General :: Add Self-signed Certificates To Different Browsers?
May 16, 2011How can I add self-signed certificates to e.g: Google Chrome under Linux (from the command line)?
View 1 Replies
ADVERTISEMENT
Server :: Alternative To SSL Certificates / Make Self-signed Certificates Work On Most Popular Browsers Without Being Flagged?
Aug 24, 2010I run a web server on Fedora 12, principally using Apache, MySQL, and PHP. I host a variety of sites, one of which is a family website that contains semi-sensitive personal data for several hundred extended family members, who all have access to the database-driven site.
Until now, I have been using a self-signed SSL certificate to encrypt the data as it is read and written back and forth from my database. Family members have simply had to put up with clicking past certificate warnings as they enter the site, as most browsers flag self-signed certificates as bad. It hasn't really been that much of a bother, but I'd love to do it more professionally. I have looked into buying SSL certificates, but it's a site I host for free and would rather find a cheap or free alternative if possible.
So I'm just fishing for ideas to work with. What are some alternatives to using SSL certificates for moderately strong website encryption? So far, I run only one host on the domain, but may eventually need encryption that would support multiple hosts. Or does anybody know a way to make self-signed certificates work on most popular browsers without being flagged as suspicious?
Server :: Can SSL Certificates Be The Same / When Attempting To Use Usermin Or Retrieving Mail Getting That Warning That This Site's Certificate Is Self Signed?
Feb 17, 2010I have a Server with Webmin, Usermin and Sendmail using pop3s. I have created a seft signed certificate using webmin. Exported it and imported it to the trusted root certification authorities on my client. This fixes the warning message from internet explorer when attempting making a ssl connection to webmin. When attempting to use usermin or retrieving mail I get that warning that this site's certificate is self signed. I look at the certificate and its not the same as the one I created with webmin. My question is. Is possible to have the same certificate be used by each?
View 6 Replies View RelatedSecurity :: PKI Certificates And Web Browsers / File That Is Being Imported Into The Browser?
Dec 29, 2010We have a web server running apache and a custom web app that we log into from a web browser and it ask you to except the certificate and all is well. I now have an user who is using a window server 2008 and he wants to manually import the *.cer file into his browser to be able to login. My question are:
1 - What is the file that is being imported into the browser? *.pem *.crt
2 - I see on our server that we have our certs I believe located in the /etc/pki/tls/certs. The openRADIUS servers that I have created, this is the directory to where it is stored.Is this the typical placement for certs.
3 -If the files is a .cert or *.pem than could I use openssl to convert them to the appropiate *.cer file for IE7
Ubuntu :: Upload Manually Signed Packages To PPA That Are Showing Up As Not Signed?
Oct 14, 2010am trying to upload packages o a PPA (packages that contain custom "sources.list"s designed to make upgrades or downgrades between Ubuntu releases easier) and, even after going through all that work to manually generate a key and sign them with gpg, dput still rejects them as "not signed".
View 3 Replies View RelatedNetworking :: Genrating X.509 Certificates / Create X.509 Certificates For Ipsec Vpn?
Jan 17, 2009i am using red hat5 n i want to create X.509 certificates for ipsec vpn help me in creating certificates, not able 2 create certificates guide me ehere is the location for certificates.
View 1 Replies View RelatedGeneral :: Apache, Https & Certificates Per Directory?
Nov 23, 2010I was wondering if it is possible to have different certificates for different directories in a https-directory ?So what I want is that for a specificry a specific TLS-certificate is needed by the http-client to be authorized to the directory.Directory /var/www/html/secure/1 needs a certificate A.Directory /var/www/html/secure/2 need a different certificate B.So I have 1 CA, which signs the other certificates of the specific directory. The http-client gets the certificate A or certificate B (to be authenticated for secure/1 of secure/2)
View 5 Replies View RelatedGeneral :: Using Plesk On Centos 5.x Server And Installation Of Ssl Certificates
Sep 17, 2010i have a quick question about using plesk on centos 5.x server and installation of ssl certificates. if anyone out there has expertise with above,
View 1 Replies View RelatedGeneral :: Installating SSL Certificates / Add Directives To Apache2.conf File?
Feb 15, 2011I am installing some SSL certificates on my web server, however I have a couple questions, as I'm not familiar with this process
1) I'm not sure which directory to put them in? What is good practice? Is /var/www/secure a good location so long as I restrict access to the secure directory?
2) I am told to edit the following in my ssl.conf file of apache2
SSLCertificateFile
SSLCertificateKeyFile
SSLCertificateChainFile
However, I cannot find this file, ssl.conf. Nor can I find the above directives in my main apache2.conf file. Where is the ssl.conf file? Or alternatively, could I just add the above directives to my apache2.conf file?
General :: Apache And Certificates / Unable To Load Certificate 31352:error:0906D06C:PEM Routines:PEM_read_bio?
Sep 29, 2009I used the Center for Internet Security Benchmark for Apache Web Server v2.1 (January 2008) manual.
This is the guidelines I have to follow when installing and configuring Apache...So the problem arises when we get to page:28
Just after running this command: openssl x509 -in url | more
We get this error:unable to load certificate 31352:error:0906D06C:PEM routines:PEM_read_bio:no start lineem_lib.c:650:Expecting: TRUSTED CERTIFICATE
Fedora :: Package Was Not Signed?
Jul 15, 2011I just created an rpm and went to install it on another fc12 vm - it said the package was not signed. I searched on this and one place said to edit the yum.conf file to:
gpgcheck=0
General :: Browsers Are Not Working?
Nov 30, 2010in my system browers rediff works proper,but all other sites facebook gmail yahoo which require username password not work, i can't open mail open account can't open any mail or link in them.this problem with all browers like mozilla,operea,crome. i install unbuntu redhat centos but all of browers have this same problem.
View 1 Replies View RelatedUbuntu Security :: Using Digitally Signed Usb?
Apr 5, 2010Has anyone setup a system to only allow digitall signed (i.e. approved USB disk drives) to be used on a Linux System.
View 1 Replies View RelatedSecurity :: Only Executing Signed Code?
Feb 23, 2011build a Linux environment in which only "signed" processes are allowed to run. When I say signed I don't mean a VeriSign etc. signature like you know it from Windows, but I mean signed by myself. I.e. I choose the software allowed to run, sign it, and then want to deny any other processes to run.If it is somehow possible I'd like to extend this even to scripts and the kernel (i.e. no unsigned modules can be loaded).Does anyone have a good idea how to solve this problem?The bad thing is: I'm pretty fine with coding stuff myself in C, but have absolutely 0 experience or knowledge in kernel (module)-programming.Any tipps, links, literatureOne approach I came up with (just a rough idea at the moment):Linux starts new processes with a fork-and-exec-combination. I therefore wonder if it is possible to change exec() in such a way that it will only execute signed programs
View 5 Replies View RelatedServer :: Generating A Self Signed SSL Certificate?
Jul 22, 2009I have a server which I use for mail:
[URL]
The above is the machines actual FQDN. Now because I also use it as a web server to access my website and webmail, I have a pointer record with my domain registrar to also forward all [URL] to the same IP as [URL]. when I generate a SSL self signed certificate for my server. Do I generate one for [URL] or [URL]?
General :: Bookmark Manager - Use Different Browsers
Aug 25, 2010I am looking for a standalone bookmark management application as I need to use different browsers on occasion and don't want to store my bookmarks on one of the web based services.
Ideally this would be a server client type arrangement that would store my bookmarks on my server which I could connect to through a client, or an ncurses based application, that I can store, tag and sort my bookmarks on.
I am aware of Sitebar which offers their server software, however their plug-in is firefox, IE, and maxthon only at present. In an added complication there seems to be a conflict with one of my other firefox add-ons.
General :: Can All Browsers Have Same Bookmarks / Favorites
Apr 26, 2011Although this questions is not directly related to Linux and is more browser specific. I want to know is there any way that all my browsers have same set of bookmarks/favorites. I currently have 3 browsers that I use (chrome, Mozilla,and IE8) if I add a bookmark to one of my favorites is it possible to access the same bookmark list is some different browser. Is this possible?
View 11 Replies View RelatedGeneral :: Kill All Instances Of Firefox Browsers?
Jun 22, 2011I'm using Ubuntu 11.04. What command can I run that will shut down all Firefox instances?Here's what I get when I scan for processes with "firefox" included in them
Code:
$ ps -elf | grep firefox
0 R selenium 31849 1253 32 80 0 - 186593 - 14:08 ? 00:00:05 /usr/lib/firefox-4.0.1/firefox-bin -profile /tmp/customProfileDir85da96184657425da4ec1b05d75e7523
0 S selenium 31892 31849 0 80 0 - 53633 poll_s 14:08 ? 00:00:00 /usr/lib/firefox-4.0.1/plugin-container /var/lib/flashplugin-installer/npwrapper.libflashplayer.so -omnijar /usr/lib/firefox-4.0.1/omni.jar 31849 true plugin
General :: Page Scrolling Up And Down In Web Browsers Is Awkward?
Dec 14, 2010In the web browsers I know, by pressing the space bar you scroll down one "page", lets call it. To effect the opposite motion, you can press <PageUp> or <Backspace>. But I can't believe there is not a key or key combination nearer the space bar to scroll pages up.In less, you can use the space bar and the b key, and you see how this key has strategically been chosen, as it is close to the space bar. Also, they lie near the bottom of the keyboard, a comfortable spot to place one's fingers.So, is there a pair of keys, one for page scroll up, the other for page scroll down, and such that one is next to the other and at the same time near the bottom of the keyboard in the most used web browsers or in some of its styles?
View 2 Replies View RelatedFedora :: Install Signed Packages Without Root Password?
Nov 19, 2009i just read that in fc12 you can install sighned packages without root password?
View 1 Replies View RelatedSoftware :: Catching Signed And Unsigned Integers In BASH?
Dec 30, 2010Solving issues with signed and unsigned numbers in BASH.For a start, Yes, BASH is type independent � I know that. My problem lays in catching executables output into a BASH variable.My executables are not quite UNIX compatible, where returned values are 0 for OK, >0 ERROR. They return 0 for OK, >0 WARNING (only, so move on) and <0 ERROR (abort) instead.
Code:
// C++ BIN A
int main(){
[code]...
General :: Web Browsers Running Much Slower, Compared With Windows 7, Same PC?
Jan 28, 2010Debian lenny, old install (I've upgraded to lenny when it was just about to become the stable release), versus windows 7, fresh install.Comparing browsers speeds with numion.com/Stopwatch.html, I had results such as:Iceweasel (firefox) on linux: from 9.154 seconds to 21:860 seconds (the same webpage, reloaded)Firefox on windows: 4.32 seconds - and never much slower than thatThe fastest browser on linux was Opera, ranging from 8.562 to 5.503 secs to load the same page, but even internet explorer beat/match it with its timing of about five seconds.
I have not other browsers on windows; on linux there is aroraonqueror (KDE3), kazehakase, chrome, and dillo, besides text browsers. I didn't test on dillo; Kazehakase and chrome were the only ones which had nearly decent results, but still very bad, 11 to 13 seconds for chrome, and 21 for kazehakase. Konqueror just seemed to never finish to load the page, I gave up when it was still loading somethingfter nutes and 5 seconds.'ve emptied the cache every time I would test, and I was running almost only the browsers and not much else. Whatever comes by default on windows, and on linux, I was on openbox, with nothing much going on I guess, I think the most memory consuming processthe time, besides xorg and the browsers themselves, was dictd.
I've researched a little bit about, but not enough to make a list of possible things to change in order to improve the speed on linux. Most of the time there are people just agreeing that on windows the rendering is faster, and other people saying that with them is the opposite, with some minor variations like people saying that linux is faster for plain downloads while windows is faster for web browsing due to better graphics.
(by the way; I haven't installed any graphic card driver on windows, which is still running on 1024x768, while linux runs on 1280x1024, with the "nv" generic driver, without fancy options, not supported by my old card) The closest to a suggestion of possible solutions was someone saying tha compilation may affect performance, I guess it was both about kernel compilation, and the web browsers themselves.I'll google a bit more about how to "compile for speed", both kernels and programs (maybe the x server
OpenSUSE Network :: Nagios Won't Monitor Service With Self Signed Cert
Jan 14, 2011Updating my install of OpenSUSE from 11.0 to 11.3 and notice that the Nagios network monitor can no longer probe servers with self signed certs.It appears to be any monitor that used openssl 1.0.0 has an issue. If I install the openssl 0.9.8 libraries and use old plugins linked against it, they work fine.
View 9 Replies View RelatedFedora :: Error: Package Libobasis3.3-extension-pdf-import-3.3.1-8.x86_64.rpm Is Not Signed
Mar 21, 2011When I tried to install LibreOffice 3.3_64 on my Fedora14_64 I received the following error:
Package libobasis3.3-extension-pdf-import-3.3.1-8.x86_64.rpm is not signed Has anyone run into this? Is there a way to fix this?
Security :: Can't Import A Cert - Signed With OpenSSL- Into A Java Key Store Using Keytool
Feb 11, 2011When I do a "openssl x509 -in server1.pem -issuer -noout" after I've supposedly signed it with the CA, the issuer is, for some reason, the DN string of server1. If server1 generated the CSR, and it is coming up as issued by server1, doesn't that indicate a self signed cert? How could the CA be producing a cert that has an issuer of another server? Am I just completely off base? Sorry, I'm a bit of a newb with the SSL pieces.
I hope this is the right place for this, but I'm having some difficulty using the java keytool and OpenSSL tool on a Solaris system.
I have a server (CA server) with OpenSSL installed that I would like to use as a Certificate Authority. The second server (server1) is a WebLogic server with JDK 1.6.0_21. I'm trying to configure it to use a certificate that has been signed by server1.
For some reason it keeps giving me this error when I try to import the signed SSL certificate: keytool error: java.lang.Exception: Public keys in reply and keystore don't match
Am I doing something wrong in this whole process?
1) Generate the Private Key for the CA server
openssl genrsa -out CA.key -des 2048
2) Generate the CSR on the CA
openssl req -new -key CA.key -out CA.csr
3) Sign the new CSR so that it can be used as the root certificate openssl x509 -extensions v3_ca -trustout -signkey CA.key -days 730 -req -in CA.csr -out CA.pem -extfile /usr/local/ssl/openssl.cnf
4) On server1, create Server Private Key KeyStore keytool -genkey -alias server1 -keysize 2048 -keyalg RSA keystore server1.jks -dname "CN=server1.domain.com,OU=Organization,O=Company,L=City,ST=State,C=US"
5) On server1, create a CSR from the recently created Private Key
keytool -certreq -alias server1 -sigalg SHA1WithRSA -keystore server1.jks -file server1.csr
6) Transfer the CSR over to the CA (server1) so that it can be signed openssl x509 -extensions v3_ca -trustout -signkey CA.key -days 365 -req -in server1.csr -out server1.pem -extfile /usr/local/ssl/openssl.cnf
7) Transfer CA Public Cert to server1 and Import into keytool keytool -import -trustcacerts -alias CA_Public -file CA.pem -keystore server1.jks
8) Import recently signed CSR to app server keystore (This is where I receive the error) keytool -import -trustcacerts -alias server1 -file server1.pem -keystore server1.jks
Debian :: Create Own Self-signed SSL Certificate To Ensure The Basket Area Remains Secure?
Dec 27, 2010Things beyond my control are causing me to rush a bit in getting the website moved. I'm working hard to try and get it done, but something else has come up that SSL Certificate.I know that our website's "basket" area is protected by an SSL certificate to ensure customer information, especially credit info, is secure. With the move to Amazon's service, it looks like I may need to create our own self-signed SSL certificate to ensure the basket area remains secure.
I have found guides that walk through how to make one yourself and configuring apache to allow it, but something else has come to mind. The guides I found don't really indicate where the SSL certificate goes afterwards, and also doesn't suggest which sections should be governed by the certificate (as only the basket section uses it, not anything else). How would I find out that information?
Security :: How To Generate Own SSL Certificates
Mar 27, 2009I am real tired of getting those SSL errors when I go to my intranet. So I am now trying to generate my own SSL certs (go me). I have easy-rsa installed for my openvpn can I use that so sign the csr?
View 2 Replies View RelatedServer :: Database Can't Use SSL Certificates?
Apr 19, 2011I've installed PostgreSQL on Arch Linux & also self generated self signed certificates in /etc/ssl/ directory. My PostgreSQL 'data' directory is /var/lib/postgres/data & I've edited my postgresql.conf file to use SSL however I'm having permission / access problems starting my database using SSL. It can't access the certificates and errors out when I try and start the database engine:
Code:
LOG: autovacuum launcher shutting down
LOG: shutting down
LOG: database system is shut down
FATAL: could not load server certificate file "server.crt": No such file or directory
code....
I don't know what I need to chown or chmod in order to get PostgreSQL to access my self signed certificates.
Debian :: Import Certificates To Whole System
Dec 18, 2010I have enrolled some certificates from my own ca, to use to a couple of different services, like FTP, WEB, Mail etc. All these certificates comes from the same CA (my own), and I have created a root CA. But is it possible to import this root CA to the whole system, so I do not have to import the certificate or root CA to the different applications like iceweasel/firefox, chrome, icedove, filezilla etc.
View 2 Replies View RelatedOpenSUSE :: Konqueror, Localhost And The Certificates
May 17, 2011I have the following problem with konqueror. Eveytime when I am trying to enter https://localhost:10000 (this is webmin) or https://localhost:631, konqueror asks me in a popup the following (translated from german):
"The authentification of the server has failed.The certificate does not suite to the server. The certificate has not been signed by a trustable authentification authority"
Then I press "continue". Then the next popup appears asking me: "Do you want to always accept this certificate without any request" And the possible buttons are "always" or "only this session". The problem is that I always press on "always" but obviously konqueror is not remembering this certificate since I have to press all the buttons a hundred times in the ongoing session and every new session. In firefox, I was only asked once and the certificate was stored in list. Does anyone know how to fix this problem in konqueror??