fred-users Prosinec 2012

fred-users@lists.nic.cz

4 participants
4 discussions

Setting up a CA and signing certificates with it

by Mario Guerra

I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA): a) create a CA authority (ca.key and ca.crt) b) make a certificate request (server.csr) c) sign the certificate request (server.crt and server.key) with the new CA authority d) change the server key so it does not ask for a passphrase. Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this: ssl_cert = %(dir)s/server.crt ssl_key = %(dir)s/server.key Now, if I try to run fred-client this is the result: ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700) Certificate not signed by verified certificate authority What should I do for fred-client to identify these certificates as valid?. Thanks in advance. Note: the new fred-client is perfectly compatible with FRED 2.2. -- Mario Guerra <mguerra(a)nic.cr>

1 rok, 7 měsíců

Contact developer FRED

by Andrey Nikolaev

Good day! Which contact developers( managers/sales) for the ability to adapt to the needs of the registry? Thank you.

12 let, 1 měsíc

Migrating from FRED 2.2 to FRED 2.11

by Mario Guerra

Due to the augmented abilities of FRED 2.11, I've attempted to migrate the production database, which runs FRED 2.2, to the FRED 2.11 format, running in a test server running the later. For the DB migration, I've run the SQL scripts, one by one, until it supposedly has the 2.11 structure. I've not run the script for having the initial structure, but a) firstly I migrate the complete DB from the production server to the test server and B) run the appropiate SQL scripts from 2.2 to 2.11. The result when I try to run fred-client: root@fredbeta:~# fred-client Unsupported language code: 'es' in os.environ.LANG. Available codes are: cs, en. Set default to: 'en'. FredClient 2.4.1 Type "help", "license" or "credits" for more information. Using configuration from /usr/etc/fred/fred-client.conf Connecting to 127.0.0.1, port 700 ... ERROR: Login failed The fred-eppd.log file: [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] fred-logd createRequest logging error: IDL:ccReg/Logger/INTERNAL_SERVER_ERROR:1.0 [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] Error while logging the request [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] Created session in fred-logd with id: 68462 [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] using fred-logd session id: 68462 [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] Client disconnected without proper logout. [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] Session ended The fred.log file: [2012-Dec-13 10:45:24] [fred-server] [error] [logd-<30156468>/session-0] -- Result failed: INSERT INTO request (time_begin, time_end, source_ip, user_name, user_id, service_id, request_type_id, session_id, is_monitoring, result_code_id ) VALUES ('2012-12-13 16:45:24.018801', NULL, E'127.0.0.1', NULL, NULL, 3, 100, NULL, 'f', NULL) (ERROR: column "service" does not exist <------------------------------ CONTEXT: SQL statement "CREATE TABLE request_epp_12_12 (CHECK (time_begin >= TIMESTAMP '2012-12-01 00:00:00' AND time_begin < TIMESTAMP '2013-01-01 00:00:00 ' AND service = 3 AND is_monitoring = 'f') ) INHERITS (request)" PL/pgSQL function "create_tbl_request" line 31 at EXECUTE statement <----------------------- SQL statement "SELECT create_tbl_request(time_begin, service_id, is_monitoring)" PL/pgSQL function "tr_request" line 26 at PERFORM The are apparent problems when creating the auxiliary request_epp_<year>_<month> table it seems. Best regards. -- Mario Guerra <mguerra(a)nic.cr>

12 let, 1 měsíc

Change schemas for ompatibility with RFC

by Andrey Nikolaev

Hi! Is it possible to implement compliance with rfc_5731 and rfc_5732? Conformity in the form domain/host? Example: 1.1. Relationship of Domain Objects and Host Objects (http://tools.ietf.org/rfc/rfc5731.txt) [skip] <domain:ns> <domain:hostAttr> <domain:hostName>ns1.example.net</domain:hostName> <domain:hostAddr ip="v4">192.0.2.2</domain:hostAddr> <domain:hostAddr ip="v6">1080:0:0:0:8:800:200C:417A</domain:hostAddr> </domain:hostAttr> <domain:hostAttr> <domain:hostName>ns2.example.net</domain:hostName> </domain:hostAttr> </domain:ns> [/skip] but Fred implement [skip] <nsset:roid>N0000000003-EPP</nsset:roid> <nsset:status s="linked">Has relation to other records in registry</nsset:status> <nsset:clID>REG</nsset:clID> <nsset:crID>REG</nsset:crID> <nsset:crDate>2012-12-11T21:32:45+02:00</nsset:crDate> <nsset:authInfo>krfJnwlj</nsset:authInfo> <nsset:ns><nsset:name>ns.ns.example.net</nsset:name> <nsset:addr>1.1.1.65</nsset:addr> <nsset:addr>2.1.140.65</nsset:addr> <nsset:addr>2.1.141.65</nsset:addr> <nsset:addr>2.1.142.65</nsset:addr> <nsset:addr>2.1.143.65</nsset:addr> <nsset:addr>2.1.144.65</nsset:addr> <nsset:addr>2.1.145.65</nsset:addr> </nsset:ns> <nsset:ns><nsset:name>ns2.example.net</nsset:name> <nsset:addr>2.1.1.68</nsset:addr> <nsset:addr>2.1.1.68</nsset:addr> <nsset:addr>2.1.1.68</nsset:addr> <nsset:addr>2.1.1.68</nsset:addr> </nsset:ns> [/skip] added description to schemas: to: all.xsd <import namespace="http://nic.domain.my/epp/host-1.1" schemaLocation="host-1.1.xsd"/> add file host-1.1.xsd with schema, about nsset .... (validate mod_eppd) change structure in IDL files, added new object it is real, it is achieved compliance? Not changes all sources fred-server?

12 let, 1 měsíc

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

fred-users Prosinec 2012