ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. Tags
    3. certificates
    Log in to post
    • All categories
    • WrCombsW

      Certificate Authorization Error

      Watching Ignoring Scheduled Pinned Locked Moved Unsolved IT Discussion wrcombs certificates chrome website
      6
      0 Votes
      6 Posts
      738 Views
      DashrenderD

      @wrcombs said in Certificate Authorization Error:

      @jaredbusch said in Certificate Authorization Error:

      @wrcombs said in Certificate Authorization Error:

      Any ideas?

      Also, update windows and Chrome.

      Did windows updates this morning and chrome is up to date..

      You just want to make sure Windows and Chrome have the latest CA root certs in their stores... that's why he's recommending doing that.

    • 1

      Validation when renewing let's encrypt?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion lets encrypt certbot certificates
      3
      0 Votes
      3 Posts
      493 Views
      1

      @JaredBusch said in Validation when renewing let's encrypt?:

      @Pete-S said in Validation when renewing let's encrypt?:

      When LE certs are renewed are they using the same type of validation again as when they are created?

      (We're using certbot)

      They should, yes.

      OK, thanks.

    • wrx7mW

      Android WiFi and RADIUS - CA Certificate Warning?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion radius wifi 802.11 peap mschap certificates android
      3
      0 Votes
      3 Posts
      3k Views
      wrx7mW

      @dbeato - Thanks. Maybe it didn't used to be in red.

    • JaredBuschJ

      Need a cert for digitally signing documents

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion certificates certificate authority document signing
      9
      4 Votes
      9 Posts
      1k Views
      JaredBuschJ

      Thanks for your suggestions. Taking the results to my client.

    • Emad RE

      Nginx Certificate Authentication issue

      Watching Ignoring Scheduled Pinned Locked Moved Solved IT Discussion nginx certificates authentication
      13
      0 Votes
      13 Posts
      4k Views
      Emad RE

      @jaredbusch said in Nginx Certificate Authentication issue:

      @emad-r said in Nginx Certificate Authentication issue:

      @jaredbusch said in Nginx Certificate Authentication issue:

      ls -laZ /etc/pki/nginx/ca.crt

      -rw-r--r-- root root ?

      i specified -laZ intentionally to show the SELinux context also.

      I don't have your directory setup, but this is what my /etc/pki/tls/certs looks like

      drwxr-xr-x. root root system_u:object_r:cert_t:s0 . drwxr-xr-x. root root system_u:object_r:cert_t:s0 .. lrwxrwxrwx. root root system_u:object_r:cert_t:s0 ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem lrwxrwxrwx. root root system_u:object_r:cert_t:s0 ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt -rw-r--r--. root root unconfined_u:object_r:cert_t:s0 dhparam.pem -rwxr-xr-x. root root system_u:object_r:bin_t:s0 make-dummy-cert -rw-r--r--. root root system_u:object_r:cert_t:s0 Makefile -rwxr-xr-x. root root system_u:object_r:cert_t:s0 renew-dummy-cert

      Thanks this pointed me in the right direction, a useful guide coming soon

    • EddieJenningsE

      OpenSSL CSR with Subject Alternative Name

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion openssl how-to san subject alternative name csr pki certificates ssl tls
      5
      1 Votes
      5 Posts
      3k Views
      EddieJenningsE

      @JaredBusch said in OpenSSL CSR with Subject Alternative Name:

      @EddieJennings said in OpenSSL CSR with Subject Alternative Name:

      @JaredBusch Correct. The "ye olde way" is how I've typically made a CSR and private key. The link I included talks about making a configuration file, which allows you to include SAN in your CSR.

      Ah, did not read the link. Yes, using a config file is the only method to get any SAN on a cert with OpenSSL.

      And after re-reading my post, I realized how terrible it was :(. I was hoping to find a one liner kind of thing, but alas. That particular article made it clear how to do it.

    • Mike DavisM

      AD CS hosed - anyone have any experience?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion microsoft active directory certificates
      8
      1 Votes
      8 Posts
      1k Views
      scottalanmillerS

      @Mike-Davis said in AD CS hosed - anyone have any experience?:

      @scottalanmiller said in AD CS hosed - anyone have any experience?:

      So the SBS is the one and only AD in this case?

      Sorry, I think we're interpreting the word cluster differently here. When I read that I though you were talking about Microsoft Cluster Server - which is a different technology than multiple domain controllers. He had three domain controllers.

      In that case, how do you recover from something like this? Since the FSMO roles are on a 2003 server, do you start running through the various esentutl.exe commands?

      Right, I'm talking about an AD application cluster (the set of domain controllers for one domain.) SBS has to be the root controller in order to work. And if you have a cluster (this isn't AD specific but is a general thing about clustering) you can't do restores. If you restore a cluster node like this, you corrupt the entire cluster in many cases, if you are lucky just one node. AD DCs form a database cluster under the hood, which is how they handle failovers, but that means that you have to protect them like a normal database cluster and let them resync from a rebuild, never do a restore.

      https://community.spiceworks.com/topic/1988106-ad-logins-dont-work-after-baremetal-restored-windows-2008-dc

      Yes, you'll likely need to seize roles on one of the 2012 R2 machines and just retire the SBS 2003 machine.

    • scottalanmillerS

      Logical IT Certification Progression

      Watching Ignoring Scheduled Pinned Locked Moved IT Careers it careers certification education certificates network+ security+ comptia server+ a+
      90
      2 Votes
      90 Posts
      19k Views
      scottalanmillerS

      @IRJ said in Logical IT Certification Progression:

      @Dashrender said in Logical IT Certification Progression:

      @scottalanmiller said in Logical IT Certification Progression:

      @Dashrender said in Logical IT Certification Progression:

      @guyinpv said in Logical IT Certification Progression:

      al details. I don't regret buying or reading through any of them. Books on Windows, DOS, printers, networks, repair and troubleshooting techniques, system design and building, etc etc. All of that is good.

      Answer questions posed at an interview.

      Besides, bench techs don't think, according to @scottalanmiller, they work by script - aka, reading a script and doing what it says. Once you have to start making decisions, you're no longer a bench tech, you're in IT.

      Not quite, but that's closer. Bench is about tech, about consumer gear or business stuff that falls into consumer spaces. IT is "Business Information Infrastructure."

      Lots of bench people make decisions. Like if you are building a white box desktop for a gamer, the bench guy will likely make several decisions from CPU to GPU to RAM to case and power supply. It's not a script, but it is not BII, either.

      hey - you're making it grey again 😛

      There isn't nearly as many strictly hardware people anymore these days.

      Not nearly, most are in datacenters now.

    • IRJI

      Help fixing X.509 Certificate Vulnerability

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion certificates x.509 security vulnerability
      1
      1 Votes
      1 Posts
      803 Views
      No one has replied
    • A

      Free S/MIME certificates?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion email security smime certificates
      6
      1 Votes
      6 Posts
      3k Views
      A

      @Jason said:

      @axigen said:

      @Jason said:

      Comodo provides them

      Hi @Jason. Thanks for your note. I do not seem to see how I can get one for free. I am browsing their site and see that in the Free SSL section they only appear to provide 90 days 'free' for SSL certificates, no mention of S/MIME anywhere...

      https://secure.instantssl.com/products/frontpage?area=SecureEmailCertificate&currency=USD&region=North+America&country=US

      Really curious about how you found that 😉 on their website.

    • mlnewsM

      Lets Encrypt Prepared to Release First Certificate in Two Weeks

      Watching Ignoring Scheduled Pinned Locked Moved News zdnet certificates lets encrypt security
      2
      1 Votes
      2 Posts
      1k Views
      stacksofplatesS

      I understand the additional points such as automated validation and the open records, but you can get free SSL certificates through StartSSL. The companies who don't want to pay for an SSL certificate (or do the research to find a free one) are most likely using shared hosting or some kind of managed hosting that costs extra to enable the SSL certificate anyway. So if they aren't going to pay the money for the cert, I can't see them paying extra per month to enable the free cert on their hosting.

    • mlnewsM

      FireFox 37 Pushes New SSL and TLS Security

      Watching Ignoring Scheduled Pinned Locked Moved News security firefox mozilla ssl tls certificates
      1
      2 Votes
      1 Posts
      1k Views
      No one has replied
    • 1 / 1