I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA):
a) create a CA authority (ca.key and ca.crt)
b) make a certificate request (server.csr)
c) sign the certificate request (server.crt and server.key) with the new CA authority
d) change the server key so it does not ask for a passphrase.
Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this:
ssl_cert = %(dir)s/server.crt
ssl_key = %(dir)s/server.key
Now, if I try to run fred-client this is the result:
ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700)
Certificate not signed by verified certificate authority
What should I do for fred-client to identify these certificates as valid?.
Thanks in advance.
Note: the new fred-client is perfectly compatible with FRED 2.2.
--
Mario Guerra <mguerra(a)nic.cr>
Hello,
Kindly help me to renew my domain as our system administrator is not around
to help.
I want to renew the domain name ushirika.co.tz which must be done in
fred-client installed in linux OS.
I can SSH the server with login credentials correct and I have the su
password but in both place su or the first one when I put DIR command I find
there is Desktop and fred-client.conf
I don't know what to do next.
Help please.
Michael Erick
| ISP Network Engineer |
|Benson Informatics Limited, P.O.Box 78914, Plot No.13, Mikocheni A2,
Warioba Area, Dar-es-Salaam. | <Tel:+255> Tel: +255 222 666 670
Fax:+255 222 666 471 |Mob: +255 798 020 022, +255 797 255 727 |E-Mail:
<mailto:michaele@bol.co.tz%7CWeb> michaele(a)bol.co.tz |Web:
<http://www.bolmobile.co.tz/> www.bolmobile.co.tz
