Questions tagged [certificates]
A public-key certificate states that a specific public key belongs to a specific identity. Use this tag for all questions on certificates and authentication of public keys (not public-key authentication, which is authentication _using_ public-keys). If certificates are not a central issue in your question, then don't use this tag.
397 questions
0
votes
0
answers
55
views
Why is GPG creating keys in the future?
I'm trying to sign a LibreOffice document blah blah... So, I created a key and signed my document, but when I reload it, LO insists that the "certificate is not yet valid", and apparently ...
- 209
0
votes
0
answers
47
views
openssl in out my box has difference results
I run dovecot and Postfix and lets encrypt.
When I ssh into my postfix and run openssl for check mail such as:
openssl s_client -crlf -connect mail.pahlevanzadeh.org:995
CONNECTED(00000003)
depth=2 ...
- 11.3k
0
votes
0
answers
261
views
RHEL 9 VM Exported from Internal Network Cannot Verify SSL Certificates for Updates
RHEL 9 VM Exported from Internal Network Cannot Verify SSL Certificates for Updates
I'm running into a major issue with a Red Hat Enterprise Linux 9 VM that was originally exported from my company's ...
- 1
-1
votes
1
answer
128
views
How to setup certificate for duckdns
Running
user@nextcloudpi:/$ `sudo certbot -d downwind.duckdns.org --manual --preferred-challenges dns certonly~`
returned:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -...
- 1,532
3
votes
1
answer
225
views
openssl - problem using an intermediate CA
I am trying to understand how to sign stuff using an intermediate CA certificate. I have developed a rather simple example (using https://gist.github.com/jadbaz/9350f4df4e4ef4c5d256889aa3d5a5ed as the ...
- 775
0
votes
0
answers
175
views
Which command can I use to install a certificate to certificate store?
I want to install a client certificate to the Ubuntu's certificate store, so that the user can login using the client certificate from browser (rather than with a username and password).
I am writing ...
Anish Sheela
0
votes
0
answers
50
views
Solaris 10 elfsign: how to create a correct certificate to sign a binary?
On Solaris11 is possible to use certificates made with openssl, on Solaris 10 is different
elfsign sign -c solaris10.crt -k solaris10.key -e libeel-2.so
exit with error and state of exit is 4 (...
- 14.2k
1
vote
0
answers
134
views
SSL certa sha changed, but Chrome still uses old one
I was forced to change ssl certificate for one from my domains. So, cert changed, sha256 changed. Old cert was not expired yet, but it's now replaced with new one.
But, it looks like Chrome does not ...
- 111
0
votes
0
answers
223
views
iwd 802.1X EAP-TLS + personal certificates
In iwd, I am setting up an 802.1X EAP-TLS connection, configured in /var/lib/iwd, as described in iwd.network(5). According to this answer, the certificates must also go into the /var/lib/iwd ...
- 111
4
votes
2
answers
2k
views
Where are the intermediate CA certificates?
In the folder /etc/ssl/certs/ i can well see:
Symbolic links to the certificates stored at /usr/share/ca-certificates/
The BUNDLE file ca-certificates.crt which contains all certificates in PEM ...
- 163
1
vote
1
answer
159
views
Receiving the automatic offer of a WPA2-Enterprise certificate on ANY Linux distro
On iOS, Windows, and MacOS, when you attempt to connect to a WPA2-Enterpise network, after you enter your credentials, it offers you the certificate, to install.
The same doesn't apply for any Linux ...
0
votes
0
answers
138
views
No cerificate is in /etc/ssl/certs
I am working on an embedded Linux system (kernel-5.18.18) for an SOC platform.
The system has openssl compiled, and there is an application connecting to cloud server. But the application failed to ...
- 651
0
votes
1
answer
85
views
Why is apache ignoring my certbot cert and sending the domain request to a different cert?
I believe the two issues I'm having are related, but don't know where to begin. The first issue is that when a specific domain that resolves to my server is requested, its conf file in sites-enabled ...
- 101
1
vote
1
answer
820
views
Debian ca-certificates package contains expired trust certificates
Today on Debian GNU/Linux 12 (bookworm) install ca-certificates package and checked the /etc/ssl/certs directory .pem files, noticed some of the certificate expired.
These certificates expired in 2023,...
- 340
0
votes
0
answers
47
views
configure "vsftpd" for certificate revocation
Is there a way to provide vsftpd with CRL?
The man page does not seem to have any option for the same and neither googling helped.
Appreciate response.
- 281