similar to: tlsv1 alert unknown ca

I have an application i''m installing on my application server. I''ve been using WEBrick and for now i''d like to just keep using it working in prototype development mode. This works fine on my development machine using both http and https, where the host is ''localhost'' (ports 3000,3001). It also works fine on the application server http port 3000. The

I have a simple Intranet app I want to make accessible via the Internet for remote access by our employees. I want to use ssl (https) connections and I''ve found enough messages to imply Webrick as included in rails can do the job. The message at http://wrath.rubyonrails.org/pipermail/rails/2005-January/001993.html even appears to tell me exactly how to do it by modifying

All, I would like to test some secure pages that I''m developing in my WEBrick-based development environment. I''ve done some research and it appears that I need to create a new command that will start a HTTPS based WEBrick server. Is this correct? Also, it appears that the https.rb module is not included with the WEBrick bundled in Rails. So, I will need to go get that

Hi! I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm supplied by yum.puppetlabs.com. I''ve setup a apache2 vhost with mod_ssl and passenger. The server is configured to autosign the cert requests. The agent installed on the puppetmaster''s server works fine. I''ve a second agent on a server which can sync with the server too. This

Hi all. Usually for in-house use and SSL I would just generate a self-signed certificate because most clients either ignore it or only ask the first time the account is configured. In terms of offering the service to our customers is there any value of getting someone like thawte or instantssl to sign a certificate for imaps/pop3s/smtp? Also, is there a configuration directive for dovecot

I am attempting to setup SSL/TLS support on my openLDAP 2.4 server on FreeBSD. LBSD2# pkg_info | grep openldap openldap-sasl-client-2.4.23 Open source LDAP client implementation with SASL2 support openldap-sasl-server-2.4.23 Open source LDAP server implementation I put my cert file, key file and CA certfile in a directory called /usr/local/etc/openldap/cacerts Here's how it looks: [root at

Morning all Am in the process of testing a migration of Puppet 3 from webrick to Puppet. Have found the foreman modules (https://github.com/theforeman) which seems to take care of a lot of the leg-work... However having got Puppet running with Passenger in Apache, whenever trying to access the Puppet master from a client, I was getting a ''403 Forbidden error''. Have dug

Hi all, following http://reductivelabs.com/trac/puppet/wiki/UsingMongrel it says that hostkey/cert must be owned by puppet:puppet. I tried to keep original path (and also owner) of both files and seems to puppet still works... what problems could it cause to my conf? # grep lib mongrel.conf SSLCertificateFile /var/lib/puppet/ssl/certs/gridinstall.pic.es.pem SSLCertificateKeyFile

I was trying to do a fresh install of puppet. I have officially entered puppet SSL hell again. Nov 20 14:45:20 mon01 puppetd[5597]: Reopening log files Nov 20 14:45:20 mon01 puppetd[5597]: Starting Puppet client version 0.24.8 Nov 20 14:45:21 mon01 puppetd[5597]: Could not retrieve catalog: Certificates were not trusted: tlsv1 alert decrypt error Solution? I''ve cleared the

> Jan 28 22:42:44 dovecot: imap-login: Disconnected (no auth attempts in 0 > secs): user=<>, rip=192.168.1.16, lip=192.168.1.3, TLS: SSL_read() > failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown > ca: SSL alert number 48, session= > ... > # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> > ssl = yes > ssl_cert =

The version of Roundcube I am using is 0.9.5+dfsg1-4.1

I read this on the RHN commentary respecting cve-2014-3566: https://securityblog.redhat.com/2014/10/15/poodle-a-ssl3-vulnerability-cve-2014-3566/: . . . The first aspect of POODLE, the SSL 3.0 protocol vulnerability, has already been fixed through iterative protocol improvements, leading to the current TLS version, 1.2. It is simply not possible to address this in the context of the SSL 3.0

Hi, I have set up a mail server with postfix+dovecot 2.2.13 on my raspberry pi running Raspbian Jassie OS. Now I would like to add an on-line e-mail client like Squirrelmail or Roundcube. I was able to start up these two clients but when I try to login I get this error message in the dovecot log: tlsv1 alert unknown ca: SSL alert number 48 But I have inserted the self-signed certificate and

Hello, all. After many pages of googling and testing in the lab, I'm still a bit perplexed about how to implement tls protection for the asterisk manager. manager.conf allows one to specify the cert file but one normally must also specify the private key file. If I simply enter the cert file: sslenable=yes sslbindport=5038 sslbindaddr=172.x.x.8 sslcert=/etc/pki/tls/certs/pbxc.pem ; path

I've tried to install the new version of Roundcube but I've got an error message: Unpacking roundcube (1.1.5+dfsg.1-1~bpo8+1) ... Errors were encountered while processing: /var/cache/apt/archives/roundcube-core_1.1.5+dfsg.1-1~bpo8+1_all.deb E: Sub-process /usr/bin/dpkg returned an error code (1) If anybody can give me instructions on how to correct this, perhaps I should

Hello All, I don''t seem to be able to get reports to display on the foreman interface. I copied extras/puppet/foreman/files/foreman-report.rb to / usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ Passenger, Puppet 0.25.4. The reports are coming from the clients, because I can see them in

Hi, ppl I dont know what to do. I configure a new client do sync with my server. the server accept de client_cert without errors and then when i run the "puppet agent -t" agaion i got this error output info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server

Hi, I''m currently trying to debug a performance issue I''m having. Therefore I would need "DEBUG" output. When using one puppetmaster process, this is fairly easy by starting it like this: > puppet master --no-daemonize --debug Now I need to see this debug output when running puppetmaster the way I ususally do - using Apache/Rack/Passenger. After looking

Hi all, I have experience using puppet, however I am new to setting puppet up as it was already done for me in past environments. I am running into an issue while trying to set puppet up for the first time on RHEL 6.4. I was hoping y''all might be able to help me! I get the following error from the puppet client''s /var/log/messages log: May 30 07:06:30 pclient

Apache was working with self signed certificate. We changed the ssl.conf file to read certicates from godaddy and it it failed to restart because of incorrecrt parphrase. bash-3.2# /sbin/service httpd restart Stopping httpd: [ OK ] Starting httpd: Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog) Some of your private key files are encrypted for