similar to: Updating ca-certificates

Displaying 20 results from an estimated 200000 matches similar to: "Updating ca-certificates"

2018 Jul 04
1
ca-certificates-2018.2.22-65.1.el6.noarch problematic
On 04.07.2018 18:37, Alice Wonder wrote: > On 07/04/2018 08:54 AM, Walter H. wrote: >> Hello, >> >> the RPM >> >> ca-certificates-2018.2.22-65.1.el6.noarch >> >> has a big problem ... >> many certificates were removed - my proxy uses this as source and isn't >> able to validate correct any more - >> most sites show this: >>
2018 Jul 04
0
ca-certificates-2018.2.22-65.1.el6.noarch problematic
On 07/04/2018 08:54 AM, Walter H. wrote: > Hello, > > the RPM > > ca-certificates-2018.2.22-65.1.el6.noarch > > has a big problem ... > many certificates were removed - my proxy uses this as source and isn't > able to validate correct any more - > most sites show this: > > /[No Error] (TLS code: X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) > > /Self-signed
2020 Jun 29
0
Adding root CA certificates for use by NSS applications?
I'm trying to get a third party application to use the root CA certificate of an SSL proxy - but can't work out how to install the cert for use by all users on CentOS 7 I have the proxy vendor's supplied CA cert in PEM format I can install the cert in a user's home directory using 'certutil' - and the application works OK - but I would like to do 'something' to
2012 May 09
2
[PATCH 1/2] sysprep: remove ca certificates in the guest
Remove the ca certificates. Signed-off-by: Wanlong Gao <gaowanlong at cn.fujitsu.com> --- sysprep/Makefile.am | 2 + sysprep/sysprep_operation_ca_certificates.ml | 62 ++++++++++++++++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 sysprep/sysprep_operation_ca_certificates.ml diff --git a/sysprep/Makefile.am b/sysprep/Makefile.am index
2020 Jun 14
0
Question about certificates on Samba AD/DC
Hi Igor, You certainly don?t want a different CA for each DC, and you typically do want an individually generated certificate and private key for each server. PKI is typically a tree hierarchy, which is a critical feature in the trust relationships across any environment. You want one (root) CA, and possibly 1-3 intermediate CAs depending on the complexity of your infrastructure ( intermediate
2018 Sep 13
0
ca-bundle questions
You need to dig deeper - I will give you a start ... > > > Sometime in Feb, yum updated something to do with ca-bundle. The "something" is the ca-certificates.noarch rpm. It is updated every year around May. The last update was around May 16th this year. Not February. > > > I didn't > > > notice at the time, but it put these two files on my machine:
2023 Oct 25
1
Set same TLS Root CA cert on all Samba DC's?
Op 25-10-2023 om 17:13 schreef Alex via samba: > And will Samba regenerate it's own server certs from that CA, or do I need > to externally generate & renew them with openssl? > Does anything else need to be done before or after replacing the certs in > Samba? This won't break server/domain trust with domain joined workstations? Anything that server that uses TLS will
2011 Nov 05
0
FW: Help with CA Certificates for user authentication?
My apologies to the list for inadvertently taking this offline. As info: -----Original Message----- From: Iain Morgan [mailto:Iain.Morgan at nasa.gov] Sent: Friday, November 04, 2011 8:15 PM To: wfdawson at bellsouth.net Subject: Re: Help with CA Certificates for user authentication? On Fri, Nov 04, 2011 at 11:53:25 -0500, wfdawson at bellsouth.net wrote: > > Thanks for the
2010 Jun 18
1
problems with puppetmaster using intermediate CA cert
Hi, I''m trying to develop a manifest to setup a new puppet master. To solve the SSL certificates I''ve created a root CA outside of puppet, and have generated an intermediate CA for the new puppet master to use. I''ve also configured my puppetmaster daemon to use it''s own ssl directory. So the new puppetmaster is at the same time a client of the old puppet
2018 Jul 04
3
ca-certificates-2018.2.22-65.1.el6.noarch problematic
Hello, the RPM ca-certificates-2018.2.22-65.1.el6.noarch has a big problem ... many certificates were removed - my proxy uses this as source and isn't able to validate correct any more - most sites show this: /[No Error] (TLS code: X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) /Self-signed SSL Certificate in chain: /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2019 Aug 30
1
I broke "yum update" - C7
In article <201908300952.37126.gary.stainburn at ringways.co.uk>, Gary Stainburn <gary.stainburn at ringways.co.uk> wrote: > On Thursday 29 August 2019 18:10:19 Alexander Dalloz wrote: > > > 2019-08-29 17:23:18,117 exception: [Errno 14] curl#60 - "Peer's > > > Certificate issuer is not recognized." > > > 2019-08-29 17:23:18,117 retrycode (14)
2018 Dec 27
0
Problem with different certificates
What problem are you seeing? It uses the correct SSL certs when I connect. prompt> gnutls-cli --port 993 mail.nimmini.de Processed 149 CA certificate(s). Resolving 'mail.nimmini.de:993'... Connecting to '46.38.231.143:993'... - Certificate type: X.509 - Got a certificate list of 2 certificates. - Certificate[0] info: - subject `CN=nimmini.de', issuer `CN=Let's Encrypt
2018 Sep 01
2
Certificates
> > And for other services like IMAP, SMTP, LDAP (maybe not LDAP) constant > changing certs even with a long lived root may get old for your customers. Why? I have corporate systems on 2 year commercial CA signed certificates and personal servers on 90 day LetsEncrypt ones - my users of IMAP and SMTP have never ever noticed when I changed the certificates on any device. They
2013 Jan 15
1
Adding CA/Root SSL / TLS Certificate, HTTPS
Hi, I need to add my own and other/new self-signed ca/root cert in CentOS pki database/system, for all/most type of apps to use. Using "wget", i'm trying to securely(HTTPS) get gpg keys/files from https://fedoraproject.org/keys site, which is using root cert with following info: CN = GeoTrust Global CA O = GeoTrust Inc. C= US MD5 f7:75:ab:29:fb:51:4e:b7:77:5e:ff:05:3c:99:8e:f5 I
2017 Aug 10
0
is a self signed certificate always invalid the first time?
On 10.08.2017 09:18, Stephan von Krawczynski wrote: > It would be far better to use a self-signed certificate that can be > checked through some instance/host set inside your domain. I have been running a CA for 15+ years, generating certificates only for servers I personally maintain. Since my business is too small to be able to afford all the steps required to have my CA trusted by
2017 Aug 11
4
is a self signed certificate always invalid the first time?
I have looked at let's encrypt. Key issue for me is having to add a lot python stuff that would otherwise not be on any server. Again, All CA's like "Let's Encrypt" - and others that are accepted by the "majors", e.g., Windows, Mozilla make it much easier for the "random" user to use anything you protect with SSL (better TLS) without them having to
2023 Oct 25
1
Set same TLS Root CA cert on all Samba DC's?
And will Samba regenerate it's own server certs from that CA, or do I need to externally generate & renew them with openssl? Does anything else need to be done before or after replacing the certs in Samba? This won't break server/domain trust with domain joined workstations? Thanks On Wed, Oct 25, 2023 at 8:08?AM Kees van Vloten via samba < samba at lists.samba.org> wrote:
2017 Aug 10
0
is a self signed certificate always invalid the first time?
I can't see any security advantages of a self signed cert. If the keypair is generated locally (which it should) a certificate signed by an external CA can't be worse just by the additional signature of the external CA. Better security can only be gained if all users are urged to remove all preinstalled trusted CAs from their mail clients (which seems impractical). Else an attacker could
2007 Nov 11
4
puppetrun fails: "Certificates were not trusted"
Hello all, I''ve tried to run ''puppetrun'', but there seems something unconfigured regarding the certificates. The reverse way (puppetd pulls the config from puppetmasterd) works fine. The namespaceauth.conf on the client (where puppetd runs) is configured as follows: [puppetrunner] allow *.abc.net (also tried the calling host: puppet1.abc.net) But when I call
2018 Sep 12
2
ca-bundle questions
Sometime in Feb, yum updated something to do with ca-bundle. I didn't notice at the time, but it put these two files on my machine: /etc/pki/tls/certs/ca-bundle.trust.crt.rpmnew and /etc/pki/tls/certs/ca-bundle.crt.rpmnew Both of those on the existing system are symbolic links ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle-trust.crt and ca-bundle.crt ->