Security :: PKI Certificates And Web Browsers / File That Is Being Imported Into The Browser?
Dec 29, 2010
We have a web server running apache and a custom web app that we log into from a web browser and it ask you to except the certificate and all is well. I now have an user who is using a window server 2008 and he wants to manually import the *.cer file into his browser to be able to login. My question are:
1 - What is the file that is being imported into the browser? *.pem *.crt
2 - I see on our server that we have our certs I believe located in the /etc/pki/tls/certs. The openRADIUS servers that I have created, this is the directory to where it is stored.Is this the typical placement for certs.
3 -If the files is a .cert or *.pem than could I use openssl to convert them to the appropiate *.cer file for IE7
View 2 Replies
ADVERTISEMENT
Aug 24, 2010
I run a web server on Fedora 12, principally using Apache, MySQL, and PHP. I host a variety of sites, one of which is a family website that contains semi-sensitive personal data for several hundred extended family members, who all have access to the database-driven site.
Until now, I have been using a self-signed SSL certificate to encrypt the data as it is read and written back and forth from my database. Family members have simply had to put up with clicking past certificate warnings as they enter the site, as most browsers flag self-signed certificates as bad. It hasn't really been that much of a bother, but I'd love to do it more professionally. I have looked into buying SSL certificates, but it's a site I host for free and would rather find a cheap or free alternative if possible.
So I'm just fishing for ideas to work with. What are some alternatives to using SSL certificates for moderately strong website encryption? So far, I run only one host on the domain, but may eventually need encryption that would support multiple hosts. Or does anybody know a way to make self-signed certificates work on most popular browsers without being flagged as suspicious?
View 7 Replies
View Related
May 16, 2011
How can I add self-signed certificates to e.g: Google Chrome under Linux (from the command line)?
View 1 Replies
View Related
Mar 3, 2011
i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
View 2 Replies
View Related
Sep 21, 2010
I am trying to use apparmor to restrict my file browser, which is Thunar to only let me view the files that are in the home directory and also removable media.I tried following the apparmor sticky with no success.I created the profile and tried editing it and it either started and let me do pretty much everything or did not start at all. Would it be possible for someone to help me step by step to set up a profile for thunar that would only show the home directory and removable media.
View 2 Replies
View Related
Feb 12, 2010
One of my user wants to be able to upload file via browser to the server. For that, i need to grant apache read and write access to a folder. How much secure is allowing apache to grant complete read and write access to a folder ?
View 2 Replies
View Related
Mar 27, 2009
I am real tired of getting those SSL errors when I go to my intranet. So I am now trying to generate my own SSL certs (go me). I have easy-rsa installed for my openvpn can I use that so sign the csr?
View 2 Replies
View Related
May 10, 2011
Is there a guide somewhere that covers all the security module topics for Linux, somewhat from top to bottom. Such as LDAP TLS RSA secure auth... generating certs etc etc. All of it and how it all ties together. Sure I can find you should use this etc., or guides that don't explain much or how they work together to complete the sweet. TLD seems to suffer from the same thing that I just stated...
View 1 Replies
View Related
Jan 10, 2010
Why is that certificates need to be revoked with openvpn?I simply removed them from the keys folder but everytime the client connects it just places the certificates back into the keys folder itself?! Should that be possible?
Secondly, I have a problems etting the revoke command.Is there a known setting on the openssl.cnf file that might cause this?
[root@server]# source ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys
[root@server]# ./revoke-full client2
Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf
error on line 282 of config file '/etc/openvpn/easy-rsa/2.0/openssl.cnf'
21368:error:0E065068:configuration file routines:STR_COPY:variable has no value:conf_def.c:629:line 282
code....
View 1 Replies
View Related
Jan 6, 2011
I have installed Ionix vCM onto a Red Hat Linux box. It correctly communicates with the collection server if I use the Ionix certificate. However, if I use a self-generate certificate, communication fails.
(1) How do I determine which PKI certificates are resident on the Red Hat box?
(2) How do I manually install a PKI certificate?
View 2 Replies
View Related
Jan 17, 2009
i am using red hat5 n i want to create X.509 certificates for ipsec vpn help me in creating certificates, not able 2 create certificates guide me ehere is the location for certificates.
View 1 Replies
View Related
Jul 22, 2011
I would like to do 2 things in kmail.
1- I would like to sign and not encrypt the mail that I sent. How do I do that?
2- How do I import my digital certificate in kmail?
View 1 Replies
View Related
Dec 25, 2010
My desktop 10.10 is unable to access SOME https websites from all installed browsers (Firefox, Chrome and Opera). In firefox I get the error message "Firefox can't establish a connection to the server at www.[nameofsite.com]" One suggestion that I encountered was that the Root Certificates were outdated and/or corrupted and needed to be reset.
A Google search came with the suggestion:
Fix the root certificates on your system. Open Your browser and navigate to the following URL. Once at the web page follow the directions to reset your root certificates. [URL]
Unfortunately this website is one of the problem connections. Another PC with a fresh installation of 10.10 does not display these problems.
View 1 Replies
View Related
Feb 20, 2011
Which are the default trusted root certificates in Java 1.4? How can a 4096bit certificate be installed in Java 1.4? (as it seems to produce an error).
View 2 Replies
View Related
Dec 16, 2015
In the Release Notes for Jessie, it is stated that webkit browsers do not receive security updates in a timely manner and so are not secure. It is recommended that one uses a gecko-based browser or Chromium for 'general' web browsing. Yet I haven't read anything about this elsewhere and I'm guessing a lot of people don't read the Release Notes, so perhaps it's only something I would only need to worry about if I worked for MI6?
Anyway, Chromium and Iceweasel are becoming far too sluggish for my computer. I would want to experiment with Konqueror, Midori, Epiphany and Opera, but don't want to do anything insecure. I'm of the understanding that without Mandatory Access Control, exploits in applications often allow attackers to access all of the user's files; I want to avoid that.
On the Opera page on Debian Wiki, it says 'Opera is a non-free (proprietary) software. It isn't supported by Debian. It's probably wiser to use a supported web browser ! '.
View 8 Replies
View Related
Apr 18, 2011
Which is the default file browser(NOT web browser) of Ubuntu 10.10 Maverick Meerkat?Nautilus?Are there any others for Ubuntu?
View 7 Replies
View Related
Mar 24, 2010
I am fairly clueless when it comes to open vpn configuration file. Though I should have some understanding to execute the fix if it is available.
I have a ovpn file that is created by my organization (so theoretically there should be nothing wrong with it) containing not only the typical connection information, but also my CA key, certerficate/Public and certificate/Private key. I was able to locate these keys using the standard text editors.
When I follow the procedure to import (Right click on Internet Icon --> Edit Connection --> VPN Tab --> Import) none of my keys were imported (perhaps the import is not complete). I think because of the import failure I was not able to click ok and create the connection.
Is there a method to get around this and get it working? I have been looking for existing solution online but I was not able to find any similar cases with mine.
View 1 Replies
View Related
Feb 15, 2011
I am installing some SSL certificates on my web server, however I have a couple questions, as I'm not familiar with this process
1) I'm not sure which directory to put them in? What is good practice? Is /var/www/secure a good location so long as I restrict access to the secure directory?
2) I am told to edit the following in my ssl.conf file of apache2
SSLCertificateFile
SSLCertificateKeyFile
SSLCertificateChainFile
However, I cannot find this file, ssl.conf. Nor can I find the above directives in my main apache2.conf file. Where is the ssl.conf file? Or alternatively, could I just add the above directives to my apache2.conf file?
View 2 Replies
View Related
Aug 16, 2011
How can I allow multiple SSL certificates in the default-ssl file in /etc/apache2/sites-available/ folder? I tried
Code:
NameVirtualHost *:443
And
Code:
<VirtualHost *:443>
but I get the error
[Code]...
View 2 Replies
View Related
May 24, 2011
I've seen it every where with zero resolutions, I have extremely high ram usage with nautilus .
[code]...
Just opening folders with lots of directories takes forever. I would have assumed it all as normal but I just build a windows 7 machine and have it on the same network. Windows 7 SMB scan of the same shares is virtually instant where as my Fedora machine creeps along. Also it never give back the ram used. It ramps up and up, leak? Almost the same hardware. Both with tons of ram. Nautilus previews are all turned off but still same slowness. Network speeds are the same. Both on gigabit with about the same download speeds. Is there ever going to be a revamp/change/fix or do I need to start looking for other file browsers?
View 4 Replies
View Related
Dec 1, 2010
First off, this is not my laptopit is a friends that i installed ubuntu onthey asked me to try and fix their problem.PROBLEM: basically the desktop is locked. if it is any way to browse the files, it doesnt workyou double click a file on the desktop, you cant open folders. you cant open folders/locations through any menu.its like the desktop is an image of your desktop and the icons are hidden. but this is not how it is. the very first time you click on an icon, it highlights but nothing else. it wont unhighlight either.
View 2 Replies
View Related
Jan 12, 2010
im using firefox 3.5.7 with ubuntu 9.10 but firefox since 3.5.6 and 3.5.7 keeps crashing a lot-just now it crashed my entire system-the whole screen went black. So to that end is use of opera or chrome secure for ubuntu?
View 9 Replies
View Related
Apr 11, 2010
how to cross-reference it but searching on 'Could not initialize the browser's security component' will find it. Then look at the last 3 entries. Me and two other users have been unable to use Thunderbird since yesterday's update.
View 2 Replies
View Related
Mar 1, 2011
Ok i think Tor has some way of making the dns queries anonymous by default. I did the DNS nameserver spoofablity test here at [URL] and the results i got showed about 30 different dns servers. Normally when i carry out this test on my standard isp connection or the vpn i use i just get one dns servers settings consistently.
View 1 Replies
View Related
Oct 23, 2010
The cryptographic underpinnings of the Internet, as presently constituted, are messy, chaotic and rather randomly constructed. And that infrastructure is not only ripe for a variety of attacks, but is not easily fixable, a group of experts said Friday. At a forum on browser security sponsored by a Washington policy think tank, a group of technologists and policy experts from industry and government outlined the serious architectural and implementation problems with SSL, the certificate authority infrastructure and the way that browsers handle certificates. It was not a pretty picture. The problems extend from the way that CAs issue certificates to how certificates are handled by the major browsers to the way that attackers are able to take advantage of the weaknesses throughout the system.
View 1 Replies
View Related
Jan 18, 2011
Online, I see many security alerts firefox but none related to Opera or other browsers. Is Opera more secure than Firefox?
View 3 Replies
View Related
Oct 28, 2010
Is there any gedit plugin, which expands folders of file browser side pane and shows currently editing file, while user switches between tabs?
View 1 Replies
View Related
May 27, 2011
I'm using rhel6. Using File Browser Nautilus 2.28.4 I could easily locate any file I'm interested in by it name. I'd like to use this File Browser to locate the file name based on it content e.g. based on some word in the text file. It doesn't work for me that way ... My question: does Nautilus support the search of file based on it content or only based on the name of the file itself?
View 4 Replies
View Related
Aug 4, 2010
I recently made the switch from windows and mac system to fedora 13 64 bit kde, which has been a challenging 6 months, not having a IT background. Anyway, overall now that I am getting the hang of it I really like fedora 13 kde, nice job guys. I have one final obstacle remaining that I have not been able to figure out. I have the necessary rpms for video and sound. I am able to successfully copy video from DVD's and play them from hard drive without issue using VLC. However, when I try to import avi files from my camera's sd memory card, the videos always end up "corrupted" and when repaired do not play sound. Again, I can play AVI's from dvd's fine. Interestingly, I can take the same files from my fedora box and copy them onto a usb stick and transfer them into my mac and they play fine.
I suspect there is a codec issue possibly with VLC, but not sure. I also tried on the default player, but cannot remember the name of that right now and my wife is presently watching her Mary Kay dvd on it as it is hooked up to our TV . My video codec knowledge is pretty basic. Can someone point me in the right direction of what the problem might actually be, another post, something?
View 5 Replies
View Related
Jan 10, 2010
Browser can't find server at att.yahoo.com so no internet. My folding at home client with Stanford can't download {an upload went ok}. I have 2 other fedora boxes & 3 windows boxes thru the same router and they are all fine.
I can manually ping Stanford ok,
Add/remove software within fed. works ok.
I can type in 192.168.0.1 & get the page for my router
The only thing I did between working & not working was to install
Nvidia Cuda driver for my GTX275
My guess is something in the firewall got tweaked. but I've compared it to 2 working boxes & nothing jumps out at me.
View 5 Replies
View Related