hello, I’m new to icecast and I’m trying to setup icecast on Debian 8, with the 2.4.3 version, compiled manually. The thing is I can’t make the ssl part work. I have a listen directive like this : <listen-socket> <port>8483</port> <ssl>1</ssl> </listen-socket> and ssl-certificate :

Hello! I'm still trying to configure samba with SSL. The operating system is Suse Linux 6.4, samba version 2.0.7. Without ssl, it works well. I installed SSLeay and got no error messages. After installing it, I configured samba with ssl option and no error messages. When I tried to test my configuration file with testparm, I have the following: Load smb config files from

i can use "natively" openssl for anonymous chat: # Chat: # server side: openssl req -x509 -nodes -days 365 -newkey rsa:8192 -keyout mycert.pem -out mycert.pem # server side - generate a self-signed cert. openssl s_server -accept 52310 -cert mycert.pem # client side - "127.0.0.1" is the IP of the server openssl s_client -connect 127.0.0.1:52310 1) but how can i set it to

On Wed, Dec 17, 2014 at 11:14 AM, Xinhuan Zheng <xzheng at christianbook.com> wrote: > I have a requirement that I need to use encryption technology to encrypt > very large tar file on a daily basis. The tar file is over 250G size and > those are data backup. Every night the server generated a 250G data backup > and it?s tar?ed into one tarball file. I want to encrypt this big

On 17/12/14 18:54, Leon Fauster wrote: > Am 17.12.2014 um 18:42 schrieb Les Mikesell <lesmikesell at gmail.com>: >> On Wed, Dec 17, 2014 at 11:14 AM, Xinhuan Zheng >> <xzheng at christianbook.com> wrote: >>> I have a requirement that I need to use encryption technology to encrypt >>> very large tar file on a daily basis. The tar file is over 250G size