I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA):
a) create a CA authority (ca.key and ca.crt)
b) make a certificate request (server.csr)
c) sign the certificate request (server.crt and server.key) with the new CA authority
d) change the server key so it does not ask for a passphrase.
Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this:
ssl_cert = %(dir)s/server.crt
ssl_key = %(dir)s/server.key
Now, if I try to run fred-client this is the result:
ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700)
Certificate not signed by verified certificate authority
What should I do for fred-client to identify these certificates as valid?.
Thanks in advance.
Note: the new fred-client is perfectly compatible with FRED 2.2.
--
Mario Guerra <mguerra(a)nic.cr>
Hello,
One of our treasured old machines needs TLS version upgraded particularly to avoid SMTP
handshake failures that have started to crop up.
This machine also runs FRED registry operations that we use for many activities like training,
whois, invoicing, etc.
I would hence really like to find out in advance if upgrading TLS version will break FRED.
Will upgrading openssl break FRED ?
Regards,
Paulos
=============================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.nic.mw
SDNP: http://www.sdnp.org.mw
Tel: +265-(0)-882 089 166
Cell: +265-(0)-888-824787
WhatsApp: +265-(0)-887386433
--
This email has been checked for viruses by AVG.
https://www.avg.com
Happy new year everyone,
We have been successfully developing FRED 2.40.3 over Ubuntu 16.04 which is the documented deployment libraries’ OS requirement. For our final deployment, we are looking at the possibility of deploying over a higher version of Ubuntu (either 18.04 or 20.04) because Ubuntu 16.04 is scheduled for EOL in April 2021. (https://ubuntu.com/about/release-cycle).
Before we go down the hairy path of testing internally, we would like to know if any issues have been reported about installing FRED over Ubuntu 18.04 or 20.04? Or if anyone can testify that it has worked for them?
Thanks and regards,
Kelvin