Displaying 20 results from an estimated 3000 matches similar to: "Issue retrieving new certificate on host after original certificate was revoked"
2010 Apr 21
3
revoked host can't be re-added?
I have a problem I can''t figure out. I was having cert problems with a
host - it seemed to have multiple host names (mot likely from dns
changes in the past) and all the certs were valid. Although it was
giving an error about a cert I could not identify. So I tried:
puppetca --revoke hostname
puppetca --clean hostname
restart puppetmaster
puppetca --list --all
(host does not show up -
2012 Aug 28
8
Unable to generate certificate on Puppet Agent through Master
Hi,
I have a puppet master and agent installed. I want to generate and
configure master-agent certificate and followed the steps:
Master:
==========
1. Cleaned up all certificate on Master:
[root@puppet-server manifests]# puppet cert sign --all
No waiting certificate requests to sign
[root@puppet-server manifests]# puppet cert clean --all
notice: Revoked
2013 Dec 02
1
imap-login hangs after receiving revoked SSL certificate
Good time of the day!
My English is not very good, excuse me if I said something wrong.
I use dovecot-2.1.16 on Gentoo Linux amd64.
I need to setup dovecot (imap and pop3) for SSL and non-SSL connection
simultaneously. For SSL connections client must submit a valid SSL
certificate. Now SSL part of dovecot.conf looks like this:
-----------------
ssl = yes
ssl_cert =
2010 Nov 13
12
certificate verify failed
I am banging my head against the wall for recently built hosts that
are unable to verify the server''s certs. The usual is not working.
on the puppet agent machine:
find /var/lib/puppet/ssl -type f -delete
on puppet master:
puppetca --clean <new_host_cert>
on agent:
puppetd --server puppet --waitforcert 2 --no-daemonize -d -o
on puppet master:
puppetca --sign
2012 Dec 28
1
err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known
Hi,
I am trying to bootstrap a new agent from my master node as below.
puppet node_aws bootstrap \
--region us-east-1 \
--image ami-cc5af9a5 \
--login root \
--keyfile /root/.ssh/private.pem \
--install-script=puppet-enterprise \
--installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \
--installer-answers=/usr/local/puppet/agent.txt \
--keyname icos-client \
--type t1.micro
Node is created
2024 Jan 24
1
[Bug 3659] New: Certificates are ignored when listing revoked items in a (binary) revocation list
https://bugzilla.mindrot.org/show_bug.cgi?id=3659
Bug ID: 3659
Summary: Certificates are ignored when listing revoked items in
a (binary) revocation list
Product: Portable OpenSSH
Version: 9.2p1
Hardware: All
OS: All
Status: NEW
Severity: minor
Priority: P5
2011 Feb 22
4
When running puppetd the cert goes straight up to revoked?
This is the first time is happening... and It happens consecutively
with all the hosts.
Fresh kickstarted host (never set up before the name so its not on the
revocation list), I just run puppetd -tv (we have autosign on), I just
get the output below:
[root@server182 puppet]# puppetd -tv
info: Creating a new SSL key for server182.domain.com
warning: peer certificate won''t be verified in
2018 Sep 06
4
Some wishes regarding revoked keys
Hello.
I am trying to play through the following test scenario about
certificate revocation on Ubuntu 18.04, which has OpenSSH of this version:
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017
1. A CA key is created
ssh-keygen -t ed25519 -f ca
2. The CA public key is added to ~/.ssh/authorized_keys on some server:
cert-authority ssh-ed25519 AAAA...e ca at yoga
3. A user key is created on a
2019 Sep 16
2
revoking ssh-cert.pub with serial revokes also younger certs
Hi Daminan!
Hmmm... thought about a little...
when i use -vvv with ssh-keygen -Qf i see "debug1:..." So i think, debug
is compiled in.
ssh-keygen --help gives me
ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] file ...
so... option -z is not the serial of the certificate, it is the
version-number of the KRL-File...
My openssh-Verision from Debian is
2011 Mar 11
6
failed to retrieve certificate on Amazon EC2
Hi,
I''m using puppet on EC2 to setup my VMs with the following configuration:
# puppetd --version
0.25.5
# uname -a
Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686
i686 i386 GNU/Linux
But I keep facing some timeout from puppetd:
warning: peer certificate won''t be verified in this SSL session
Exiting; failed to retrieve certificate and waitforcert
2020 Aug 28
2
[Bug 3204] New: Enable user-relative revoked keys files
https://bugzilla.mindrot.org/show_bug.cgi?id=3204
Bug ID: 3204
Summary: Enable user-relative revoked keys files
Product: Portable OpenSSH
Version: 8.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2019 Sep 13
2
revoking ssh-cert.pub with serial revokes also younger certs
Hi there!
What am I doing wrong?
I created a ssh-certificate
id_user_rsa-cert.pub with this dump:
id_user_rsa-cert.pub:
root at host # ssh-keygen -Lf id_user_rsa-cert.pub
??????? Type: ssh-rsa-cert-v01 at openssh.com user certificate
??????? Public key: RSA-CERT SHA256:kPitwgxblaUH4viBoFoozSPq9Pblubbedk
??????? Signing CA: ED25519 SHA256:8p2foobarQo3Tfcblubb5+I5cboeckvpnktiHdUs
??????? Key ID:
2008 Nov 19
2
Could not request certificate: Certificate does not match private key
hello,
I''ve just added a new client to an existing configuration but cannot
get it recognised. Both client and server are running 0.24.5,
installed on gentoo linux using portage.
This is what I dis:
Server:
/etc/init.d/puppetmaster start
* Starting
puppetmaster ...
[ ok ]
Client:
puppetd --test
warning: peer certificate won''t be verified in this SSL session
notice: Did not
2011 May 04
2
Puppetmaster revokes just signed certificates
Hi,
I have this problem: when I make a new request and sign the client''s
certificate, then i get a "revoked certificate" error:
err: Could not retrieve catalog from remote server: sslv3 alert certificate
revoked
I am using same version of puppet on master and clients, tried many times,
dates are the same, and cleaned the "ssl" directory.
Can someone help me?
2012 Jul 10
2
err: Could not request certificate: execution expired
Hi Guys,
I am trying to executed sign client to server,
I give the command to client #puppetd --test -d -v
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring
File[/var/lib/puppet/ssl]
debug: Finishing transaction 23595599384520
err: Could not request certificate: execution expired
Exiting; failed to
2012 Mar 13
5
Can't send certificate request
I can''t get a new client working with my puppet master. When I try to run
''puppet agent --test'' on the client, I get
err: Could not request certificate: Connection refused - connect(2)
Exiting; failed to retrieve certificate and waitforcert is disabled
I can''t telnet from the client to the server on port 8140. There are no
firewalls between the 2 servers.
2008 Dec 10
3
Speex on Nokia Symbian S60 phones
Quoting "Fabio Pietrosanti (naif)" <lists at infosecurity.ch>:
> Speex it's too cpu expensive for general S60 usage, it would require a
> lot of ASM optimization.
Did a quick search and saw ARM CPUs with speeds above 100 MHz. That should
actually be enough for Speex, at least for narrowband.
> If you are using CSD, like for a secure telephony solution
>
2011 Apr 18
4
Certificate request does not match existing certificate
Hello there,
I have a problem while I''m trying to puppetize a client, I get this
error:
err: Could not request certificate: Certificate retrieval failed:
Certificate request does not match existing certificate; run ''puppetca
--clean puppetclienttest.sl.ss''.
I checked
-Shutdown puppet on client/server side, delete ssl/ dir to regenerate
certificate.
-Be sure that the
2011 Mar 24
3
err: Could not retrieve catalog from remote server: certificate verify failed
So set up new node, ran on the client
puppetd --server puppetmaster --waitforcert 60 --test
on the puppetmaster itself I ran
puppetca --list
saw the hostname
and then ran:
puppetca --sign hostname.domain.com
and on the puppet node itself I went back and ran puppetd -tv
and get the following error:
err: Could not retrieve catalog from remote server: certificate verify failed
warning: Not
2008 Dec 10
1
Speex on Nokia Symbian S60 phones
It would be very nice to know about some good success without too much
cpu issues on Nokia devices, i tried pjsip.org project on S60 FP1 E65
+200mhz ARM cpu with speex but don't had much luck in using it without
having 100% cpu usage :(
Please let us to know about your testing
E65 CPU: http://www.nokia-tuning.net/index.php?s=processor
Fabio Pietrosanti
Jordan Dimov wrote:
> Thank