General :: Creating Formal SSL Certificate For Fedora
Dec 8, 2010How I can create and install a formal SSL certificate for Fedora issued by Geocerts or Verisign?
View 1 Replies
ADVERTISEMENT
General :: Creating Certificate Authenticated User?
Aug 19, 2010I am trying to create a certificate case user logon via ssh. On the server I have openSSH and a few users. I want to be able to assign a user a certificate to connect remotely via SSH.
View 1 Replies View RelatedDebian :: Creating Certificate Signing Request - CSR?
Jun 9, 2015I need to renew my SSL cert for my Mahara site and I follow the instructions below. But after I finish answering all the questions for the csr, I'm supposed to copy a portion of the cert into a web form. However I can't seem to find the server.csr so I can do this. Were this file goes?
Here is a step-by-step description:
Make sure OpenSSL is installed and in your PATH.
Create a RSA private key for your Apache server (will be Triple-DES encrypted and PEM formatted):
$ openssl genrsa -des3 -out server.key 1024
Please backup this server.key file and the pass-phrase you entered in a secure location. You can see the details of this RSA private key by using the command:
$ openssl rsa -noout -text -in server.key
If necessary, you can also create a decrypted PEM version (not recommended) of this RSA private key with:
$ openssl rsa -in server.key -out server.key.unsecure
Create a Certificate Signing Request (CSR) with the server RSA private key (output will be PEM formatted):
$ openssl req -new -key server.key -out server.csr
Make sure you enter the FQDN ("Fully Qualified Domain Name") of the server when OpenSSL prompts you for the "CommonName", i.e. when you generate a CSR for a website which will be later accessed via https://www.foo.dom/, enter "www.foo.dom" here. You can see the details of this CSR by using:
$ openssl req -noout -text -in server.csr
General :: Get A Certificate Error 60: "server Certificate Verification Failed" When Trying To Setup A Ubuntu Cloud?
Aug 24, 2011I'm trying to install an Ubuntu cloud on my home network - I've been following this guide. When I arrived at STEP 6: Install an image from the store PART 3: Click on the Store tab I get the following error message on the page: Error 60: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
View 1 Replies View RelatedFedora :: How To Add A Certificate?
Jun 14, 2011I am trying to run Citrix XenDesktop on F13.I installed the .rpm package from their website and when I access my school's server, firefox acts like everything is ok but then I get a certificate error. A box pops up that says You have not chosen to trust "AddTrust External CA Root", the issuer of the server's security certificate (SSL error 61).' and I am not sure how to handle this.
View 2 Replies View RelatedFedora Servers :: Set A Server Fedora 11 Using Vsftpd + Database Berkley + Ssl 'certificate?
Mar 5, 2011i've set a server Fedora 11 using Vsftpd + database berkley + ssl 'certificate) he works perfectly. So i wanted to set a new one on Fedora 14, there is the problem..On my fedora 14, i tryed to use the configuration file that i've made on the F11 but withtout success. It seems that when i activate the SSL option on the server it does not want to start anymore... and i have no errors messages. I notice that when i desactivate the SSL "ssl_enable=NO" my server on F14 can start normaly.
[Code]...
Fedora Security :: View The Currently Used Certificate?
Apr 2, 2009I am having issues with using OpenSSL. How do I view the currently used certificate? Also, do you know of a good site that has instructions on how to install a certificate. The previous user installed a GoDaddy cert for an FTP server and I need to update it because it's expiring real soon.
View 10 Replies View RelatedFedora :: Invalid Security Certificate?
Jun 15, 2010Got F13 installed yesterday, this afternoon I suddenly started getting Secure Connection Failed warnings. I'm not sure whose problem it is because it mentions uses an invalid security certificate.This certificate is only valid for *.opendns.com(Error Code: ssl_error_bad_cert_domain)It continues to say that someone could be impersonating the actual server. I am still receiving mail through google and my google calendars seem to be working. I do use OpenDNS for my DNS instead of my ISPs (Comcast which would very often slow down) and obviously I use IMAP mail with google on Thunderbird. So is it google, or OpenDNS, or Thunderbird that has a problem. Firefox does not seem to have a problem
View 2 Replies View RelatedFedora :: Get Openssl To Verify A Certificate?
Jan 8, 2011I am trying to get openssl to verify a certificate. I will walk you through what I have done so far.
1. openssl genrsa -des3 -out connect.mydomain.com.key 2048
2. openssl req -new -key connect.mydomain.com.key -out connect.mydomain.com.csr
3. Bought an SSL from GoDaddy.
4. Submitted my CSR
5. Downloaded sf_bundle.crt (CA File I presume)
6. Downloaded connect.mydomain.com.crt
Now I can do the following: [root@server tls]# openssl verify -CAfile sf_bundle.crt connect.mydomain.com.crt
connect.mydomain.com.crt: OK This is specifying the CAfile.
[Code]...
Fedora Security :: How To Add An Existing Certificate
Apr 14, 2011How can I add an existing certificate (pem format) as trusted in Fedora via the command line?Do I have to copy the files to a certain keystore? Where does Fedora store the trusted certificates
View 2 Replies View RelatedFedora Security :: Sshd With Both Certificate AND Password After Each Other?
Mar 9, 2011I want to enable sshd from Internet, but I want to secure it as much as possible.Therefore, despite the fact that the service will run on a tcp port above 2000 to prevent most scans, I would like to :- First, force the use of a client certificate, to avoid brute force attack on my users/passwords- second force the use of a username/password to avoid someone having access to my system just by stealing my key..When I look at the configuration, it's possible to enable both, but one of them is sufficient to login, but I can't find how to make them both mandatory...
View 2 Replies View RelatedGeneral :: Use A Client Certificate With Uzbl?
Jan 5, 2011Simple task: I'd like to use uzbl, but I need to visit a couple of sites with client certificates. Chrome uses my local cert storage, I suppose uzbl can do that too. But how?
View 1 Replies View RelatedGeneral :: When Try Https Get Certificate Error?
Jul 13, 2010I am using the curl version 7.21.0. When I try the curl command from command like, things works fine for the http sites. But when I try https I get certificate error. I have source compiled curl with latest OpenSSL. I have also tried downloading the latest certificate bundle. With the same version of curl, same version of openssl with same certificate file I can get it work on the linux. But in the QNX OS I get this error.
./curl --cacert /mnt/temp/curl-ca-bundle.crt -v https://www.paypal.com
* About to connect() to proxy 172.16.2.17 port 8080 (#0)
* Trying 172.16.2.17... connected
[code]...
General :: Apache With SSL Does Not Load 2nd Certificate
Jun 17, 2010I am running Apache 2.2.13 with SSL and SNI enabled. This is what the virtual host portions looks like:
<VirtualHost *:443>
ServerAdmin support@itherd.com
DocumentRoot /srv/www/apps/login.itherd.com/
ServerName login.itherd.com
ErrorLog /var/log/apache2/login.itherd.com-error_log
SSLEngine on
SSLCertificateFile /etc/apache2/ssl.crt/login.itherd.com.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/login.itherd.com.key
<Directory "srv/www/apps/login.itherd.com/">
AllowOverride None Options ExecCGI
AddHandler cgi-script cgi pl
Order allow,deny Allow from all
</Directory> </VirtualHost>
<VirtualHost *:443>
ServerAdmin support@clubherd.com
DocumentRoot /srv/www/apps/app.clubherd.com/
ServerName app.clubherd.com
ErrorLog /var/log/apache2/club.clubherd.com-error_log
SSLEngine on
SSLCertificateFile /etc/apache2/ssl.crt/app.clubherd.com.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/app.clubherd.com.key
<Directory "srv/www/apps/app.clubherd.com/">
AllowOverride None Options ExecCGI
AddHandler cgi-script cgi pl
Order allow,deny Allow from all
</Directory> </VirtualHost>
When I start Apache it ask me for the pass phrase for the second host (both hosts have one). When I browse to first host it have recognized the loaded its certificate. When I go to the second server I get am untrusted message because it is using the first certificate. I have found and followed the directions of several web posts: [URLs]
Fedora :: YUM Freezes With Error - Peer Certificate Invalid
Sep 17, 2010My organization just moved to using a zscaler proxy system. Basically, I have to use a .pac file in Firefox to get onto the proxy, which directs me to a series of two Flash pages, one to input my username, one for the password. After reading through the .pac file, I was able to get some command-line things to work by specifying the proxy given at the end. However, this server uses an SSL certificate that is not emitted by an authority, but rather directly by our organization. In Firefox, I had to import this certificate to enable https:// browsing.
Is there any way to "import" this certificate so that yum can use it? Because yum freezes with the error:
Code:
Could not get metalink [URL] error was
14: Peer cert cannot be verified or peer cert invalid
General :: Creating Virtual Serial Port In Fedora?
Mar 9, 2011I want to create a virtual serial port in Fedora. I'm using Java code to communicate over a serial port. I want to test this code with out any serial devices connected.
View 1 Replies View RelatedGeneral :: Get Certificate For Web Server And Cluster Nodes?
Mar 10, 2010I have two Web server (RHEL 5.3) as cluster. i want to get a certificate for website. do i need to get two certificates for a website?
View 2 Replies View RelatedGeneral :: The Certificate For Host Will Expire In 4 Days?
Dec 15, 2010I am getting below message daily in RHEL 5.5 for certificate renewal. Can someone help the way of renewaling this
######################################################
On Wed, 15 Dec 2010 13:11:04 +0800, Root <root@miniserver.net> wrote:
> ################# SSL Certificate Warning ################
[code]....
General :: Could Not Verify This Certificate For Unknown Reason
Jul 7, 2011I am testing about using SSL Certificate in apache web server using Ubantu 10.04.2 (64 bit edition). And I insert SSLcertificate and private.key file into "default-ssl" file in "sites-available" folder. But when I call the website, SSL certificate show "Could not verify this certificate for unknown reason".
Configuration in "default-ssl" is shown below
SSLCertificateFile /etc/apache2/ssl/mysite_com.cer
SSLCertificateKeyFile /etc/apache2/ssl/privatekey.key
SSLCACertificateFile /etc/apache2/ssl/SCAONE.cer
SSLCACertificateFile /etc/apache2/ssl/ROOTCA.cer
Red Hat / Fedora :: Installed A Citrix Client But To Get It To Function Need To Copy A Certificate?
Jul 30, 2010I have installed a Citrix Client but to get it to function I need to copy a Certificate to /usr/lib/ICAClient/keystore/cacerts but my problem is I do not have a clue on how to find /usr/lib/ICAClient/keystore/cacerts
View 1 Replies View RelatedSecurity :: How To Renew Existing SSL Certificate Using By Genkey In Fedora Core 7
Jan 4, 2010I am trying to renew the existing SSL certificate by using genkey for our shopping website. i havent seen any information how to generate a new certificate for. Is any one could tell me how to change SSL certificates?
View 4 Replies View RelatedGeneral :: Started To Prepare RHCSA Certificate From RedHat?
Apr 18, 2011I started to prepare myself to RHCSA certificate from RedHat. In order to get this cert I have to pass exam EX200.THe best way to prepare would be to take part in courses RH124 and RH135 but I don't have cash for this and that's why I decided to prepare by myself.I downloaded ebook and have some experience in linux administration :McGraw.Hill.RHCE.Red.Hat.Certified.Engineer.Linux.Study.Guide.Exam.RH302.5th.Edition.Jun.2007Do you think that's enough to pass this EX200 exam ?Maybe someone have torrents to RH124 and RH135 courses ?
View 8 Replies View RelatedGeneral :: Open SSL Installed - Certificate Generation Fails
Jun 25, 2010I have a problem related with certificate generation. I had successfully installed openssl. After that I do these.
[root@localhost openssl-1.0.0a]# cd /usr/local/ssl/misc
[root@localhost misc]# ./CA.sh -newca
CA certificate filename (or enter to create)
Making CA certificate ...
Generating a 1024 bit RSA private key
.........++++++
..........++++++
writing new private key to './demoCA/private/./cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank. For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [GB]:IN
State or Province Name (full name) [Berkshire]:KERALA
Locality Name (eg, city) [Newbury]:KOCHI
Organization Name (eg, company) [My Company Ltd]:squad
Organizational Unit Name (eg, section) []:SUPPORT
Common Name (eg, your name or your server's hostname) []:localhost
Email Address []:jk.r@squadinfotech.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:mahhghh
An optional company name []:mca
Using configuration from /etc/pki/tls/openssl.cnf
Enter pass phrase for ./demoCA/private/./cakey.pem:
I am unable to access the ../../CA/newcerts directory
../../CA/newcerts: No such file or directory
Distro:Centos 5.3 kernel 2.6.18
General :: Apache And Certificates / Unable To Load Certificate 31352:error:0906D06C:PEM Routines:PEM_read_bio?
Sep 29, 2009I used the Center for Internet Security Benchmark for Apache Web Server v2.1 (January 2008) manual.
This is the guidelines I have to follow when installing and configuring Apache...So the problem arises when we get to page:28
Just after running this command: openssl x509 -in url | more
We get this error:unable to load certificate 31352:error:0906D06C:PEM routines:PEM_read_bio:no start lineem_lib.c:650:Expecting: TRUSTED CERTIFICATE
General :: CRL File Error : PEM Routines:PEM_read_bio:no Start Line:pem_lib - Unable To Configure X.509 Storage For Certificate
Sep 10, 2010I am configuring my Apache Server to enable checking CA Revocation List, and my Configuration lists as following :
Code:
SSLCARevocationFile /etc/httpd/confi.d/ssl.crt/CRL1.crl
But the server can not start, and the log says:
Code:
Unable to configure X.509 Storage for certificate
If I try this command to view content of my CRL file :
Code:
openssl crl -text -in CRL1.crl -noout
the console shows :
Code:
error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib:647:Expecting: X509 CRL
I think there is something wrong with my CRL file, such as the file format.Is there any requirement to the CRL file? What can I do to enable this CRL file checking?
Fedora :: Openvpn Certificate \ Installed Openvpn And Config It For A Tunnel?
Aug 9, 2010i have installed openvpn and config it for a tunnel. my server.conf and client,conf is as follow:
server.conf
port 1194
proto udp
[code]...
Fedora :: Creating Custom Fedora Install/Live Media
Oct 17, 2009I've recent begun to want to create a spin of Fedora for my high school to offer as an alternative to Mac OS X and Windows. My first attempt with any distro was to try and use Suse Studio, however nothing with packages that I downloaded myself would successfully compile. I then thought that I might try and use some sort of local program do create it with and tried Revisor, however when I made Live Media, Xorg wouldn't start and when I made DVD Install Media the kernel would kernel panic every time on boot.
Is there anyway to solve the problem with Revisor or are there any alternatives?
I have also tried using Ubuntu with the Ubuntu Customization Kit however that didn't work either considering I have to have it in a virtual machine.
Fedora :: Failure Of Creating Shared Memory In Fedora 8
Nov 19, 2009I am using Fedora 8 in my PC and i'm trying to create a shared memory (below is the sample program) i'm getting error while creating shared memory. Can anyone pl tell what is the possible cause for this.
View 2 Replies View RelatedRed Hat / Fedora :: Creating A Fedora CD From An Existing System
Apr 6, 2009I want to find out how to create a Fedora installation CD from an existing Fedora System. I cant find my CDs and I want to set up another system. What commands do i use or how do I go about it.
View 1 Replies View RelatedFedora :: Creating DSL Live-USB In 14
Feb 27, 2011I'm wanting to make a DSL live boot to run on an ancient laptop. I can't find a live USB creator that will do this for me in Fedora.
View 2 Replies View Related