I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA):
a) create a CA authority (ca.key and ca.crt)
b) make a certificate request (server.csr)
c) sign the certificate request (server.crt and server.key) with the new CA authority
d) change the server key so it does not ask for a passphrase.
Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this:
ssl_cert = %(dir)s/server.crt
ssl_key = %(dir)s/server.key
Now, if I try to run fred-client this is the result:
ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700)
Certificate not signed by verified certificate authority
What should I do for fred-client to identify these certificates as valid?.
Thanks in advance.
Note: the new fred-client is perfectly compatible with FRED 2.2.
--
Mario Guerra <mguerra(a)nic.cr>
Hi,
I want to install FRED but would like some guidance when it comes to which Linux Distro I should use.
According to the documentation I could use Ubuntu 16.04 LTS (Xenial Xerus), Fedora 24, Fedora 25, RHEL 7 or CentOS 7 but if I don't have any special preferences which one is most fitting for the latest stable version of FRED?
Would be eternally thankful if any helpful soul could point me in the right direction.
Best regards
Johan Olsson
Hi,
after some time we are announcing a new version of FRED. As usually
release notes are published here:
https://fred.nic.cz/documentation/html/ReleaseNotes/
We have intentionally not announced version 2.37 since this version was
changing hardcoded default for WHOIS disclose flags from "everything is
by default public" to "everything is by default hidden" of course
because of GDPR. New default was again hardcoded and immediate upgrade
could cause issue to registrars that relies on default policy. With
version 2.38 this default policy is configuration option so registry
has control when this policy change based on discussion with
registrars. All the information should be seen from documentation.
I'd like to pick one change from release notes to write about little
bit more and this is handling incoming payments. We are trying to make
FRED even more modular and move all about payments and invoices into
separated module. There is background idea that at some point in time,
this module could be replaced with generic accounting software that
will take care of issuing invoices which should not be responsibility
of registry. For now, the only visible change is that tab payments
disappears from web administration interface (Daphne) and also
associated database tables bank_payment and bank_statement are not
required. My assumption is that this change doesn't have effect for any
instance but in case it has, there is a new component called Pain (from
"payments and invoices") that provides the same functionality but needs
to be installed as additional thing. Feel free to ask more about this
if you'd like to try it.
Regards,
Jaromir
--
Jaromir Talir
Technicky partner / Technical Fellow
-------------------------------------------
CZ.NIC, z.s.p.o. -- .cz domain registry
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:jaromir.talir@nic.cz http://nic.cz/
sip:jaromir.talir@nic.cz tel:+420.222745107
mob:+420.739632712 fax:+420.222745112
-------------------------------------------
