I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA):
a) create a CA authority (ca.key and ca.crt)
b) make a certificate request (server.csr)
c) sign the certificate request (server.crt and server.key) with the new CA authority
d) change the server key so it does not ask for a passphrase.
Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this:
ssl_cert = %(dir)s/server.crt
ssl_key = %(dir)s/server.key
Now, if I try to run fred-client this is the result:
ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700)
Certificate not signed by verified certificate authority
What should I do for fred-client to identify these certificates as valid?.
Thanks in advance.
Note: the new fred-client is perfectly compatible with FRED 2.2.
--
Mario Guerra <mguerra(a)nic.cr>
Hello,
I would like to find out if and how we can get a cc of every notification e-mail in FRED to go to
a designated e-mail address for the attention or analysis of someone who adminsiters the
FRED registry.
I am aware that these e-mail notifications are archived in the FRED database but in our case
the persons monitoring the registry do not have access to the database - and they should not
have such sensitive access anyway
The mailer config in FRED in our case is in /etc/fred/pyfred.conf and it does not give an
option for such a cc address.
If you worried about this or have or found a solution to it please let us know.
Regards,
Paulos
======================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.registrar.mw
---
This email has been checked for viruses by AVG.
https://www.avg.com
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
