Highest Voted 'pki' Questions - Super User Stack Exchange

11

votes

1 answer

What is causing warning on a certificate's basicConstraints?

I created a self signed server certificate using OpenSSL's req -x509 command and a CONF file. The CONF file is shown below. When I examine the certificate using Microsoft certificate viewer, its showing a warning on basicConstraints (notice the…

asked Mar 24 '15 at 22:36

jww

11,918
44
119
208

7

votes

1 answer

Ubuntu on Windows 10 - Git complaining "Permissions are too open" for my private key

Some background information, I have my bash/vim settings versioned on github that I sync between machines. I have this setup in place and working on a Windows 10 PC. It's relevant to mention that all of this set up lives under %USERPROFILE% (see…

ubuntu windows-10 git pki

asked Mar 24 '17 at 11:28

Mayuresh K

171
1
2
9

7

votes

3 answers

Oracle orapki - How to install?

I need the Oracle wallet manager/orapki tools to create wallets, but I'm unable to find an installation for them. I want to install them on Ubuntu (but Windows or any linux would also be possible). Can someone give me a hint how to get orapki on my…

pki

asked Jun 22 '16 at 20:03

user27693

71
1
1
3

6

votes

2 answers

Need a solution to verifying expired digital signatures

I use digital signatures for signing my invoices (required by law for digital invoicing in my country). The problem is, my local authority issues signing certificates that are only valid for a year (pretty much any certificate authority does this).…

digital-signature pki

asked Aug 10 '12 at 12:48

Petr Skocik

1,402
3
15
30

3

votes

2 answers

How can I change the PKI certificate I'm using in Firefox?

I have a dozen or so PKI certificates installed on my computer that I use for testing a web app. They represent the "users" Andy Tester, Billy Tester, Cindy Tester, &c. Fairly frequently, I need to test parts of the app that need multiple users to…

firefox pki

asked Apr 05 '11 at 16:00

Pops

8,393
29
76
95

3

votes

1 answer

P12 Certificate Authentication - what is the correct method

I've been able to successfully set up an IKEv2/IPSec VPN Server using certificate authentication. However, I have a general issue regarding the correct method of creating P12 user certificates. I've been using the following method : ipsec pki --gen…

vpn openssl ipsec pki client-certificate

asked Aug 30 '23 at 08:02

Tom Thorp

61
3

3

votes

1 answer

How to verify indirect CRL?

I'm trying to make an example work with indirect CRL. But when I try to verify it with the openssl verify command, I either get "unable to get certificate CRL" or "Different CRL scope". The question is: Do I use the openssl verify command…

openssl pki

asked Nov 30 '17 at 13:42

mjspier

181
1
5

2

votes

1 answer

openssl pkcs12 keeps removing the PEM passphrase from keystore's entry?

OpenSSL 1.0.1e 11 Feb 2013 Generating a self-signed certificate: openssl req -x509 -newkey rsa:1024 -keyout key.pem -out cert.pem -days 365 During the process a PEM passphrase is requested: Enter PEM pass phrase: Verifying - Enter PEM pass…

certificate openssl rsa pki pkcs

asked Nov 28 '13 at 13:36

XXL

1,469
4
20
34

2

votes

1 answer

What does renewing a certificate really mean?

Often one hears about "renewing an SSL certificate" or "renewing an X.509 certificate", but I wonder what this actually means. Usually, step #1 of the renewal process is "generate a new CSR". Doesn't this mean that what is actually happening is that…

certificate pki

asked Jan 28 '13 at 21:50

Mark

308
1
3
11

2

votes

0 answers

How can I allow a user to connect to my OpenVPN by knowing their public key?

Given the public key of a remote user, I would like to run OpenVPN and allow that user to connect to my network. I only need to be connected to one remote machine at a time. The options outlined in the documentation seem to be: Use X.509 PKI,…

openvpn public-key-encryption pki

asked Dec 18 '12 at 02:43

Peeja

2,839
5
25
21

2

votes

2 answers

How can I find my machine's Private\Public Key?

Are they kept in the form of a file? If so, is it accessible for me manually or is it used transparently only whenever there is a PKI handshake (please correct me if I am misusing the terminology)? Thank you!

pki

asked Nov 23 '11 at 14:29

user6004

259
1
4
6

2

votes

0 answers

What is the best way to set up an OCSP responder (pkicreate, OpenSSL, other)?

I set up a root and intermediate CAs with OpenSSL and started issuing server certificates. For MS RDP (RemoteApp) it required OCSP, so I also set up an OCSP responder with OpenSSL. Testing with openssl ocsp command worked fine, but using MS RDP or…

linux certificate openssl pki certificate-authority

asked Nov 19 '18 at 13:48

Adriano_pinaffo

322
1
5
23

2

votes

1 answer

OpenWrt: after restoring configuration backup, ssh pubkey authentication fails

After restoring configuration backup using Luci web interface, the ssh public key authentication stopped working: $ ssh root@192.168.1.254 -i ~/.ssh/id_rsa root@192.168.1.254: Permission denied (publickey) Checked the…

ssh openssh openwrt pki

asked Apr 28 '18 at 21:48

drew1kun

2,088
7
41
59

1

vote

1 answer

Firefox, "Secure Connection Failed" and client certificate

I have a client certificate for Satrtcom. I'm trying to authenticate to their service, but I'm receiving a "Secure Connection Failed" error with error code ssl_error_handshake_failure_alert: The Startcom certificate and private key are present in…

macos firefox client-certificate pki x509

asked Jan 23 '14 at 20:42

jww

11,918
44
119
208

1

vote

1 answer

PKI Intermediate Certificate Trust

Lets say we have a business owned internal CA. Its certificate is trusted by one of the Trusted Roots that is present in all browsers. With that CA, we issue a bunch of certificates for servers in the organisation - say for webmail over SSL. For a…

ssl-certificate pki

asked Nov 17 '11 at 21:08

Paul

59,223
18
147
168

Questions tagged [pki]