I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA):
a) create a CA authority (ca.key and ca.crt)
b) make a certificate request (server.csr)
c) sign the certificate request (server.crt and server.key) with the new CA authority
d) change the server key so it does not ask for a passphrase.
Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this:
ssl_cert = %(dir)s/server.crt
ssl_key = %(dir)s/server.key
Now, if I try to run fred-client this is the result:
ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700)
Certificate not signed by verified certificate authority
What should I do for fred-client to identify these certificates as valid?.
Thanks in advance.
Note: the new fred-client is perfectly compatible with FRED 2.2.
--
Mario Guerra <mguerra(a)nic.cr>
Hello.
We've tested applying credits to registrars using FRED. Now, I want to
make a question of how the deductions are made.
Say, I decide to have 40 monetary units for domain creation and 10 for
domain update for renewing my domain, this way.
/fred-admin --price_add --operation_price 40.00 --zone_fqdn dom
--operation CreateDomain/
/fred-admin --price_add --operation_price 10.00 --zone_fqdn dom
--operation RenewDomain/
and assign 140 monetary units to their credit, this way
/fred-admin --invoice_credit --zone_id 1 --registrar_id 6 --price 140/
The zone numbered 1 is "dom" .
When I create a domain like this:
/create_domain testmg6.dom mf02 NULL NULL NULL (1 y)
/
What is deducted from the credit is 80 monetary units, not 70, so what
is left is 60.
Is that correct?. If it is, how to apply ONLY the renewal price when you
renew the domain, not when you create it?.
Best regards.
Mario Guerra
NIC-CR
