I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA):
a) create a CA authority (ca.key and ca.crt)
b) make a certificate request (server.csr)
c) sign the certificate request (server.crt and server.key) with the new CA authority
d) change the server key so it does not ask for a passphrase.
Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this:
ssl_cert = %(dir)s/server.crt
ssl_key = %(dir)s/server.key
Now, if I try to run fred-client this is the result:
ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700)
Certificate not signed by verified certificate authority
What should I do for fred-client to identify these certificates as valid?.
Thanks in advance.
Note: the new fred-client is perfectly compatible with FRED 2.2.
--
Mario Guerra <mguerra(a)nic.cr>
Jaromir,
Just one or two more clarifications on FRED:
1. Is there a default maximum number of years (or months) for renewing a domain ?
I see that in .cz this is required to be 10 years - is this burned into FRED or can it be
modified?
See: https://www.nic.cz/files/nic/doc/Registration_rules_CZ.pdf
Regards,
Paulos
======================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.registrar.mw
We are now prepapring to transfer multiple domains from our 2R registry to registrars now on
the 3R FRED registry for .mw domains.
Could you please tell me the best database command for collecting the auth info for a
domain
Since there appears to be no bulk domain transfer facility in FRED my guess is that we need
to run the database query repeatedly to collect domain & auth-info pairs that we can then
pass on to the registrar.
What is the current best practice for passing auth info details to a registrar?
Regards,
PC
======================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.registrar.mw
We are now prepapring to transfer multiple domains from our 2R registry to registrars
now on the 3R FRED registry for .mw domains.
Could you please tell me the best database command for collecting the auth info for a domain
Since there appears to be no bulk domain transfer facility in FRED my guess is that we
need to run the database query repeatedly to collect domain & auth-info pairs that we
can then pass on to the registrar.
What is the current best practice for passing auth info details to a registrar?
Regards,
PC
======================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.registrar.mw
----------------------------------------------------------
Malawi SDNP Webmail: http://www.sdnp.org.mw
Access your Malawi SDNP e-mail from anywhere in the world.
----------------------------------------------------------
Jaromir, all,
Our FRED registry 3R operation is going well enough that we can now move on to tackle
issues on domain transfers and I have one or two questions with the following understanding
that I have:.
1. My understanding is that: Once auth_info has been sent from current owner A to new
owner B for domain dA.mw then B can do the transfer, such as using fred-client command:
transfer_domain dA.mw auth_info_A [other_options]
Is this correct? what are the other options?
2. A WHOIS query for dA.mw will then list new registrar: B
3. System then generates new auth_info_B and assigns it under registrar B ... right ?
4. How can the registry charge for the transfer of the domain dA.mw?
5. What needs to be configured in FRED to charge for domain transfers like this one?
6. If this FRED config can be done using fred-admin then please show syntax for trhe
fred-admin command to configure charging for domain transfers.
7. If there a similar arrangement for transfering other objects like contacts and/or nssets?
Regards,
Paulos
======================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.registrar.mw
-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2016.0.7752 / Virus Database: 4649/12929 - Release Date: 09/01/16
------- End of forwarded message -------
Hi,
I'm using https://github.com/metaregistrar/php-epp-client as the EPP client.
For being able to use it I need to feel some parameters in settings.ini:
interface=eppConnection
hostname=ssl://epp.demo.fred.nic.cz
port=xxxxxx
userid=xxxxxxxx
password=xxxxxxxxx
Which port, userid and password should I use to connect to Fred?
Is it possible to use certificates from https://letsencrypt.org/?
Thanks,
--
Thiago Farina
Hello Piotr,
LOL...
Just about everything. The gTLD is currently on CoCCA and want to move to
a different system.
On Fri, Sep 2, 2016 at 9:15 AM, Piotr Przybył <piotr(a)przybyl.org> wrote:
> On 02/09/16 15:07, Stanford Mings wrote:
> > Hello All,
> >
> > I am working with a gTLD and would like to get some assistance in using
> FRED. I have the system up
> > on a VM in my lab and can access it via the web-admin and the
> fred-client CLI.
> >
> > Any assistance would be greatly appreciated.
> >
> > - Stanford Mings
>
> Hello Standord
>
> "What can I do you for?" ;-)
>
> Are you interested in FRED's features, configuration, ...?
>
> Best regards
> Piotr
>
> _______________________________________________
> fred-users mailing list
> fred-users(a)lists.nic.cz
> https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users
>
Hello All,
I am working with a gTLD and would like to get some assistance in using
FRED. I have the system up on a VM in my lab and can access it via the
web-admin and the fred-client CLI.
Any assistance would be greatly appreciated.
- Stanford Mings