similar to: SSL configuration

Displaying 20 results from an estimated 5000 matches similar to: "SSL configuration"

2013 Dec 12
1
Need help in addressing this error - ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: tlsv1 alert unknown ca
Hi , I am new to this puppet. I am implementing a network where my cisco switch will contact the puppet server for getting the configuration. I tried installing open source puppet and was successful in pushing down the configurations. I wanted then to try the same exercise with puppet enterprise 3.1. I installed puppet enterprise in a different server and changed my puppet agent (switch) to
2004 Apr 13
1
Patch Status
When is the x.509 patch going to become part of the main distribution of OpenSSH, and if not, why? Looks like other projects i.e. OpenSC might be using it now as well. Secondly, thought I'd try it again, new patch (Validator), same error... TIA, cs ######################## # ssh-x509 Unknown Public Key Type ######################## 1 Installed OpenSSL-0.9.7d (no customization) 2
2003 Dec 05
1
TLS: hostname doesn't match CN??
Hi, I'm configuring Samba 3.0 to store users in ldap server. I've configured openldap 2.1 with SSL and it worked properly with ldap commands but when I try using then smbpasswd command it reports me the error: failed to bind to server with dn= cn=Manager,dc=openwired,dc=net Error: Can't contact LDAP server TLS: hostname does not match CN in peer certificate Connection to
2011 Dec 16
12
Seperate CA's/Master behind load balancer
Hello, Attempting to setup a CA primary/standby as well as seperate puppetmaster servers (all running Apache/Passenger) behind another Apache/Passenger type load balancer. Clients are not getting certs:- err: Could not request certificate: Could not intern from s: nested asn1 error Clearly an SSL issue but not something I know a great deal about. loadbalancer.conf # Puppet Load Balancing
2004 Aug 19
0
Announce: X.509 certificates support in OpenSSH-3.9p1
Hi All, Diffs of "X.509v3 certificates support for OpenSSH" versions g4(Compatibility) and h(Validator) for OpenSSH-3.9p1 are ready for download. Please visit "http://roumenpetrov.info/openssh" for more information. Features: * "x509v3-sign-rsa" and "x509v3-sign-dss" public key algorithms * certificate verification * certificate validation o CRL o
2008 Feb 13
1
Openssh + x509 patch problem
Hi all, I'm trying to install ssh server based on x509 certificates with no result. What I've done is the following: - Build openssh4.7p1 after patching with openssh-4.7p1+x509-6.1.diff.gz without error using ./configure --prefix=/opt/ssh && make && make install in both server and client machines - Create minimal openssl ca structure under /opt/ssh/etc/ca ( self
2008 Jul 01
0
self Certificate Authority, using /etc/pki/tls/misc/CA
Hello all, lately i am facing problems with Certification Authorities. I have used centos script /etc/pki/tls/misc/CA my own certificate authority. In next steps i am generating requests for certificates to services such as LDAP,NNRPD and lately signing requests with CA. My approach is to import my own CA into Windows Vista OS as root CA and trusted, to avoid messages in clients such as
2011 Sep 14
1
puppet kick getting hostname not match with the server certificate
OS - RHEL5.7 Installation Source - epel-testing repo Puppet server version - 2.6.6 puppetd version - 2.6.6 I searched Google and none of the answers were a match for my set up... I can do ''puppetd --test'' from the client and things work as expected. When doing puppet kick hostname I get the following: Triggering hostname Host hostname failed: hostname not match with the server
2008 Jan 16
4
x509 patch for SSH
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi guys, been trying the x509 patch for ssh from Roumen, it works great. However, I can't figure out couple of things, and been trying to solve it for couple of days already. I'am using OpenSSH_4.7p1-hpn12v19, OpenSSL 0.9.8g with 6.1 version of your patch. The serverside hostkey is configured correctly, to present x509v3-sign-rsa dynowork
2004 Apr 07
0
Announce: X.509 certificates support in OpenSSH(version h-Validator)
I'm pleased to announce that the version "h"(code-name Validator) of "X.509 certificates support in OpenSSH" is now available for immediate download at http://roumenpetrov.info/openssh. Features: * "x509v3-sign-rsa" and "x509v3-sign-dss" public key algorithms * certificate verification * certificate validation o CRL o OCSP (optional and
2020 Jul 05
2
dovecot oauth
> On 05/07/2020 19:43 Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote: > > > > > > Hello, > > > > I'm trying to configure roundcube / dovecot to work with keycloak. > > I activated xoauth2 oauthbearer in dovecot. > > But a problem
2002 Jan 31
7
x509 for hostkeys.
This (very quick) patch allows you to connect with the commercial ssh.com windows client and use x509 certs for hostkeys. You have to import your CA cert (ca.crt) in the windows client and certify your hostkey: $ cat << 'EOF' > x509v3.cnf CERTPATHLEN = 1 CERTUSAGE = digitalSignature,keyCertSign CERTIP = 0.0.0.0 [x509v3_CA]
2011 Feb 15
11
Puppetmasterd not receiving certificate request
Hi: I''m trying to configure Puppet on Ubuntu, and strangely I am never able to generate a certificate because my server never shows any pending certificate requests. Put differently, on the server I am running puppetmasterd and on the client I am able to connect to the server, but the client continues printing notice: Did not receive certificate warning: peer certificate
2018 Jul 24
1
dovecot sometimes sends non-default SSL cert if IMAP client won't send SNI
Sure, and thanks for trying to help! These are the two correct answers when SNI is included. The certificates are fully chained. Both certificates carry the same subject mail.cs.sbg.ac.at but differ in Subject Alternative Name (SAN). X509v3 Subject Alternative Name:? ? DNS:mail.cs.sbg.ac.at, DNS:smtp.cs.sbg.ac.at, DNS:imap.cs.sbg.ac.at, DNS:pop.cs.sbg.ac.at X509v3 Subject Alternative Name:? ?
2006 Apr 27
0
Announce: X.509 certificates support in OpenSSH version 5.4
Hi All, The version 5.4 of "X.509 certificates support in OpenSSH" is ready for download. On download page http://roumenpetrov.info.localhost/openssh/download.html#get_-5.4 you can found diffs for OpenSSH versions 4.2p1 and 4.3p2. What's new: * given up support for "x509v3-sign-rsa-sha1" and "x509v3-sign-dss-sha1" The implementation realised in previous
2009 Apr 21
0
Unable to browse Samba share by hostname from certain clients...
Dear Help, I am having a very odd problem. For some reason, I am able to browse to my Samba share by IP address but not by host name from Windows 2008 servers in a particular domain (the same domain the Samba server belongs to). However, I am able to browse by host name from XP clients as well as Windows 2008 servers in a different domain. Even stranger, if I add an alias (using the netbios
2003 Dec 15
2
3.0.1rc2 LDAP - problems joining domain
Hi, I'm back on the list ;-) I seem to be having some trouble getting W2K machines to join the domain in 3.0.1rc2. I haven't looked at this in detail since 2.2.8a but it looks like the account gets created in LDAP and then it has trouble setting the password appropriately. I believe this is the relevant part of the log: api_rpcTNP: samr op 0x3a - api_rpcTNP: rpc command:
2008 Apr 30
0
pdc logon failed without samba error
Hie, I can't connect to my samba 3.022 pdc (I can join the domain and access share) and no error messages. I find in the log : the dump_data message musn't be clearest (domain,netboisname...) ? An idea ? [2008/04/30 15:26:50, 5] lib/util.c:show_msg(464) size=627 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279
2003 Apr 24
1
x509v3-sign-rsa authentication type...
I've seen a variety of patches on the list for supporting the x509v3 certificate authentication. Are there any plans to include any of these in the official openssh? Thanks, Kevin Stefanik
2012 May 25
2
Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1
Dear All, X.509 certificates support for OpenSSH version 6.0p1 was published. I brief new version include : - support for Android platform; - engine implementation is now considered stable; - various regression test improvements including fixes for OpenSSL FIPS enabled 1.0.1 stable release and korn shell Yours sincerely, Roumen Petrov -- Get X.509 certificates support in OpenSSH: