similar to: https and self signed

Displaying 20 results from an estimated 8000 matches similar to: "https and self signed"

2016 Jun 17
0
https and self signed
On 17/06/16 15:46, James B. Byrne wrote: > > On Thu, June 16, 2016 13:53, Walter H. wrote: >> On 15.06.2016 16:17, Warren Young wrote: >>> but it also affects the other public CAs: you can???t get a >>> publicly-trusted cert for a machine without a publicly-recognized >>> and -visible domain name. For that, you still need to use >>> self-signed
2016 Jun 18
2
https and self signed
On Fri, 2016-06-17 at 15:56 +0100, Michael H wrote: > On 17/06/16 15:46, James B. Byrne wrote: > > > > We operate a private CA for our domain and have since 2005. We > > maintain a public CRL strictly in accordance with our CPS and have our > > own OID assigned. Our CPS and CRL together with our active, expired > > and revoked certificate inventory is
2017 Feb 19
4
Problem with Let's Encrypt Certificate
On 02/18/2017 10:24 PM, Robert L Mathews wrote: > On 2/17/17 1:38 PM, chaouche yacine wrote: > >> Seems wrong to me too, Robert. If you put your private key inside >> your certificate, won't it be sent to the client along with it ? > > No; any SSL software that uses the file will extract the parts it needs > from it and convert them to its internal format for future
2017 Feb 20
3
Problem with Let's Encrypt Certificate
On 02/19/2017 05:39 AM, KT Walrus wrote: >> That's one of the reasons I don't like Let's Encrypt, with one year certs it is easier to look at the certs and see what is going to expire in the coming month needing a new private key. > > I use dehydrated (with Cloudflare DNS challenges) and as far as I know, it seems to generate a new private key every time. Yeah that would
2016 Apr 27
2
Apache/PHP Installation - opinions
On 04/27/2016 07:50 PM, Alice Wonder wrote: > On 04/27/2016 12:41 AM, Alice Wonder wrote: >> On 04/27/2016 12:30 AM, James Hogarth wrote: >> *snip* >>> >>> Unless you have a very specific requirement for a very bleeding edge >>> feature it's fundamentally a terrible idea to move away from the >>> distribution packages in something as exposed
2016 Apr 27
2
Apache/PHP Installation - opinions
On Wed, Apr 27, 2016 at 1:04 AM, Alice Wonder <alice at domblogger.net> wrote: > Not with a smtp that enforces DANE. I'm aware of how DANE works. The only problem is no MTA outside of Postfix implements it. You can thank the hatred of DNSSEC for that. Brandon Vincent
2016 Jun 18
0
https and self signed
On Fri, June 17, 2016 11:06, Walter H. wrote: > On 17.06.2016 16:46, James B. Byrne wrote: >> On Thu, June 16, 2016 13:53, Walter H. wrote: >>> On 15.06.2016 16:17, Warren Young wrote: >>>> but it also affects the other public CAs: you can???t get a >>>> publicly-trusted cert for a machine without a publicly-recognized >>>> and -visible
2016 Jun 18
0
https and self signed
On Sat, June 18, 2016 7:52 am, Always Learning wrote: > > On Fri, 2016-06-17 at 15:56 +0100, Michael H wrote: > >> On 17/06/16 15:46, James B. Byrne wrote: > >> > >> > We operate a private CA for our domain and have since 2005. We >> > maintain a public CRL strictly in accordance with our CPS and have our >> > own OID assigned. Our CPS and
2018 Jul 30
2
dovecot 2.3.x, ECC and wildcard certificates, any issues
That is one of the reasons I do not bother since long with public CAs but rather deploy my own, including own OSCP responder. Which has of course has some drawbacks like redundancy, resilience, bandwidth provision, geographical spread, implementing CA security standards and CA trust in clients. Latter though could be easily overcome if browser and email clients were to support DNSSEC/DANE
2020 Jul 03
1
samab-4.10 nsupdate
I am also seeing this in smbd.log: [2020/07/03 09:20:18.211558, 1] ../../auth/kerberos/gssapi_helper.c:391(gssapi_check_packet) GSS VerifyMic failed: A token had an invalid MIC: unknown mech-code 2529638943 for mech 1 2 840 113554 1 2 2 [2020/07/03 09:20:18.211625, 0] ../../source4/auth/gensec/gensec_gssapi.c:1347(gensec_gssapi_check_packet)
2020 Jul 07
2
How to delete an unwanted NS record
I have this on the DC smb4-1.brockley.harte-lyne.ca: samba-tool dns query localhost brockley.harte-lyne.ca brockley.harte-lyne.ca ALL -U administrator Password for [BROCKLEY\administrator]: Name=, Records=6, Children=0 SOA: serial=7, refresh=900, retry=600, expire=86400, minttl=3600, ns=SMB4-1.brockley.harte-lyne.ca., email=support.harte-lyne.ca. (flags=600000f0, serial=110, ttl=3600)
2020 Jul 07
3
Can someone explain why host reports no SOA record for domain on DC?
[root at smb4-1 ~ (master)]# samba-tool dns query localhost brockley.harte-lyne.ca brockley.harte-lyne.ca ALL -U administrator Password for [BROCKLEY\administrator]: Name=, Records=4, Children=0 SOA: serial=3, refresh=900, retry=600, expire=86400, minttl=3600, ns=SMB4-1.brockley.harte-lyne.ca., email=hostmaster.brockley.harte-lyne.ca. (flags=600000f0, serial=110, ttl=3600) NS:
2020 Jul 07
2
How to delete an unwanted NS record
On 07.07.2020 21:14, Rowland penny via samba wrote: > On 07/07/2020 20:00, James B. Byrne via samba wrote: >> I have this on the DC smb4-1.brockley.harte-lyne.ca: >> >> samba-tool dns query localhost brockley.harte-lyne.ca >> brockley.harte-lyne.ca >> ALL -U administrator >> Password for [BROCKLEY\administrator]: >> ?? Name=, Records=6, Children=0
2020 Jun 30
3
samab-4.10 nsupdate
I have a dc configured to use the samba internal dns service. The version of samba I am using is 4.10.15 packaged for FreeBSD. Its build options state this: BIND911 : off BIND916 : off , , , GSSAPI_BUILTIN : on GSSAPI_MIT : off LDAP : on . . . NSUPDATE : off My smb4.conf file contains this: [global] bind interfaces only = Yes dns forwarder =
2016 Apr 27
2
Apache/PHP Installation - opinions
On Wed, Apr 27, 2016 at 12:50 AM, Alice Wonder <alice at domblogger.net> wrote: > That is the only reliable way to avoid MITM with SMTP. Except I can just strip STARTTLS and most MTAs will continue to connect. Brandon Vincent
2020 Jul 08
2
How to delete an unwanted NS record
Wed Jul 8 16:09:19 UTC 2020, Rowland penny wrote: > No, it is '@' for the name, not 'brockley.harte-lyne.ca' Previously I had tried that as well with similar results as shown below: [root at smb4-1 ~ (master)]# samba-tool dns help delete Usage: samba-tool dns delete <server> <zone> <name> <A|AAAA|PTR|CNAME|NS|MX|SRV|TXT> <data> [root at smb4-1
2015 Mar 03
6
TLS, SRTP, Asterisk11 and Snom870s
CentOS-6.5 (FreePBX-2.6) Asterisk-11.14.2 (FreePBX) snom870-SIP 8.7.3.25.5 I am having a very difficult time attempting to get TLS and SRTP working with Asterisk and anything else. At the moment I am trying to get TLS functioning with our Snom870 desk-sets. And I am not having much luck. Since this is an extraordinarily (to me) Byzantine environemnt I am going to ask if any of you have gotten
2007 Nov 24
5
rspec.opts
Where can I find a list of the options and their usage and meanings for the contents of this file? Regards, -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada
2016 Jul 06
2
Samba43 on FreeBDS10.3 ldap db contents
I am working through the book _Implementing Samba 4_ and revalidating my existing install. I am at the point where I need to check the contents of the ldap database. The instructions in the book say to do this: ldapsearch -x -h localhost -s base - \ Dcn=Administrator,cn=Users,dc=server-02,dc=domain-02,dc=harte-lyne,dc=ca -W Which produces this output: # extended LDIF # # LDAPv3 # base
2020 Jul 08
2
How to delete an unwanted NS record
On Wed Jul 8 14:05:32 UTC 2020, L.P.H. van Belle wrote: > The original DNS, was that a Windows 2003 or lower server? > > Because this looks familiar. > (&(flatname=BROCKLEY)(objectclass=primaryDomain))' base: 'cn=Primary Domains': > No such object: dsdb_search... All the Samba service I am working with are test platforms and have never been part of or received data