similar to: Adding root CA certificates for use by NSS applications?

Not sure if this is dovecot or not but can find very little ie no info around on this ... and added the pem file into /etc/pki/ca-trust/source/anchors and run udpate-ca-trust .. all works ok .. (this is on centos 7 btw) So wanted to change the hostname away from ip-x-x-x-x to something a little bit more descriptive .. but then kaboom .. doesnt work any more and the following errors are seen.

I setup a ssh chroot jail following this[1] guide. It works for my user to login, use ls and use scp which is all I really want. I do have a problem I cannot solve: when connected and navigating the filesystem, the backspace key actually moves the cursor forward and does not delete what I type. I may have found a hint from some googling that readline will read in /etc/inputrc on login but if

Hi, I try to add a certificate to a fresh certificate db, but the trust attributes are not set as expected. Neither can I change tham. The cert/pem is valid and double checked :) Any idea/suggestion? certutil -N -d certdb-test certutil -A -n "foobar" -t "u,u,u" -d certdb-test/ -i foobar.pem certutil -L -d certdb-test/ Certificate Nickname

I am unable to get 2.7.4 to work with NSS support as provided by libnss3 2:3.26.2 on Debian stretch. Currently NSS supports two database formats identified by prefixes "sql:" for the new database and "dbm:" for the legacy database. I created the NSS database in directory /etc/nut with command certutil -N -d dbm:NSS_db --empty-password I copied over public key and

https://bugzilla.mindrot.org/show_bug.cgi?id=3613 Bug ID: 3613 Summary: Unable to sign using certificates and PKCS#11 Product: Portable OpenSSH Version: 8.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee:

CentOS Errata and Bugfix Advisory 2014:0098 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0098.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 8a59b170119544ddc81c548e78b56fb77d610eb2156a72954fa356b027fd8ecf p11-kit-0.18.5-2.el6_5.2.i686.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

In article <201908300952.37126.gary.stainburn at ringways.co.uk>, Gary Stainburn <gary.stainburn at ringways.co.uk> wrote: > On Thursday 29 August 2019 18:10:19 Alexander Dalloz wrote: > > > 2019-08-29 17:23:18,117 exception: [Errno 14] curl#60 - "Peer's > > > Certificate issuer is not recognized." > > > 2019-08-29 17:23:18,117 retrycode (14)

This new operation unenrolls the guest from a FreeIPA server offline, by removing the configuration files and certificates. Thanks to Christian Heimes for the hints. --- sysprep/Makefile.am | 1 + sysprep/sysprep_operation_unenroll_freeipa.ml | 65 +++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 sysprep/sysprep_operation_unenroll_freeipa.ml

Hello, I'm trying to open a site protected with self-signed certificate with winebrowser, but error occurs: "***** uses an invalid security certificate. The certificate is not trusted because it is self signed. Error code: sec_error_ca_cert_invalid". and there is no option to continue. I know this is gecko related quiestion, but I'm looking for some way to import self signed

Hi, I am trying to integrate RHDS 8.0 with windows 2003 ads on centos 5.1 as per the centos documentation for user/group and password sync from windows ADS. I am using windows sync and Passsync . But i am facing problem with the certificate creation. *########################################################################## Followed the below step in centos box runing rhds to setup ssl.*

Am 2019-08-29 18:26, schrieb Gary Stainburn: > On Thursday 29 August 2019 16:47:11 Alexander Dalloz wrote: >> rpm -Vv nss > > [root at stan2 ~]# rpm -Vv nss > ......... /etc/pki/nss-legacy > ......... c /etc/pki/nss-legacy/nss-rhel7.config > ......... /etc/pki/nssdb > ......... c /etc/pki/nssdb/cert8.db > ......... c /etc/pki/nssdb/cert9.db > ......... c

Hello, OpenSSH supports PKCS#11 on the client side, but that does not extend to the server side. I would like to bring PKCS#11 support to sshd. I am working on embedded Linux systems with integrated HSM. The sshd host key is stored on the HSM. To have sshd using that key, we rely on the following chain: sshd -> OpenSSL -> OpenSSL Engine -> HSM Having PKCS#11 support in sshd, would

Hi, I installed ovirt on fedora 12 (64 bits) successfully but I had to make some changes to make it work. 1. Installation from rpms builded from the lastest git version 2. Patch ace : missing backslashes in sed commands vim /usr/share/ace/modules/ovirt/manifests/freeipa.pp line 33 : '/\\[kdcdefaults\\]/a \\ kdc_ports = 88' single_exec {"set_kdc_defaults":

Unfortunately this does not work. Example: Yes, when i give it a few Days, the client will retrieve the actual crl faster. But the auth still works. I have tried it. I revoked an cert. Installed a new win10 client and joined the domain. After login with the revoked p12 cert on a yubikey, i can see he queries the CDP and still allows the login. With certutil and a cert in DER format, i tried

All, Has anyone else had a problem with the CR repo on a 6.4 or 6.5 system? I have a test VM that has the CentOS6 CR repo enabled and it recently (well a week or so) started having dependency problems. It's choking on dependencies for ca-cerfificates. Obviously there aren't any CR packages yet for 6.5 so a zero package count and empty directory on the mirror [0] are legitimate. But

I found an old bugzilla report for this behavior: https://bugzilla.samba.org/show_bug.cgi?id=9612 According to the statements in it, there was a patch already in version 4.16 and in heimdal 8 last year? Which option must be in the krb5.conf? I have tried kdc_pkinit_revoke and pkinit_revoke. Both have no effect. Am 19.07.2023 um 14:27 schrieb Hans Schulze via samba: > Unfortunately this

https://bugzilla.mindrot.org/show_bug.cgi?id=2740 Bug ID: 2740 Summary: provide a way of forwarding a Unix-domain socket to user's runtime (home) directory Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5

Hello, I'm trying to install the Simio software on Wine, but I'm having a problem. What I do: wine setup.exe A window appears, and it says that some download is performed. A window appears stating: "Installing Microsoft Installer 4.5" After the download, a messagebox appears and says: "There is no Windows program configured to open this type of file", and the

Hi All, I upgraded from 5.3 to 5.4 today on a vpn gateway using openswan. After the upgrade the vpn stopped working. From what I could tell the new version of openswan uses NSS. I tried following the instructions in this thead https://bugzilla.redhat.com/show_bug.cgi?id=508107 without success. # certutil -N -d sql:/etc/ipsec.d certutil: function failed: security library: bad database.