Fedora :: Use Yum Install Openvpn And I Am Stuck On How Can Input A Cert And Run The VPN?
Jul 3, 2009I am new and I need help to install VPN. I have use yum install openvpn and I am stuck on how I can input a cert and run the VPN.
View 5 Replies
ADVERTISEMENT
Ubuntu Security :: SSL Cert And CSR - Generating An HTTPS Cert For Apache And / Or Mail Access?
Aug 9, 2011I'm about to create a CSR and was reading this page in the Ubuntu docs: [URL] A couple of things:
* There's no date on the article. The documentation needs DATES because this information gets out of date! Check MySQL docs, for instance -- they are organized by version.
* The instructions for generating a cert only specify 2048 bits. I believe that's kind of out of date? The verisign site has big red warnings saying you need 2048 if you want your cert to last past 2013 -- and that article is 4 years old!
* The instructions are confusing when discussing the passphrase. We enter a passphrase only to remove it immediately. We need some clarity here. Why do this?
How to understand the current best practices for generating an HTTPS cert for apache and/or mail access?
Fedora :: Openvpn Certificate \ Installed Openvpn And Config It For A Tunnel?
Aug 9, 2010i have installed openvpn and config it for a tunnel. my server.conf and client,conf is as follow:
server.conf
port 1194
proto udp
[code]...
Software :: Stuck On Flashing Input Dash - Cant Type Anything
Apr 11, 2010[code].....
Now my desktop wont even boot up... I get stuck on a flashing input dash... or whatever, but cant type anything. It looks like this _ only flashing. How do I go about fixing this?
Ubuntu Servers :: SERVER Stuck During Boot (fsck Waiting For Input)
Aug 11, 2010all is well on my headless Lucid server until a recent apt-get upgrade && shutdown -R now ... it did not come back up? after i moved a screen to the other side of the house, i found fcsk waiting for input during the boot process errors on / ... (I)gnore / (F)ix " ...so i had to attach a keyboard just to push <F> i could change /etc/fstab so it never runs fsck, but this doesn't seem wise. how can i make it <F>ix automatically ? ( or maybe after Xsec )
View 1 Replies View RelatedFedora Servers :: Building A Cert From A CRT File?
Feb 8, 2010I need to build a cert from an CRT file/
View 1 Replies View RelatedFedora :: Stuck On Startup Screen After ATI Install
Feb 9, 2011After installing the ATI drivers using the guide here I rebooted and now it hangs at my ATI card is the X1200, I found drivers on ATI's website but thought id try the ones in the guide first but I think it caused this problem maybe they arent compatible.Im still able to type things in but it doesnt do anything.
View 12 Replies View RelatedFedora Installation :: Stuck Half Way Through Install / Get Full?
Apr 17, 2010I bought a new issue of Linux Format magazine and saw it had a bootable disk with Fedora installer/live DVD on it which I was eager to try out "The worlds most advanced Linux distro" I put the DVD in my computer and rebooted it. I selected 'install or upgrade'. It started to load (blasting white text at me). I skipped the media test but then the screen was black and reacted to no mouse moving or keyboard pressing. Not even the OFF button, so I pressed RESET and selected 'install with basic video driver' this time it worked. It didn't fill my whole screen like many 'basic video drivers' but they don't cut off much so I was willing to forgive Fedora using one it was proberly only for the install anyway I could download a new one after. I have a Radeon HD 4200 (extreamly crap) intergrated into the north bridge. I can't afford an expensive graphics card. I build it myself so I can tell you what parts it's got if needed. Anyway I progressed through the setup without problems until I got to the partitionor which defaulted to 'Replace existing Linux system' this would delete Ubuntu an maybe Windows 7. I changed it to custom layout or something like that. It started a partitioner and I remembered I wanted to give ubuntu 30GB more room so I resized it. I created a new 50 GB logical partition and select it as the '/' partition, plenty more space for future Linux distributions. Here's the real problem. Soon after I hit install it said some repositorys require a network connection. It had only one option 'eth0' my motherboard has built in Ethernet but I connect to the net with a wifi card I do not have a cable long enough to reach this computer on the other side of the room. So how was I suppost to continue the setup? I pressed okay hoping it would give up and let me continue the setup but it didn't it said they was an error connecting to the Internet therefore setup could not continue. With only one option: 'Exit Installer'. GRRRR. Interestingly enough after I clicked it the disk drive's light kept flashing but the screen went black forcing me to reboot. Can anyone help me so I can install "The worlds most advanced Linux distribution"*
View 3 Replies View RelatedFedora :: Yum Update Install New Kernel - Boot Process Stuck
Mar 24, 2010I'm not sure what caused it, but it happened right after running 'yum update'. It may be because it installed a new kernel, and there are now two kernels listed in my grub.conf and at boot; 2.6.31 and 2.6.32. System boots through a list of things it's starting up and stalls out at ATL or ADL or ADM maybe. It hangs there for a minute or so then flickers. This happens every time at boot. It's a bit difficult to post more information since I can't get past that part of the boot process, and I can't seem to be able to skip it either. It may be worth mentioning that this is a mini-itx motherboard. Intel Atom 330 1.6, 2GB DDR2, onboard GeForce 9400m. It's a zotac ionitx-a-u. I've installed a fresh copy of Fedora 12 lxde.
View 3 Replies View RelatedFedora :: Install Supercollider - Stuck On Installing Planet CCRMA At Home ?
Mar 25, 2011I'm trying to install supercollider following this guide: [url]
And I'm completely stuck on installing Planet CCRMA at Home. The guide says update your computer with PackageKit, KPackageKit. I believe I have both installed but cannot see them in the applications menu. Where can check?
Next the guide says: Run the following command in a terminal window: su -c 'rpm -Uvh
Fedora :: Input To Create New Username And Password - Install X86-64 Bit Core 12?
Dec 25, 20091. No any input to create new username and password when I install X86-64 bit Core 12 And I can not login with root. So how can I login Fedora core 12?
View 4 Replies View RelatedUbuntu Networking :: Network-manager-openvpn And Static-key OpenVPN Connection In 9.10
Apr 5, 2010i have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:
Code:
openvpn --config config.ovpn
Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009
Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key
[code]....
Server :: OpenVPN Range Address / When Change Static IP To Dynamic IP In Config File OpenVPN Didn't Work?
Feb 13, 2010I want to configure a VPN over the Internet.I installed the 'openvpn' package, generated the key file, transfered it by a secure way to the client, and setted up the configuration file.
So, in that configuration file I input the IP addresses of the tunneled interfaces. Both IPs are static in the tunnel.
Then, I've heard somewhere that I can assign a dynamic configuration IP for the client. I do this registering a range.
Well, when I tried to change static IP to dynamic IP (changing '192.168.0.2' to '192.168.0.0/24') in the configuration file, the OpenVPN didn't work.
Obviously I don't know what I'm doing, and I really, don't believe that simply changing the IP will make it work, but I tried.
I hope I explained my problem as well.
My configuration file:
# OpenVPN Server Configuration File
dev tun 0
ifconfig 192.168.0.1 192.168.0.2
cd /etc/openvpn
secret key_file
In client I execute the 'openvpn' without the '--daemon' parameter.Then I want that my client uses a IP in a range (192.168.0.0/24, for example), instead of a static IP (192.168.0.2).I also thought to use a DHCP server, but I'm not sure that will work.
OpenSUSE Network :: Reinstall Ssl-cert Package Again?
Apr 5, 2011I removed using yast the package "ssl-cert". At this point yast2 started throwing the error:
Code:
Download failed:
Download (curl) error for 'https://nu.novell.com/repo/repoindex.xml?cookies=0&credentials=NCCcredentials':
Error code: Unrecognized error
Error message: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
And of course a redownload and install of ssl-cert is not possible,I get the same error So I tried downloading and installing the openssl package by hand, but still I got nowhere Does anyone knows how to reinstall this ssl-cert package again??
Ubuntu Security :: Verisign Cert Not Trusted?
Jan 28, 2011I'm trying to access a Verisign signed site [URL] and getting a certificate not known error when I do. Do I really need to import Verisign? If so, how?
View 6 Replies View RelatedUbuntu Servers :: Web Authentication Using Client Cert?
Aug 6, 2011I am running a ubuntu server and want to host a web application (php/mysql based) however I dont want to use usernames and passwords for authentication. I'd like to use a client certificate. The military uses similar technology using the CAC card to provide the certificate for authentication.
not sure if this would be done using the apache modules or if php would be a better place to play with this
Server :: Setting Up SSL Cert - 404 Error Not Found
May 18, 2010I'm having some problems setting up SSL certs.
Here's what I've done...
In the file ssl.conf I have (along with all the normal stuff):
Quote:
But, when I navigate to url], I get a 404 error (not found).
My SSL cert is with GoDaddy. I created the key and a csr file, for which GoDaddy supplied me with the files mydomain.com.crt and gd_bundle.crt. I placed all the files where they should be, and restarted Apache.
And... 404. No errors on Apache restart.
The cert still seems to be showing up as localhost.localdomain:
Quote:
When I go to [url], I'm told the cert is still a "self signed" cert (out of date, by the way).
The GoDaddy "help" on this (such that it is) is here: [url]
Ubuntu Networking :: Can't Install OpenVPN On 8.10
Dec 12, 2010> sudo apt-get install openvpn bridge-utils
> Reading package lists... Done
> Building dependency tree... Done
> Reading state information... Done
> E: Couldn't find package openvpn
CentOS 5 :: Unable To Install Openvpn On Ssh?
Apr 24, 2010I want to install openvpn on ssh.when I write "yum install openvpn", I get an error message.this message : No package openvpn available. why i can't install openvpn ? How can i do ?
View 2 Replies View RelatedOpenSUSE Network :: Nagios Won't Monitor Service With Self Signed Cert
Jan 14, 2011Updating my install of OpenSUSE from 11.0 to 11.3 and notice that the Nagios network monitor can no longer probe servers with self signed certs.It appears to be any monitor that used openssl 1.0.0 has an issue. If I install the openssl 0.9.8 libraries and use old plugins linked against it, they work fine.
View 9 Replies View RelatedUbuntu :: Transfer A Tiny CA Cert To A Windows Server 2003?
Apr 14, 2010At work we are trying to avoid paying for a cert for our outlook owa. I thought of Tiny CA, but can't find a windows variant, it appears to depend on things that would not allow that.
Does anyone know if it is possible to create a Tiny CA Cert and install it on a Windows Server 2003? If not does anyone know of a good free Cert creation utility for Winedoze.
I have a feeling this is going to be another feather in the basket to convince my boss to go Ubunutu.
Server :: UCC SSL Cert Error - Key Values Missmatch - On Remote Servers
May 4, 2010I have a Godaddy UCC (Multiple domain) certificate for the following domains:
example.com
upload1-example.com
upload2-example.com
The rsa was generated from example.com server using example.com as CN Common name.
GoDaddy's website adds the extra names to a CSR you provide, does the checks and grants the cert.
My problem is that whilst the certificate works fine on the server example.com (from which the csr was created), it comes up with two errors when restarting apache on remote servers.
1>> Certificate common name does not match server name
2>> SSL Library error - check private key:key missmatch.
I donn't understand how these keys could ever work as no reference to the private keys of the remote servers is ever used in creating the UCC certificate.
Ubuntu Servers :: Installing Ssl Cert On Portal Server Behind Security Router
May 27, 2010I've setup OpenVPN-ALS (formerly known as Adito) on Ubuntu Server 10.04 edition. I have a security router (Untangle) in front of my internal network. I have a domain name and an SSL Certificate setup on our security router. I can access our web interface on our security router with no problems.
I've setup a portforward rule on our router to access this OpenVPN-ALS portal and I can access it, but I get an invalid certificate message. So I've bought another SSL certificate to install our our Portal, but I'm getting an error message when I enter in our information at the provider where I've bought the certificate.
Common Name does not contain fully qualified domain name. I'm not sure what the problem is. Do I use the hostname I've setup on the portal or do I use the hostname on my security router when I setup the SSL certificate on our portal?
Security :: Can't Import A Cert - Signed With OpenSSL- Into A Java Key Store Using Keytool
Feb 11, 2011When I do a "openssl x509 -in server1.pem -issuer -noout" after I've supposedly signed it with the CA, the issuer is, for some reason, the DN string of server1. If server1 generated the CSR, and it is coming up as issued by server1, doesn't that indicate a self signed cert? How could the CA be producing a cert that has an issuer of another server? Am I just completely off base? Sorry, I'm a bit of a newb with the SSL pieces.
I hope this is the right place for this, but I'm having some difficulty using the java keytool and OpenSSL tool on a Solaris system.
I have a server (CA server) with OpenSSL installed that I would like to use as a Certificate Authority. The second server (server1) is a WebLogic server with JDK 1.6.0_21. I'm trying to configure it to use a certificate that has been signed by server1.
For some reason it keeps giving me this error when I try to import the signed SSL certificate: keytool error: java.lang.Exception: Public keys in reply and keystore don't match
Am I doing something wrong in this whole process?
1) Generate the Private Key for the CA server
openssl genrsa -out CA.key -des 2048
2) Generate the CSR on the CA
openssl req -new -key CA.key -out CA.csr
3) Sign the new CSR so that it can be used as the root certificate openssl x509 -extensions v3_ca -trustout -signkey CA.key -days 730 -req -in CA.csr -out CA.pem -extfile /usr/local/ssl/openssl.cnf
4) On server1, create Server Private Key KeyStore keytool -genkey -alias server1 -keysize 2048 -keyalg RSA keystore server1.jks -dname "CN=server1.domain.com,OU=Organization,O=Company,L=City,ST=State,C=US"
5) On server1, create a CSR from the recently created Private Key
keytool -certreq -alias server1 -sigalg SHA1WithRSA -keystore server1.jks -file server1.csr
6) Transfer the CSR over to the CA (server1) so that it can be signed openssl x509 -extensions v3_ca -trustout -signkey CA.key -days 365 -req -in server1.csr -out server1.pem -extfile /usr/local/ssl/openssl.cnf
7) Transfer CA Public Cert to server1 and Import into keytool keytool -import -trustcacerts -alias CA_Public -file CA.pem -keystore server1.jks
8) Import recently signed CSR to app server keystore (This is where I receive the error) keytool -import -trustcacerts -alias server1 -file server1.pem -keystore server1.jks
Ubuntu Networking :: OpenVPN Install - String Too Long Error
Jul 27, 2010I'm running Kubuntu 10.04 and am trying to install OpenVPN as per the instructions here:-[URL]..However, when I try enter the following I just get a continuous "string is too long, it needs to be less than 40 bytes long" message.
./pkitool --initca I've had a look around in the forum and in google and can find a reference to this problem with 9.x but from what I can see this has supposedly been fixed for v10.04. Is there some sort of workaround I can apply to get this to work?
Fedora :: Want To Configure Openvpn?
May 17, 2011I just started a new job. My company office is in Paris and I am working from the south of France. To work, I have to connect to the office via a VPN access. I have installed a fedora 14 on my laptop and now i want to configure openvpn.openvpn is installed and I wonder if someone can give me a help to configure it and how and where to put the server IP address and what it's required.
View 3 Replies View RelatedFedora Networking :: How Can Openvpn Get An Ip From Dhcp
May 14, 2009i've set up an openvpn server (with dhcp running on it) and i have to create compatible clients.the problem is how to get an ip by dhcp.with ubuntu i made a script like this
/sbin/ifconfig tap0 up
/sbin/dhclient -e tap0
and everything works fine:tap0 goes up and then start a dhcp request to the server on tap0with fedora there is a nice problem i've noticed that is impossible to run dhclient later on a new interface because i receive this error "dhclient is already running".the tap0 goes up normally but i receive this error when i attempt to get an ip.is there a simple way to get an ip?if i try to kill or restart dhclient when the vpn tunnel is up,all'interfaces lost theirs ip and network goes down crashing my vpn...
Fedora :: Why OpenVPN Service Can't Start Up
Nov 24, 2009It is the first time have I used VPN. I installed OpenVPN in my Fedora 11 computer. I did it following:URL...And I stopped at step 16: service openvpn start . The service can not start up. Even if I disabled Selinux . Does anyone know how to treat this trouble.
View 1 Replies View RelatedFedora Networking :: OpenVPN Using Alias Rather Than IP
Nov 27, 2009Is there anyway you can configure either OpenVPN client or the system to allow connections using OpenVPN to be made to computers on the OpenVPN network using their alias rather than their IP address. This may sound blasphemous but you can in Windows. That is if the VPN network is say 10.x.0.x I could connect to Comp4 or Comp2 using Comp4 or Comp2 not 10.x.0. 4 or 10.x.0.2 or whatever IP is allocated by the OpenVPN server. If the OpenVPN server has not been restarted then it will usually allocate the same IP every time the same client connects.
View 8 Replies View RelatedFedora :: Using Netbios Over An OpenVPN Network?
Nov 29, 2009Does anyone know how to configure Fedora 12 to use netbios over an OpenVPN network
putting
hosts: files wins dns
into the nsswitch.conf file enable netbios over the LAN but not over the VPN.
