Displaying 20 results from an estimated 11000 matches similar to: "wildcard certificate"
2018 Jun 16
2
wildcard certificate
On 06/15/2018 06:11 PM, Keith Keller via CentOS wrote:
> You've already got the cert so it's not totally relevant, but in the
> future you can consider using Let's Encrypt. They won't distribute
> wildcard certs but unless you have lots of subdomains you can simply
> request a cert for every domain you need.
2017 Feb 20
2
Problem with Let's Encrypt Certificate
yacinechaouche at yahoo.com writes:
> Interesting. Is there any particular benefit in having only one file
> for both certificate and private key ? I find that putting private key
> in a separate file feels more secure.
It's convenient to have key and cert in one place if you don't need
the certificate to be publically readable. Keeping it in separate
files would add slightly
2016 Sep 29
3
HTTPS certificates (off topic)
How do I get a valid certificate for a box that is behind a firewall and
does not have a DNS entry?
I was looking at letsencrypt.org but currently it looks like a valid DNS
entry is needed, of which I don't have.
There is nothing special about my setup, its just a box that is not
directly on the internet, no DNS entry but I need HTTPS to run correctly.
How do I generate a trusted
2009 Jan 05
1
New SSL certificate problem
Our DC has been using a Verisign certificate. Over the past year, we've
been using a Digicert Wildcard Plus certificate for almost all of our
machines, and I wanted to switched over our DC mailserver.
I used the following command to generate the CSR and key:
openssl req -new -newkey rsa:1024 -nodes -out star_bard_edu.csr -keyout star_bard_edu.key -subj "/C=US/ST=NY/L=ourtown/O=Bard
2016 Jun 15
8
https and self signed
I followed the instructions here https://wiki.centos.org/HowTos/Https
Checking port 80 I get the file...
curl http://localhost/file.html
<HTML>
<FORM>
Working
</FORM>
</HTML>
Checking port 443 I get and error
curl https://localhost/file.html
curl: (60) Peer's certificate issuer has been marked as not trusted by the
user.
More details here:
2014 Oct 24
1
What is a client certificate?
A very ignorant question, sans doute.
I get my certificates from cacert.org, to whom I am very grateful.
I follow what I take to be the official procedure,
first creating <server>.key and <server>.csr on my server
and then getting <server>.crt by going to Server Certificate=>New
at the cacert site.
I then place the key certficate *.key in /etc/pki/tls/private/
and what I
2012 Oct 23
3
Export/Import wild card SSL
Hi all,
This topic is one that I am ignorant on and appreciate any guidance.
My scenario;
I have a wild card SSL installed on one of my CentOS boxes.
As I understand it, this server was used as a sort of master when originally generating and receiving the wild card SSL cert (got the cert from GoDaddy BTW).
So, now I must export some file(s) from that server so that I can import it/them to
2014 Apr 18
4
Changing SSL certificates - switching from self-signed to RapidSSL
Hi all,
Ok, been wanting to do this for a while, and I after the Heartbleed
fiasco, the boss finally agreed to let me buy some real certs...
Until now, we've been using self-signed certs with the following dovecot
config:
ssl = required
ssl_cert = </etc/ssl/ourCerts/imap.pem
ssl_key = </etc/ssl/ourCerts/imap_key.pem
Now, I've created new keys/certs and the CSR, got the new
2018 Jun 16
0
wildcard certificate
On 2018-06-16, Gordon Messmer via CentOS <centos at centos.org> wrote:
>
> https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579
>
> Wildcard support is new, but it's available!? :)
Cool! I had read about wildcard support being planned a few months ago
but totally forgot about it.
--keith
--
kkeller at wombat.san-francisco.ca.us
2009 Aug 24
8
self signing certificates
hi all,
I have gone through the process of self signing certificates.
Aside from the pop-ups about not trusted etc... everything appears to work.
For "internal" applications what do people/places do?
It would be nice to be seamless and have the "your not trusted" window
pop-up.
Yet this is not a public web site either. Just internal use.
The server might be on the internet
2006 May 30
2
SSL certificate and rails...
Newbie Q:
Building a webstore and need to have SLL-encryption on the checkout
pages...
I have no previous experience with SSL.
I understand that I need a SSL-certificate. I''m planning on purchasing
the cert from RapidSSL, but to do that I need to generate a CSR
(Certificate Signing Request). How do I do that?
How do I install the certificate on the server? Are there any guides on
2020 Jan 06
4
TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem>
Hello,
On a newly re-installed Asterisk 16.7.0 on Debian Buster, I can't find a
way to enable HTTPS.
Asterisk is running as asterisk:asterisk:
asterisk 11097 0.3 6.7 741352 67984 ? Ssl 17:53 0:06
/usr/sbin/asterisk -g -f -p -U asterisk
# cat /etc/asterisk/http.conf
[general]
servername=Asterisk
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
2013 Jul 15
1
trying to configre dovecot
Hi all;
Thinking I'd like to have a bit of security, I followed the example for
dovecot from allgoodthings.org
Guessing between the lines I made a few substitutions to localize it for
me, but when I run the line to dump the configs, the output is very short
because I do not have the *.pem files.
Where can a usable set of these ssl 'keyfiles' be obtained?
Cheers, Gene
--
2017 Oct 07
2
Permission denied error on private key...
I have a working dovecot/postfix/mysql server running and was trying to set up another one for replication purposes. If I copy my certificates from the working server, everything works fine. However, I purchased another updated certificate for the replication server, and I cannot get dovecot to start up. Keep getting:
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line
2011 Oct 09
1
using ecc-certificates (ellyptic curve) will not establish connection
hi
I want to use ECC(ellyptic curve cryptography) for SSL-connections but somehow dovecot doesn't like my ECC-certificates :(
I tried to test using following scenario:
machine:
debian 6 (x64)
dovecot 2.0.15-0~auto+21 ((f6a2c0e8bc03) from http://xi.rename-it.nl/debian
openssl 1.0.0e-2 from testing (as the default 0.9.8o-4squeeze3 needs also the parameter -cipher ECCdraft for testing)
2017 Feb 20
3
Problem with Let's Encrypt Certificate
On 02/19/2017 05:39 AM, KT Walrus wrote:
>> That's one of the reasons I don't like Let's Encrypt, with one year certs it is easier to look at the certs and see what is going to expire in the coming month needing a new private key.
>
> I use dehydrated (with Cloudflare DNS challenges) and as far as I know, it seems to generate a new private key every time.
Yeah that would
2017 Oct 08
2
Permission denied error on private key...
-rw-r--r--. root root unconfined_u:object_r:home_root_t:s0 /etc/pki/dovecot/private/mailserver.crt
> On Oct 8, 2017, at 12:03 AM, Bill Shirley <bill at KnoxvilleChristian.org> wrote:
>
> What does ls -lZ /etc/pki/dovecot/private/mailserver.crt say?
>
> Bill
>
> On 10/7/2017 7:30 PM, SH Development wrote:
>> I have a working dovecot/postfix/mysql server running
2002 Jan 31
7
x509 for hostkeys.
This (very quick) patch allows you to connect with the commercial
ssh.com windows client and use x509 certs for hostkeys. You have
to import your CA cert (ca.crt) in the windows client and certify
your hostkey:
$ cat << 'EOF' > x509v3.cnf
CERTPATHLEN = 1
CERTUSAGE = digitalSignature,keyCertSign
CERTIP = 0.0.0.0
[x509v3_CA]
2017 Feb 19
4
Problem with Let's Encrypt Certificate
On 02/18/2017 10:24 PM, Robert L Mathews wrote:
> On 2/17/17 1:38 PM, chaouche yacine wrote:
>
>> Seems wrong to me too, Robert. If you put your private key inside
>> your certificate, won't it be sent to the client along with it ?
>
> No; any SSL software that uses the file will extract the parts it needs
> from it and convert them to its internal format for future
2020 Apr 16
1
Dovecot Failed to initialize SSL server context
I'm trying to configure TLS for Dovecot 2.3 but after setting all things up I'm not able to start Dovecot:
Apr 16 20:56:02 master: Info: Dovecot v2.3.9.3 (9f41b88fa) starting up for imap, pop3, lmtp (core dumps disabled)
Apr 16 20:56:25 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
Apr 16 20:56:25 auth: Debug: Module loaded: