Highest Voted 'pki' Questions

12

votes

1 answer

What is causing warning on a certificate's basicConstraints?

I created a self signed server certificate using OpenSSL's req -x509 command and a CONF file. The CONF file is shown below. When I examine the certificate using Microsoft certificate viewer, its showing a warning on basicConstraints (notice the…

ssl certificate pki

asked Mar 24 '15 at 22:36

jww

12,722

8

votes

3 answers

Oracle orapki - How to install?

I need the Oracle wallet manager/orapki tools to create wallets, but I'm unable to find an installation for them. I want to install them on Ubuntu (but Windows or any linux would also be possible). Can someone give me a hint how to get orapki on my…

pki

asked Jun 22 '16 at 20:03

user27693

81

7

votes

1 answer

Ubuntu on Windows 10 - Git complaining "Permissions are too open" for my private key

Some background information, I have my bash/vim settings versioned on github that I sync between machines. I have this setup in place and working on a Windows 10 PC. It's relevant to mention that all of this set up lives under %USERPROFILE% (see…

ubuntu windows-10 git pki

asked Mar 24 '17 at 11:28

Mayuresh K

171

6

votes

2 answers

Need a solution to verifying expired digital signatures

I use digital signatures for signing my invoices (required by law for digital invoicing in my country). The problem is, my local authority issues signing certificates that are only valid for a year (pretty much any certificate authority does this).…

digital-signature pki

asked Aug 10 '12 at 12:48

Petr Skocik

1,472

3

votes

2 answers

How can I change the PKI certificate I'm using in Firefox?

I have a dozen or so PKI certificates installed on my computer that I use for testing a web app. They represent the "users" Andy Tester, Billy Tester, Cindy Tester, &c. Fairly frequently, I need to test parts of the app that need multiple users to…

pki

asked Apr 05 '11 at 16:00

Pops

8,623

3

votes

1 answer

P12 Certificate Authentication - what is the correct method

I've been able to successfully set up an IKEv2/IPSec VPN Server using certificate authentication. However, I have a general issue regarding the correct method of creating P12 user certificates. I've been using the following method : ipsec pki --gen…

openssl ipsec pki client-certificate

asked Aug 30 '23 at 08:02

Tom Thorp

61

3

votes

1 answer

OpenWrt: after restoring configuration backup, ssh pubkey authentication fails

After restoring configuration backup using Luci web interface, the ssh public key authentication stopped working: $ ssh root@192.168.1.254 -i ~/.ssh/id_rsa root@192.168.1.254: Permission denied (publickey) Checked the…

openssh openwrt pki

asked Apr 28 '18 at 21:48

drew1kun

2,207

3

votes

1 answer

How to verify indirect CRL?

I'm trying to make an example work with indirect CRL. But when I try to verify it with the openssl verify command, I either get "unable to get certificate CRL" or "Different CRL scope". The question is: Do I use the openssl verify command…

openssl pki

asked Nov 30 '17 at 13:42

mjspier

181

2

votes

1 answer

openssl pkcs12 keeps removing the PEM passphrase from keystore's entry?

OpenSSL 1.0.1e 11 Feb 2013 Generating a self-signed certificate: openssl req -x509 -newkey rsa:1024 -keyout key.pem -out cert.pem -days 365 During the process a PEM passphrase is requested: Enter PEM pass phrase: Verifying - Enter PEM pass…

certificate openssl rsa pki pkcs

asked Nov 28 '13 at 13:36

XXL

1,489

2

votes

1 answer

What does renewing a certificate really mean?

Often one hears about "renewing an SSL certificate" or "renewing an X.509 certificate", but I wonder what this actually means. Usually, step #1 of the renewal process is "generate a new CSR". Doesn't this mean that what is actually happening is that…

certificate pki

asked Jan 28 '13 at 21:50

Mark

311

2

votes

0 answers

How can I allow a user to connect to my OpenVPN by knowing their public key?

Given the public key of a remote user, I would like to run OpenVPN and allow that user to connect to my network. I only need to be connected to one remote machine at a time. The options outlined in the documentation seem to be: Use X.509 PKI,…

openvpn public-key-encryption pki

asked Dec 18 '12 at 02:43

Peeja

3,009

2

votes

2 answers

How can I find my machine's Private\Public Key?

Are they kept in the form of a file? If so, is it accessible for me manually or is it used transparently only whenever there is a PKI handshake (please correct me if I am misusing the terminology)? Thank you!

pki

asked Nov 23 '11 at 14:29

user6004

259

2

votes

2 answers

PKI - certificate impact on TLS protocol

I have been learning about the TLS protocol handshake process. From my understanding the TLS version is decided purely by the clients OS\browser support. And the chosen cipher suite is decided by the server (based on the available suites of the…

tls pki

asked Jun 11 '20 at 08:33

GKman

123

2

votes

0 answers

What is the best way to set up an OCSP responder (pkicreate, OpenSSL, other)?

I set up a root and intermediate CAs with OpenSSL and started issuing server certificates. For MS RDP (RemoteApp) it required OCSP, so I also set up an OCSP responder with OpenSSL. Testing with openssl ocsp command worked fine, but using MS RDP or…

certificate openssl pki certificate-authority

asked Nov 19 '18 at 13:48

Adriano_pinaffo

262

1

vote

1 answer

Firefox, "Secure Connection Failed" and client certificate

I have a client certificate for Satrtcom. I'm trying to authenticate to their service, but I'm receiving a "Secure Connection Failed" error with error code ssl_error_handshake_failure_alert: The Startcom certificate and private key are present in…

macos client-certificate pki x509

asked Jan 23 '14 at 20:42

jww

12,722

Questions tagged [pki]