All Questions
Tagged with openssl certificate-authority
101
questions
0
votes
0
answers
51
views
OpenWISP -- inputing a certification authority
We're trying to set up OpenWISP using a paid-for wildcard (*.ngv.com.au) SSL certificate. The certificate comes to us as a ZIP of these files:
AAACertificateServices.crt
...
2
votes
1
answer
124
views
What happens if the startdate of a CA is later that the startdate of a X509 certificate signed by it?
I am in the process of extending the lifetime of a private CA creating a new certificate with the same name, serial number, private/public keys, etc. The only change would be the "startdate" ...
0
votes
0
answers
805
views
Verify return code: 21 unable to verify the first certificate
I'm encountering an issue on my Ubuntu server when attempting to establish an email connection from the frontend application. The error message I receive reads: "Verify return code: 21 unable to ...
3
votes
1
answer
954
views
OpenVPN Revoke a certificate without the CRT file with Easy RSA
I'm confused, I have an OpenVPN server on Debian. The previous system administrator who was in charge of this server deleted the user certificates (.crt file) with the command "rm -f example.crt&...
1
vote
1
answer
264
views
Warning with sending emails from Thunderbird to Postfix using its own CA
I'm asking for help because I simply don't have the strength anymore, I've spent a lot of time and I'm still left with an unsolved puzzle.
My problem: I keep getting "Wrong Site" warnings ...
0
votes
1
answer
211
views
Import Custom SSL Certificate in Zyxel GS1920-8HPv2
I have a problem with importing a server ssl cert for
https web connection on myZyxel GS1920-8HPv2.
On the WebGui of the Switch, there is an information, that the cert and key
has to be in a pkcs12 ...
1
vote
1
answer
2k
views
OpenVPN - Can client certificates and keys be created if you only have ca.crt
All servers are debian 9 linux. I have 200 servers with openvpn installed, each with three to four clients (tunnel 2)
clients ---> server1 (1 of 200) (also client for jumpserver) ---> jumpserver ...
2
votes
1
answer
2k
views
openssl - cross sign certificate
I want to cross-sign a third-party root ca (third-party-ca) with my own root ca (r1). (Background: restricting usage)
To do this, I use
openssl x509-in third-party-ca.crt -CA /etc/pki/r1/ca.crt -CAkey ...
1
vote
1
answer
1k
views
How do I sign my own SSL certificates so that they cover www and non-www domain names?
When using a commercial Certificate Authority, generating a csr for the common name www.mysite.com and sending it to them will result in a certificate being issued that works for both www.mysite.com ...
1
vote
1
answer
2k
views
What does the "crt" abbreviation mean in certificates?
I can find what all the other abbreviations mean like PEM and CSR as is mentioned here:
https://pki-tutorial.readthedocs.io/en/latest/index.html
but what does CRT stand for?
1
vote
2
answers
3k
views
NET::ERR_CERT_AUTHORITY_INVALID with self-signed CA in Windows
I created a (self-signed) root certificate and signed a web server certificate using a system I developed in Java (the web certificate is used in Apache 2.4.41).
The certificates work without issues ...
0
votes
0
answers
3k
views
Submitting CSR to Microsoft CA from linux bash best practice
Similar questions:
https://stackoverflow.com/questions/31283476/submitting-base64-csr-to-a-microsoft-ca-via-curl
The link above presents an answer but it is far too complicated for me.
Below is an ...
0
votes
1
answer
97
views
CentOS Certificate Authority increase key strength
I have a self signed CA that I have been using for several years. Certs that I sign/issue these days for our LAN are now getting warnings in Chrome due to "Weak Key". Is there a ...
0
votes
2
answers
467
views
How to Create a SSL Key and a SSL Cert from a Given CA File (Certificate Authority)
I Need to create a encrypted db connection to the Azure Cloud MySQL Servers, They have given us a CA certificate called "BaltimoreCyberTrustRoot.crt.pem" to use when connecting with the ...
-2
votes
1
answer
554
views
MTLS on Nginx that works with client side Android Apps?
Is there a way to pull off MTLS/Two-Way SSL/Client Certificates that work on unrooted v10+ Android Clients on the cheap?
I have a couple of personal api end points that I want to be publicly ...