I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA):
a) create a CA authority (ca.key and ca.crt)
b) make a certificate request (server.csr)
c) sign the certificate request (server.crt and server.key) with the new CA authority
d) change the server key so it does not ask for a passphrase.
Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this:
ssl_cert = %(dir)s/server.crt
ssl_key = %(dir)s/server.key
Now, if I try to run fred-client this is the result:
ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700)
Certificate not signed by verified certificate authority
What should I do for fred-client to identify these certificates as valid?.
Thanks in advance.
Note: the new fred-client is perfectly compatible with FRED 2.2.
--
Mario Guerra <mguerra(a)nic.cr>
Hello Team,
I have a scenario where by the NS set and domain name associated to it
are both deleted but I still technical checks results are sent to
contact of the NS SET.
My expectation is if the NSSET is already deleted then there will be
notification of Results of technical check on the NS set to be sent to
the contact of that particular NSSET.
Kindly I ask for your guidance on this scenario.
NS set: *<447855962183D9BD27E7JDLGL>*
Date of the check: 01:50:20 28-03-2023 EAT
Check type: periodic
Ticket: 469297
=== Errors ==================================================
Nameserver does not contain a record for any of the domains:
* <X>.co.tz*
Nameserver does not contain a record for any of the domains:
*<X>.co.tz*
=== Warnings =============================================
=== Notices ============================================
=====================================================================
Regards,
Patrick