I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA):
a) create a CA authority (ca.key and ca.crt)
b) make a certificate request (server.csr)
c) sign the certificate request (server.crt and server.key) with the new CA authority
d) change the server key so it does not ask for a passphrase.
Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this:
ssl_cert = %(dir)s/server.crt
ssl_key = %(dir)s/server.key
Now, if I try to run fred-client this is the result:
ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700)
Certificate not signed by verified certificate authority
What should I do for fred-client to identify these certificates as valid?.
Thanks in advance.
Note: the new fred-client is perfectly compatible with FRED 2.2.
--
Mario Guerra <mguerra(a)nic.cr>
Hello,
Hope this finds you well in these troubled times.
We have a persistent request from a registrar asking us to "confirm what our balance was on
the 1st of December 2019" ... about 12 montsh ago.
We have repeatedly told the registrar that by the nature of EPP transactions on a registry
running FRED, we do not keep such balances on the registry on a day to day basis except in
regular backups of the database.
I would like to hear what you think about such a request from a registrar which connects to a
registry running the FRED registry system and how you would respond to it.
Is there an easier way of dealing with such a request other than by remounting a whole
FRED database on a test server from a previous FRED backup of that date ?
Remounting a FRED database backup is a major task and we have told them that if they
insist then we would raise a fee or charge for it.
Any help?
Regards,
Paulos
=============================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.nic.mw
SDNP: http://www.sdnp.org.mw
Tel: +265-(0)-882 089 166
Cell: +265-(0)-888-824787
WhatsApp: +265-(0)-887386433
--
This email has been checked for viruses by AVG.
https://www.avg.com
