- fred-users - lists.nic.cz

Using FRED for managing prices and credit

by Mario Guerra

a) Define prices for each zone. Notice that prices are defined per zone only (you can't define a price for a registrar/zone combination). For example: fred-admin --price_add --operation_price 80.00 --zone_fqdn tld --operation CreateDomain fred-admin --price_add --operation_price 80.00 --zone_fqdn tld --operation RenewDomain fred-admin --price_add --operation_price 80.00 --zone_fqdn tld --operation EppOperation Take into account that the system registrar must be defined as such and that these prices do not apply to the system registrar b) Add invoice prefixes: fred-admin --invoice_add_prefix --zone_fqdn tld --prefix 01 c) Now you can start assigning credit like this: fred-admin --invoice_credit --zone_id 1 --registrar_id 2 --price 2000.0 The zone_id usually is the TLD zone. The registrar_id usually starts with 2 for non-system registrars. I' m supposing you are using a pre-paid policy. FRED allows for post-paid, too. d) Now you can use fred-client with the new registrar (I' m assuming that you previously created the regitrar with fred-admin and assigned the zone to that registrar): fred-client --user=<registar handle> --password=<registar password) --cert=/usr/share/fred-client/ssl/<registar handle>.crt --privkey=/usr/share/fred-client/ssl/<registar handle>.key (for easier administration, we use for the crt and key files the same name that the registrar one) e) Now create, renew, etc. domains: create_domain guerra.tld <contact id.> NULL <nsset id.> NULL (1 y) I' m assuming that you previously created both the contact and the nsset ids. After this, for each domain created or renewed, that price is deduced from the credit. If you use pre-paid and the accululative operations exceed the credit, a FRED error is given.

10 let, 1 měsíc

1
0
0 0

Correct dissociation of nssets and keysets using update_domain in fred-client

by Mario Guerra

Suppose this: update_domain guerra.cr NULL NULL NULL (NULL GUERRA-CR-K NULL) This example adds keyset GUERRA-CR-K to domain guerra.cr. Now lets try to dissociate that keyset: update_domain guerra.cr NULL NULL NULL (NULL () NULL) It does not work. Notice that I don't use NULL which, in that context does not touch the keyset entry. () should mean no keyset, right?. The same applies to dissociating an nsset making the domain a reserved one. For example: update_domain guerra.cr.NULL NULL NULL (() NULL NULL) Best regards.

10 let, 2 měsíce

1
1
0 0

Extraxt the current-expiry-date of a domain

by timothy

Hello all, How can i only extract the current-expiry-date of a domain??. Regards, Timothy ---------------------------------------------------------- Malawi SDNP Webmail: http://www.sdnp.org.mw Access your Malawi SDNP e-mail from anywhere in the world. ----------------------------------------------------------

10 let, 3 měsíce

1
0
0 0

FRED, foreign client error

by Mark Elkins

Hi, I'm successfully connecting to and able to login to FRED (demo) at TZNIC - using the EPP Library that CentralNIC wrote (all PHP) - with some modifications. However - all "commands" after that seem to return the same (similar) error message. I've looked and copied examples from RFC5731... As an example - the Info Command... C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <info> C: <domain:info C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> C: <domain:name hosts="all">example.com</domain:name> C: </domain:info> C: </info> C: <clTRID>ABC-12345</clTRID> C: </command> C:</epp> So I actually send: <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> <command> <info> <domain:info xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> <domain:name hosts="all">dnssec.or.tz</domain:name> </domain:info> </info> <clTRID>ABC-12345</clTRID> </command> </epp> and get back: <?xml version="1.0" encoding="UTF-8"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"><response><result code="2001"><msg>Command syntax error</msg><extValue><value><domain:info xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> <domain:name hosts="all">dnssec.or.tz</domain:name> </domain:info></value><reason>Schemas validity error: Element '{urn:ietf:params:xml:ns:domain-1.0}info': No matching global element declaration available, but demanded by the strict wildcard.</reason></extValue></result><trID><svTRID>ReqID-0002778177</svTRID></trID></response></epp> What seems to be common is "Schemas validity error: Element '{urn:ietf:params:xml:ns:domain-1.0}info': No matching global element declaration available, but demanded by the strict wildcard." and I have no idea what that means. What should I be sending then???? ...and from a debugging prospective - getting the reply on more or less one line is real hard to read for a Human. Yes - a Machine has no problem. I wish there was a switch for "Human Readable XML" - all neatly grouped and indented like in the RFC documents. In case its my login - it looks like this - except with User/Passwd XXXX'ed out: <epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> <command> <login> <clID>REG-XXXXXXX</clID> <pw>XXXXXXXX</pw> <options> <version>1.0</version> <lang>en</lang> </options> <svcs> <objURI>urn:ietf:params:xml:ns:domain-1.0</objURI> <objURI>urn:ietf:params:xml:ns:contact-1.0</objURI> <svcExtension> <extURI>urn:ietf:params:xml:ns:secDNS-1.1</extURI> </svcExtension> </svcs> </login> </command> </epp> Reply==> <?xml version="1.0" encoding="UTF-8"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"><response><result code="1000"><msg>Command completed successfully</msg></result><trID><svTRID>ReqID-0002778173</svTRID></trID></response></epp> Please note - the current EPP XML works for the COZA System, Cocca and Central-NIC. -- Mark James ELKINS - Posix Systems - (South) Africa mje(a)posix.co.za Tel: +27.128070590 Cell: +27.826010496 For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za

10 let, 3 měsíce

3
7
0 0

Connecting to FRED using PHP

by Mark Elkins

I'd like to have my own client written in PHP talk to FRED. I was given separate CRT and KEY files by TZNIC. I've combined this into a single PEM file with: cat posix.key posix.crt > /tmp/tznic.pem I can then successfully get the "Welcome" XML from FRED at TZNIC with: openssl s_client -connect fred.tznic.or.tz:700 -cert /tmp/tznic.pem This shows as a self-signed certificate (as expected). (verify error:num=18:self signed certificate) The combining of the crt and key is because php seems to want a combined PEM certificate... Then - I try connecting with a VERY stripped down PHP script.... (attached)... The core of which is: $ip="fred.tznic.or.tz"; $port=700; $cert="/tmp/tznic.pem"; $context = stream_context_create(); $result = stream_context_set_option($context, 'ssl', 'local_cert', $cert); $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); $result = stream_context_set_option($context, 'ssl', 'verify_host', false); $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); $fp = stream_socket_client("tls://$ip:$port", $errno,$errstr, 20, STREAM_CLIENT_CONNECT, $context); if(!$fp) echo "CONNECT ERROR: $errstr ($errno)\n"; else // read the packet...... The "stream_socket_client" simply times out. What am I doing wrong??? Almost the same code works for: (ie changing machines, ports and Certs) Central-NIC ZACR/CO.ZA CoCCA The FRED test system at TZNIC is running certificate validation - I'm assuming its got something to do with that???? I'm using a variety of different versioned PHP's eg PHP 5.5.18-pl0-gentoo (cli) (built: Nov 10 2014 22:20:27) PHP 5.5.21-pl0-gentoo (cli) (built: Feb 6 2015 16:46:22) PHP 5.4.34-pl0-gentoo (cli) (built: Nov 3 2014 11:10:23) All do the same thing - timeout. Is anyone using a PHP based client?? - that would be the start of a WHMCS plugin for C-Panel (etc). -- Mark James ELKINS - Posix Systems - (South) Africa mje(a)posix.co.za Tel: +27.128070590 Cell: +27.826010496 For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za

10 let, 3 měsíce

4
4
0 0

Grant permission to a registrar to add domain to a specific zone

by timothy

Hello All, I want to make registrar X to register a domain to a certain zone[i.e mw]. How can i grant permission to registrar X to add a domain to a such a zone??? Regards, Timothy ---------------------------------------------------------- Malawi SDNP Webmail: http://www.sdnp.org.mw Access your Malawi SDNP e-mail from anywhere in the world. ----------------------------------------------------------

10 let, 3 měsíce

3
4
0 0

Generating own Certificates for fred [Modified question]

by timothy

Hello all, Can someone help on this: I have done this, a) create a CA authority (ca.key and ca.crt) b) make a certificate request (server.csr) c) sign the certificate request (server.crt and server.key) with the new CA authority d) make a certificate request (registrar.csr) e) sign the certificate request (registrar.crt and registrar.key) with the new CA authority Afterwards, the server.crt and server.key and the ca.crt files are included in /usr/share/fred-mod-eppd/ssl directory,then the epp file is tweaked to reflect the files and the fred-client configuration file in /etc/fred/directory is modified like this: ssl_cert = %(dir)s/registrar.crt ssl_key = %(dir)s/registrar.key Now, if I try to run fred-client this is the result: Login Failed ---------------------------------------------------------- Malawi SDNP Webmail: http://www.sdnp.org.mw Access your Malawi SDNP e-mail from anywhere in the world. ----------------------------------------------------------

10 let, 3 měsíce

4
3
0 0

registrars management and pricing

by Mario Guerra

How do I. a) Define prices (creation, update, EPP). b) Create credit for a zone-registrar combination. c) Deduce each EPP transaction (creation, updating, etc.) so the transaction applies to the credit?. I have scripts for creating a new registrar with their respective certificates, and I know how to intoroduce prices. Then I supposedly give credit to a registrar and a zone, but when I use that zone and registar using fred-client there is no transaction. I'm missing simething but what?. Mario Guerra

10 let, 3 měsíce

4
7
0 0

Generating own Certificates for fred

by timothy

Hello all, Can someone help on this: I have done this, a) create a CA authority (ca.key and ca.crt) b) make a certificate request (server.csr) c) sign the certificate request (server.crt and server.key) with the new CA authority d) make a certificate request (registrar.csr) e) sign the certificate request (registrar.crt and registrar.key) with the new CA authority Afterwards, the server.crt and server.key and the ca.crt files are included in /usr/share/fred-client/ssl directory,then the epp file is tweaked to reflect the files and the fred-client configuration file is modified like this: ssl_cert = %(dir)s/registrar.crt ssl_key = %(dir)s/registrar.key Now, if I try to run fred-client this is the result: Login Failed ---------------------------------------------------------- Malawi SDNP Webmail: http://www.sdnp.org.mw Access your Malawi SDNP e-mail from anywhere in the world. ----------------------------------------------------------

10 let, 3 měsíce

1
0
0 0

Registrar certificates and management

by timothy

Hello, I need some help on the following: 1.Where does fred keep the certificates for registrars? 2.In which configuration file should i include the path for the registrars' certificates and how? Best Regards. Mathias Timothy ---------------------------------------------------------- Malawi SDNP Webmail: http://www.sdnp.org.mw Access your Malawi SDNP e-mail from anywhere in the world. ----------------------------------------------------------

10 let, 4 měsíce

2
1
0 0

Re: registrars management and pricing

by Dr Paulos Nyirenda

On 16 Feb 2015 at 10:39, Mario Guerra <fred-users(a)lists.nic.cz> wrote: > How do I. > > a) Define prices (creation, update, EPP). > b) Create credit for a zone-registrar combination. > c) Deduce each EPP transaction (creation, updating, etc.) so the > transaction applies to the credit?. > > I have scripts for creating a new registrar with their respective > certificates, and I know how to intoroduce prices. Mario, all, We at the Malawi .mw registry have just finished populating our FRED registry with data at our current home built registry system. Our biggest challenge has been creating contacts. We are now just at this point of creating new registrars and need to generate, install and activate certificates for new registrars. We would therefore like to request you to send us details on how you efficiently do certificate generation, creation, installtion and activation of registrars. A copy of your scripts sent to us, if available, would be very helpful. We would also really like to hear how others do this as well. We are running on Fedora and our target is to reach production phase by 15 March 2015, in about a month. > Then I supposedly > give credit to a registrar and a zone, but when I use that zone and > registar using fred-client there is no transaction. I'm missing > simething but what?. We see that our next biggest challenge will be billing as we move the registry from the 2R model in the present system where the registry was billing every registrant to the 3R model where we move to create, manage and bill registrars. We need to resolve this soon as some domains will start to expire at the end of March 2015 and hence payments will need to be made. So answers on these question raised here as well as any additional documentation will also be very helpful to us. Regards, Paulos ====================== Dr Paulos B Nyirenda NIC.MW & .mw ccTLD http://www.registrar.mw > > Mario Guerra > > _______________________________________________ > fred-users mailing list > fred-users(a)lists.nic.cz > https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users ---------------------------------------------------------- Malawi SDNP Webmail: http://www.sdnp.org.mw Access your Malawi SDNP e-mail from anywhere in the world. ----------------------------------------------------------

10 let, 4 měsíce

2
1
0 0

Fred-Client

by Kosta Stojcev

Hi, I want to ask if someone had succesfully implement fred-lient into asp.net c# web site? Thanks

10 let, 7 měsíců

3
2
0 0

Some presentations about FRED

by Jaromír Talíř

Hi, a week ago I participated on Registry Operators Course organized by AFTLD. For this event I've prepared four presentations about FRED so if anyone is interested, these presentations are available on the event website: http://aftld.org/events/?_sfwCOM=Event:Show;233030&pg=233068 Regards, Jaromir -- Jaromir Talir technicky reditel / Chief Technical Officer ------------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23, 120 00 Praha 2, Czech Republic mailto:jaromir.talir@nic.cz http://nic.cz/ sip:jaromir.talir@nic.cz tel:+420.222745107 mob:+420.739632712 fax:+420.222745112 -------------------------------------------

10 let, 12 měsíců

2
2
0 0

Re: Re: Some presentations about FRED

by michaele＠bol.co.tz

Hi Kindly use my new email ID: michael.erick(a)smart.co.tz Instead of michaele(a)bol.co.tz

10 let, 12 měsíců

1
0
0 0

Re: Some presentations about FRED - thanks

by Dr Paulos Nyirenda

Jaromir, I would like to express our appreciation that you accepted our AFTLD invitation to the AROC Workshop at AIS in Djibouti in the past week and and that you made some really good presentations and contributions as an instructor or trainer at the AFTLD AROC workshop. We are indeed making these presentations and others available online on the link shown. AFTLD similarly appreciates contributions from all the other instructors, presenters, participants and members for making this such a very successful AROC. We do look forward to further such collaboration from you and others as well, as AFTLD tries to grow the African ccTLDs, TLD and registrar areas and business in our region. Regards, Paulos ====================================== Dr Paulos B Nyirenda NIC.MW & .mw ccTLD http://www.registrar.mw Board member: AFRNIC http://www.afrinic.net President: AFTLD http://www.aftld.org On 2 Jun 2014 at 17:38, Jaromír Talíř <fred-users(a)lists.nic.cz> wrote: > Hi, > > a week ago I participated on Registry Operators Course organized by > AFTLD. For this event I've prepared four presentations about FRED so > if anyone is interested, these presentations are available on the > event website: > > http://aftld.org/events/?_sfwCOM=Event:Show;233030&pg=233068 > > Regards, > Jaromir > > -- > Jaromir Talir > technicky reditel / Chief Technical Officer > ------------------------------------------- > CZ.NIC, z.s.p.o. -- .cz domain registry > Americka 23, 120 00 Praha 2, Czech Republic > mailto:jaromir.talir@nic.cz http://nic.cz/ > sip:jaromir.talir@nic.cz tel:+420.222745107 > mob:+420.739632712 fax:+420.222745112 > ------------------------------------------- > > _______________________________________________ > fred-users mailing list > fred-users(a)lists.nic.cz > https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users > > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 2014.0.4570 / Virus Database: 3955/7609 - Release Date: > 06/02/14 > ---------------------------------------------------------- Malawi SDNP Webmail: http://www.sdnp.org.mw Access your Malawi SDNP e-mail from anywhere in the world. ----------------------------------------------------------

11 let

1
0
0 0

Re: Re: Some presentations about FRED

by michaele＠bol.co.tz

Hallow, I will be on annual leave from 12/05/2014 to 02/06/2014 inclusive. While am away, my tasks will be handled by: 1. NURDIN SHEKIVULI nurdin.shekivuli(a)smart.co.tz 0798020049 2. NOEL LUSUVA noel.lusuva(a)smart.co.tz 0798020131 3. MOEZ HUSSEIN moez.hussein(a)smart.co.tz 0798020021 I might be reachable on 0798020022 or 0715928870 or 0756928870 I wish you all the best.

11 let

1
0
0 0

Re: Some presentations about FRED

by michaele＠bol.co.tz

Hallow, I will be on annual leave from 12/05/2014 to 02/06/2014 inclusive. While am away, my tasks will be handled by: 1. NURDIN SHEKIVULI nurdin.shekivuli(a)smart.co.tz 0798020049 2. NOEL LUSUVA noel.lusuva(a)smart.co.tz 0798020131 3. MOEZ HUSSEIN moez.hussein(a)smart.co.tz 0798020021 I might be reachable on 0798020022 or 0715928870 or 0756928870 I wish you all the best.

11 let

1
0
0 0

Release FRED-2.16

by Jaromír Talíř

Hi, after some time I updated website http://fred.nic.cz/download with source files of our most recent version FRED-2.16 and installation procedures for supported operating systems Ubuntu 12.04 and Fedora 20. Few weeks ago we put this version of FRED into production and I can recommend it for use by other registries. There is a lot of new features since last announced version so this is just highlights: - Contact data management features (verification, merging identical contacts). Presented at last ICANN - http://buenosaires48.icann.org/en/schedule/mon-tech/presentation-contact-va… - Administrative blocking of domains - law enforcement agencies sometimes ask registry to disable domain or prevent any changes in domain. In this version web administration interface has 'Block' and 'Unblock' buttons in domain detail - Billing changes - in previous versions there was a problem with selecting proper price in price list when registry was in different timezone than 'Europe/Prague'. Billing is also optional feature in this version and if you want to enable it you have to set epp_operations_charging = on in fred configuration file for fred-rifd daemon. **Check this when upgrading to this version** - Better IDN. To enable IDN in previous versions you had to set some compile time option. Now system registrar can register IDN domains immediately and all registrars can register IDN domain when configuration option ;allow_idn = false' is set. Still, there is no checking against list of allowed code pages - A lot of bugfixes If you have any questions when testing, let me know. Regards, Jaromir -- Jaromir Talir technicky reditel / Chief Technical Officer ------------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23, 120 00 Praha 2, Czech Republic mailto:jaromir.talir@nic.cz http://nic.cz/ sip:jaromir.talir@nic.cz tel:+420.222745107 mob:+420.739632712 fax:+420.222745112 -------------------------------------------

11 let, 4 měsíce

2
3
0 0

FRED Server doesn't parse valid xmls

by Spase Markovski

Greetings, I see that the FRED server has a hard time parsing xmls that have a namespace prefix. Please confirm that this is invalid xml for your sever (even though it should NOT be): <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:epp xmlns:ns2="urn:ietf:params:xml:ns:epp-1.0" xmlns=" http://www.nic.cz/xml/epp/domain-1.4"> <ns2:command> <ns2:login> <ns2:clID>XXXXXXXXX</ns2:clID> <ns2:pw>XXXXXXXXXXXXXX</ns2:pw> <ns2:options> <ns2:version>1.0</ns2:version> <ns2:lang>en</ns2:lang> </ns2:options> <ns2:svcs> <ns2:objURI>http://www.nic.cz/xml/epp/contact-1.6</ns2:objURI> <ns2:objURI>http://www.nic.cz/xml/epp/domain-1.4</ns2:objURI> <ns2:objURI>http://www.nic.cz/xml/epp/nsset-1.2</ns2:objURI> <ns2:objURI>http://www.nic.cz/xml/epp/keyset-1.3</ns2:objURI> <ns2:svcExtension> <ns2:extURI>http://www.nic.cz/xml/epp/enumval-1.2</ns2:extURI> </ns2:svcExtension> </ns2:svcs> </ns2:login> <ns2:clTRID>001#13-12-07at15:18:17</ns2:clTRID> </ns2:command> </ns2:epp> -- Regards, Spase

11 let, 6 měsíců

2
1
0 0

(no subject)

by Spase Markovski

Greetings, I see that the FRED server has a hard time parsing xmls that have a namespace prefix. Please confirm that this is invalid xml for your sever (even though it should NOT be): <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:epp xmlns:ns2="urn:ietf:params:xml:ns:epp-1.0" xmlns=" http://www.nic.cz/xml/epp/domain-1.4"> <ns2:command> <ns2:login> <ns2:clID>XXXXXXXXX</ns2:clID> <ns2:pw>XXXXXXXXXXXXXX</ns2:pw> <ns2:options> <ns2:version>1.0</ns2:version> <ns2:lang>en</ns2:lang> </ns2:options> <ns2:svcs> <ns2:objURI>http://www.nic.cz/xml/epp/contact-1.6</ns2:objURI> <ns2:objURI>http://www.nic.cz/xml/epp/domain-1.4</ns2:objURI> <ns2:objURI>http://www.nic.cz/xml/epp/nsset-1.2</ns2:objURI> <ns2:objURI>http://www.nic.cz/xml/epp/keyset-1.3</ns2:objURI> <ns2:svcExtension> <ns2:extURI>http://www.nic.cz/xml/epp/enumval-1.2</ns2:extURI> </ns2:svcExtension> </ns2:svcs> </ns2:login> <ns2:clTRID>001#13-12-07at15:18:17</ns2:clTRID> </ns2:command> </ns2:epp> -- Regards, Spase

11 let, 6 měsíců

1
0
0 0

Domain Renewal Help

by Michael Erick

Hello, Kindly help me to renew my domain as our system administrator is not around to help. I want to renew the domain name ushirika.co.tz which must be done in fred-client installed in linux OS. I can SSH the server with login credentials correct and I have the su password but in both place su or the first one when I put DIR command I find there is Desktop and fred-client.conf I don't know what to do next. Help please. Michael Erick | ISP Network Engineer | |Benson Informatics Limited, P.O.Box 78914, Plot No.13, Mikocheni A2, Warioba Area, Dar-es-Salaam. | <Tel:+255> Tel: +255 222 666 670 Fax:+255 222 666 471 |Mob: +255 798 020 022, +255 797 255 727 |E-Mail: <mailto:michaele@bol.co.tz%7CWeb> michaele(a)bol.co.tz |Web: <http://www.bolmobile.co.tz/> www.bolmobile.co.tz

11 let, 8 měsíců

1
0
0 0

Fred installation

by samer khalil

Hi, I am new to this list and would like to install a test environment of Fred and eventually have it operational for our TLD registry in Lebanon (.LB). I am seeking your assistance and guidance in order to proceed with the installation. I am working on ubuntu 12 and so far i have installed the following fred packages: ii fred-adifd 2.13.5~rc1-1~precise+1 FRED Administration Interface Daemon ii fred-client 2.6.0~rc1-1ubuntu3~precise+1 FRED client for registrars, text interface ii fred-client-qt4 2.6.0~rc1-1ubuntu3~precise+1 FRED client for registrars, GUI interface ii fred-common 2.14.0~rc7-1~precise+1 FRED common files ii fred-db 2.13.0~rc3-1~precise+1 DB schema and example data for FRED ii fred-doc2pdf 2.5.1~rc1-2ubuntu2~precise+1 PDF generator for FRED registry system ii fred-idl 2.14.0~rc1-1~precise+1 IDL files for FRED ii fred-logd 2.13.5~rc1-1~precise+1 FRED logging daemon ii fred-mifd 2.13.5~rc1-1~precise+1 FRED backend for MojeID ii fred-msgd 2.13.5~rc1-1~precise+1 FRED messaging daemon ii fred-pifd 2.13.5~rc1-1~precise+1 FRED Public Interface Daemon ii fred-pyfred 2.4.2~rc2-1~precise+1 FRED Support Daemons ii fred-pylogger 1.2.0~rc1-1ubuntu1~precise+1 Python wrapper for logging to FRED logger ii fred-rifd 2.13.5~rc1-1~precise+1 FRED Registrar Interface Daemon ii fred-stats 1.2.2~rc1-1~precise+1 FRED is complete central domain registry ii fred-transproc 1.2.0-1~precise+1 FRED support for importing bank statements ii fred-webadmin 3.10.0~rc1-1ubuntu4~precise+1 www administration interface for FRED ii fred-whois 2.11.0-1ubuntu1~precise+1 Web Whois interface for FRED registry system ii nagios-pyfred-genzone-plugin 2.4.2~rc2-1~precise+1 Nagios plugin to FRED Zone Generator ii pyfred-filemanager 2.4.2~rc2-1~precise+1 FRED File Manager Client ii pyfred-genzone 2.4.2~rc2-1~precise+1 FRED Zone Generator Client Apache, postgres, python, corba are installed as well. I loaded the sql database from /usr/share/fred-db/structure.sql I am stuck at this level and would appreciate your help to proceed. Regards, Samer

12 let

4
7
0 0

how to change superuser password?

by Sayid Munawar

Hi, I need to change fred webadmin superuser's password. How to do that? -- Sayid Munawar Sent with Sparrow (http://www.sparrowmailapp.com/?sig)

12 let, 3 měsíce

2
1
0 0

RFC 3915 support

by Ealden Esto Escañan

Hi everyone, We are currently looking into FRED for our needs, and would like to confirm if it supports RFC3915 or Domain Registry Grace Period Mapping. http://tools.ietf.org/html/rfc3915 Thanks in advance!

12 let, 3 měsíce

2
1
0 0

omniidl is not user in fred-whois-2.8.4

by Sayid Munawar

Hi, in package setup.py of fred-whois-2.8.4, line 73: def check_CORBA(self): try: from omniORB import CORBA import omniidl except ImportError, msg: sys.stderr.write('ImportError: %s\nWhois needs omniORB and omniidl module. For more see README.\n' % msg) sys.exit(1) from what i've inspected in the source code, there is no file which "import omniidl". this requirement will make installation error although omniidl-python package has been installed (i am using ubuntu precise). So it should be: def check_CORBA(self): try: from omniORB import CORBA except ImportError, msg: sys.stderr.write('ImportError: %s\nWhois needs omniORB. For more see README.\n' % msg) sys.exit(1) CMIIW -- Sayid Munawar Sent with Sparrow (http://www.sparrowmailapp.com/?sig)

12 let, 3 měsíce

1
1
0 0

fred on lucid problem

by Tomas Mazak

Hello, I've just installed fred from apt-repository on lucid. Now, when I try to connect to EPP server using fred-client, I get following error: ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (10.128.5.195:700) Certificate not signed by verified certificate authority. There is (hopefully) no problem with CA trust. Moreover, I can see this in fred-eppd.log: CORBA exception: IDL:omg.org/CORBA/COMM_FAILURE:1.0 Could not get greeting data from fred_rifd Any ideas please? Regards, Tomas Mazak

12 let, 3 měsíce

2
2
0 0

Erorr Required_integer_as_parameter when saving registrar data

by Sayid Munawar

Hi, I've just successfully installed fred on ubuntu 12.04. phew… - i've added zone - i've added registrar to zone - i've added acl for registrar now the problem is: when saving anything data (certificate md5, edit street, etc) i got error returned by the fred-webadmin: Required_integer_as_parameter No output generated from debug log, i've set debug level to "debug" too. Any clue how to fix this ? -- Sayid Munawar Sent with Sparrow (http://www.sparrowmailapp.com/?sig)

12 let, 3 měsíce

4
9
0 0

About domain_blacklist

by Mario Guerra

I'm trying to test introducing domain_blacklist entries. My purpose is to blacklist only one domain (under a controlled environment). These are the SQL statements: fred=# insert into domain_blacklist values (1,'^guerra.co.cr$','2013-02-21','2013-02-22','A test'); INSERT 0 1 fred=# insert into domain_blacklist values (1,'^guerra.co.cr$','2013-02-21','2013-02-28','A test'); INSERT 0 1 But info_domain gives this: NIC-REG1(a)127.0.0.1> info_domain guerra.co.cr Domain name: guerra.co.cr Repository object ID: D0000045196-EPP Created by: NIC-REG1 Designated registrar: NIC-REG1 Updated by: NIC-REG1 Created on: 2012-02-21T07:47:02-06:00 Last update on: 2013-02-15T16:49:46-06:00 Expiration date: 2015-02-21 NSSET ID: GUERRA_CO_CR Password for transfer: IvMlT73J Status: ok - Objekt is without restrictions Registrant ID: GUERRAMARIOALBERTO_AT_GMAIL.COM Administrative contact: MGUERRA_AT_NIC.CR MGUERRA2_AT_NIC.CR The domain is not blacklisted, it seems. Thoughts?. Thanks in advance. -- Mario Guerra <mguerra(a)nic.cr>

12 let, 3 měsíce

2
2
0 0

FRED and Module for WHMCS

by Sadi Qevani

Hello, I am interested knowing if there is a module for whmcs that works with FRED. Let me know if you have any ideas about this. Thank you -- *Sadi* Web Developer - IT

12 let, 5 měsíců

1
0
0 0

Contact developer FRED

by Andrey Nikolaev

Good day! Which contact developers( managers/sales) for the ability to adapt to the needs of the registry? Thank you.

12 let, 6 měsíců

1
0
0 0

Migrating from FRED 2.2 to FRED 2.11

by Mario Guerra

Due to the augmented abilities of FRED 2.11, I've attempted to migrate the production database, which runs FRED 2.2, to the FRED 2.11 format, running in a test server running the later. For the DB migration, I've run the SQL scripts, one by one, until it supposedly has the 2.11 structure. I've not run the script for having the initial structure, but a) firstly I migrate the complete DB from the production server to the test server and B) run the appropiate SQL scripts from 2.2 to 2.11. The result when I try to run fred-client: root@fredbeta:~# fred-client Unsupported language code: 'es' in os.environ.LANG. Available codes are: cs, en. Set default to: 'en'. FredClient 2.4.1 Type "help", "license" or "credits" for more information. Using configuration from /usr/etc/fred/fred-client.conf Connecting to 127.0.0.1, port 700 ... ERROR: Login failed The fred-eppd.log file: [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] fred-logd createRequest logging error: IDL:ccReg/Logger/INTERNAL_SERVER_ERROR:1.0 [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] Error while logging the request [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] Created session in fred-logd with id: 68462 [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] using fred-logd session id: 68462 [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] Client disconnected without proper logout. [13/Dec/2012:10:45:24 --0600] 127.0.0.1 (process:17973) [sessionID 512160] Session ended The fred.log file: [2012-Dec-13 10:45:24] [fred-server] [error] [logd-<30156468>/session-0] -- Result failed: INSERT INTO request (time_begin, time_end, source_ip, user_name, user_id, service_id, request_type_id, session_id, is_monitoring, result_code_id ) VALUES ('2012-12-13 16:45:24.018801', NULL, E'127.0.0.1', NULL, NULL, 3, 100, NULL, 'f', NULL) (ERROR: column "service" does not exist <------------------------------ CONTEXT: SQL statement "CREATE TABLE request_epp_12_12 (CHECK (time_begin >= TIMESTAMP '2012-12-01 00:00:00' AND time_begin < TIMESTAMP '2013-01-01 00:00:00 ' AND service = 3 AND is_monitoring = 'f') ) INHERITS (request)" PL/pgSQL function "create_tbl_request" line 31 at EXECUTE statement <----------------------- SQL statement "SELECT create_tbl_request(time_begin, service_id, is_monitoring)" PL/pgSQL function "tr_request" line 26 at PERFORM The are apparent problems when creating the auxiliary request_epp_<year>_<month> table it seems. Best regards. -- Mario Guerra <mguerra(a)nic.cr>

12 let, 6 měsíců

3
4
0 0

Change schemas for ompatibility with RFC

by Andrey Nikolaev

Hi! Is it possible to implement compliance with rfc_5731 and rfc_5732? Conformity in the form domain/host? Example: 1.1. Relationship of Domain Objects and Host Objects (http://tools.ietf.org/rfc/rfc5731.txt) [skip] <domain:ns> <domain:hostAttr> <domain:hostName>ns1.example.net</domain:hostName> <domain:hostAddr ip="v4">192.0.2.2</domain:hostAddr> <domain:hostAddr ip="v6">1080:0:0:0:8:800:200C:417A</domain:hostAddr> </domain:hostAttr> <domain:hostAttr> <domain:hostName>ns2.example.net</domain:hostName> </domain:hostAttr> </domain:ns> [/skip] but Fred implement [skip] <nsset:roid>N0000000003-EPP</nsset:roid> <nsset:status s="linked">Has relation to other records in registry</nsset:status> <nsset:clID>REG</nsset:clID> <nsset:crID>REG</nsset:crID> <nsset:crDate>2012-12-11T21:32:45+02:00</nsset:crDate> <nsset:authInfo>krfJnwlj</nsset:authInfo> <nsset:ns><nsset:name>ns.ns.example.net</nsset:name> <nsset:addr>1.1.1.65</nsset:addr> <nsset:addr>2.1.140.65</nsset:addr> <nsset:addr>2.1.141.65</nsset:addr> <nsset:addr>2.1.142.65</nsset:addr> <nsset:addr>2.1.143.65</nsset:addr> <nsset:addr>2.1.144.65</nsset:addr> <nsset:addr>2.1.145.65</nsset:addr> </nsset:ns> <nsset:ns><nsset:name>ns2.example.net</nsset:name> <nsset:addr>2.1.1.68</nsset:addr> <nsset:addr>2.1.1.68</nsset:addr> <nsset:addr>2.1.1.68</nsset:addr> <nsset:addr>2.1.1.68</nsset:addr> </nsset:ns> [/skip] added description to schemas: to: all.xsd <import namespace="http://nic.domain.my/epp/host-1.1" schemaLocation="host-1.1.xsd"/> add file host-1.1.xsd with schema, about nsset .... (validate mod_eppd) change structure in IDL files, added new object it is real, it is achieved compliance? Not changes all sources fred-server?

12 let, 6 měsíců

1
0
0 0

Problems starting using fred

by Dmitry Belyavsky

Greetings! I've installed FRED on Fedora 17 according to http://fred.nic.cz/wiki/download Now I can't obtain the admin interface. Where can the credentials for demo access be found? Thank you! -- SY, Dmitry Belyavsky

12 let, 7 měsíců

2
7
0 0

A couple of possible bugs for FRED 2.11 - part 2

by Mario Guerra

In this post I'm describing the other apparent problem I found. I'm upgrading a copy of our FRED 2.2 database (which we are using for production), and trying to upgrade it to 2.11.2, the last version. For that I typed this SQL script: postgres@freddb:/root/fred-db-2.11.2/upgrades$ more 2-2-a-2-11.sql \i 2_2_0-2_3_0.sql \i 2_3_0-2_4_0.sql \i 2_4_0-2_5_0-ddl.sql \i 2_4_0-2_5_0-logger-ddl.sql \i 2_4_0-2_5_0-dml.sql \i 2_4_0-2_5_0-logger-dml.sql \i 2.5.0-2.5.1-ddl.sql \i 2.5.0-2.5.1-dml.sql \i 2.5.1-2.6.0-ddl.sql \i 2.5.1-2.6.0-logger-ddl.sql \i 2.5.1-2.6.0-dml.sql \i 2.5.1-2.6.0-logger-dml.sql \i 2.6.0-2.7.0-ddl.sql \i 2.6.0-2.7.0-dml.sql \i 2.6.0-2.7.0-logger-dml.sql \i 2.7.0-2.8.0-ddl.sql \i 2.7.0-2.8.0-dml.sql \i 2.8.0-2.8.1-ddl.sql \i 2.8.0-2.8.1-dml.sql \i 2.8.1-2.8.2-dml.sql \i 2.8.1-2.9.0-01-prepare.sql \i 2.8.1-2.9.0-02-changes-ddl.sql \i 2.8.1-2.9.0-03-changes-dml.sql \i 2.8.1-2.9.0-04-finish-ddl.sql \i 2.9.0-2.10.0-ddl.sql \i 2.9.0-2.10.0-dml.sql \i 2.10.0-2.11.0-01-ddl.sql \i 2.10.0-2.11.0-02-dml.sql \i 2.10.0-2.11.0-03-ddl.sql \i 2.11.0-2.11.1-dml.sql \i 2.11.1-2.11.2-dml.sql ------------------------------- This theoretically, upgrades the DB. But when I run fred-client using this upgraded database, this is when I run fred-client (after setting up fred-server and fred-pyfred): ------------------------------- root@fredbeta:~# fred-client Unsupported language code: 'es' in os.environ.LANG. Available codes are: cs, en. Set default to: 'en'. FredClient 2.4.1 Type "help", "license" or "credits" for more information. Using configuration from /usr/etc/fred/fred-client.conf Connecting to 127.0.0.1, port 700 ... ERROR: Login failed. ------------------------------- The /var/log/fred.log relevant fragment gives me this: [2012-Sep-06 10:36:19] [fred-server] [error] [logd-<60380061>/session-0/request-311805] -- Result failed: INSERT INTO request_data (request_time_ begin, request_service_id, request_monitoring, request_id, content, is_response) VALUES ('2012-09-06 16:36:19.858714', 3, 'f', 311805, E'<?xml version ="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 e pp-1.0.xsd"><command><login><clID>NIC-REG1</clID><pw>reg1.cr</pw><options><version>1.0</version><lang>en</lang></options><svcs><objURI>http://www.nic. cz/xml/epp/contact-1.6</objURI><objURI>http://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</objURI><objURI>http:/ /www.nic.cz/xml/epp/keyset-1.3</objURI><svcExtension><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login><clTRID>bttz0 01#12-09-06at10:36:19</clTRID></command></epp> ', 'f') (ERROR: column "entry_time_begin" of relation "request_data_epp_12_09" does not exist <------------------------- LINE 1: INSERT INTO request_data_epp_12_09(entry_time_begin, entry_s... <----------------------------------- ^ QUERY: INSERT INTO request_data_epp_12_09(entry_time_begin, entry_service, entry_monitoring, entry_id, content, is_response) VALUES ('2012-09-06 16: 36:19.858714', 3, 'f', 311805, '<?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 e pp-1.0.xsd"><command><login><clID>NIC-REG1</clID><pw>reg1.cr</pw><options><version>1.0</version><lang>en</lang></options><svcs><objURI>http://www.nic. cz/xml/epp/contact-1.6</objURI><objURI>http://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</objURI><objURI>http:/ /www.nic.cz/xml/epp/keyset-1.3</objURI><svcExtension><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login><clTRID>bttz0 01#12-09-06at10:36:19</clTRID></command></epp> ', 'f') CONTEXT: PL/pgSQL function "tr_request_data" line 18 at EXECUTE statement --------------------------------------------------------------------- Now, if I drop the table request_data_epp_12_09 so it is newly created, and run fred-client again this is what I get: --------------------------------------------------------------------- [2012-Sep-06 10:40:00] [fred-server] [error] [logd-<62621798>/session-0/request-311806] -- Result failed: INSERT INTO request_data (request_time_ begin, request_service_id, request_monitoring, request_id, content, is_response) VALUES ('2012-09-06 16:40:00.170266', 3, 'f', 311806, E'<?xml version ="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 e pp-1.0.xsd"><command><login><clID>NIC-REG1</clID><pw>reg1.cr</pw><options><version>1.0</version><lang>en</lang></options><svcs><objURI>http://www.nic. cz/xml/epp/contact-1.6</objURI><objURI>http://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</objURI><objURI>http:/ /www.nic.cz/xml/epp/keyset-1.3</objURI><svcExtension><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login><clTRID>doej0 01#12-09-06at10:40:00</clTRID></command></epp> ', 'f') (ERROR: column "entry_time_begin" does not exist CONTEXT: SQL statement "CREATE TABLE request_data_epp_12_09 (CHECK (entry_time_begin >= TIMESTAMP '2012-09-01 00:00:00' AND entry_time_begin < TIMEST AMP '2012-10-01 00:00:00' AND entry_service = 3 AND entry_monitoring = 'f') ) INHERITS (request_data) " PL/pgSQL function "create_tbl_request_data" line 27 at EXECUTE statement SQL statement "SELECT create_tbl_request_data(entry_time_begin, entry_service, entry_monitoring)" PL/pgSQL function "tr_request_data" line 23 at PERFORM ------------------------------------------------------ It seems that the upgrade scripts almost dotheir job, but I feel something got overlooked. What do you think?. Best regards. -- Mario Guerra <mguerra(a)nic.cr>

12 let, 9 měsíců

1
0
0 0

A couple of possible bugs for FRED 2.11

by Mario Guerra

I want to inform about a couple of possible bugs for FRED 2.11 (I tried to use TRAC, but it is not clear how to ccreate a new user): 1. fred-admin listing contacts I did in a controlled environment a brand new FRED 2.11 installation. After running the orderedsql.sh script for installing the PostgreSQL initial environment I ran fred-admin for creating an initial registrar, a zone, and registered the zone with that registrar. After that, I created a contact. This is what I get: a) fred-client NIC-REG1(a)127.0.0.1> list_contacts Number of records: 1 MGUERRA_AT_NIC.CR NIC-REG1(a)127.0.0.1> info_contact MGUERRA_AT_NIC.CR Contact ID: MGUERRA_AT_NIC.CR Repository object ID: C0000000001-EPP Created by: NIC-REG1 Designated registrar: NIC-REG1 Created on: 2012-09-04T18:18:51-06:00 Name: Mario Guerra Street: AV. 12-14, Calle 25 City: San Jose Postal code: 2060-1000 Country code: CR Password for transfer: hPdgeOiT Email: mguerra(a)nic.cr Status: ok - Objekt is without restrictions Disclose: voice fax email vat ident notify_email addr b) fred-admin root@fredbeta:~# fred-admin --contact_list <objects> </object> Have you reproduced this problem?. For the next possible bug, I'm posting another email. Best regards. -- Mario Guerra <mguerra(a)nic.cr>

12 let, 9 měsíců

1
0
0 0

fred-pyfred on lucid

by Bryton Focus

Further to my previous email, I did the instalation of FRED from packages of Lucid and did a lot of tweaking but seems alot of things works but I was sad not to find a script like fred-server which i think helps when starting the services unless the name is changed but i think it helps especially when one wants to start services at once. Hi, I am having a problem with fred-pyfred on lucid when I start the services all starts except fred-pyfred when i start via pyfredctl it does not start, checking the logs I get the bellow errors.... fred-pyfred[1672]: segfault at 0 ip b71a57e3 sp bf8f3240 error 4 in libomniORB4.so.1.4[b70ec000+17a000] Now I decided to dig more and found out when I try to genzone I get the 'Segmentation Fault' error. Can anyone help please. -- b

12 let, 11 měsíců

2
1
0 0

fred-pyfred on lucid

by Bryton Focus

Hi, I am having a problem with fred-pyfred on lucid when I start the services all starts except fred-pyfred when i start via pyfredctl it does not start, checking the logs I get the bellow errors.... fred-pyfred[1672]: segfault at 0 ip b71a57e3 sp bf8f3240 error 4 in libomniORB4.so.1.4[b70ec000+17a000] Now I decided to dig more and found out when I try to genzone I get the 'Segmentation Fault' error. Can anyone help please. -- b

12 let, 11 měsíců

1
0
0 0

FRED workshop prior to ICANN44 in Prague

by Jaromir Talir

Hi, CZ.NIC will host next ICANN meeting in Prague in June 24-29 this year - http://prague44.icann.org/ and http://www.icannprague.cz/ I had an idea to do one day workshop for FRED prior to this meeting on Sunday 24 if there will be some demand. Topics would cover: - features, architecture, component description - installation procedure - basic configuration - adding zone, adding registrar,... - place for questions. The workshop would be in our offices where we have small educational room for 20 people. Please let me know if you would like to participate in this activity, we have five weeks to arrange it. Regards, Jaromir -- Jaromir Talir technicky reditel / Chief Technical Officer ------------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23, 120 00 Praha 2, Czech Republic mailto:jaromir.talir@nic.cz http://nic.cz/ sip:jaromir.talir@nic.cz tel:+420.222745107 mob:+420.739632712 fax:+420.222745112 -------------------------------------------

12 let, 11 měsíců

7
7
0 0

sql/epp_login.sql: No such file or directory

by a_brahaj＠yahoo.com

Anyone tried to install the 2.11!? I am getting sql/epp_login.sql: No such file or directory on the fred-db* package fred-db-2.11.0 # make ./orderedsql.sh > structure.sql cat: ./sql/epp_login.sql: No such file or directory Regards, A

12 let, 12 měsíců

4
6
0 0

NIC-CR using their own certificates

by Mario Guerra

As of today, 12 June, we are using our EPP module and fred-client certificates.They are signed by the same CA, in our case, our own. These scripts can help you to do that: CA creation (if you decide to have your own): -------------------------------------------- #!/bin/bash openssl genrsa -des3 -out nicca.key 4096 openssl req -new -x509 -days 1095 -key nicca.key -out nicca.crt -subj /C=<country>/L=<City>/O=<country>.NIC/OU=Registry/CN=localhost/ Certificate request and signing (the later is done by an external CA if you decide so): #!/bin/bash echo "Create CSR for $1" openssl genrsa -des3 -out $1.key 4096 openssl req -new -key $1.key -out $1.csr -subj /C=<country>/ST=<province/state>/L=<Location>/O=<country>.NIC/OU=Registry/CN=localhost/emailAddress=<your email address> echo "Sign certificate for $1" (you don't need this if you use an external CA) openssl x509 -req -days 1095 -in $1.csr -CA nicca.crt -CAkey nicca.key -set_serial 01 -out $1.crt echo "Generate key w/o passphrase" openssl rsa -in $1.key -out $1.key.insecure mv $1.key $1.key.secure mv $1.key.insecure $1.key The later script is used both for the EPP module and fred-client but create two independent certificates. Algo, for fred-client you need to modify the cert field in the registraracl table for the respective registrar so it states the FRED certificate fingerprint. Calculate that with this: openssl x509 -md5 -noout -in NIC-REG1.crt -fingerprint | awk 'BEGIN {FS="="} {print $2}' More details at http://www.guerra.co.cr/ (Certificate management using FRED). Any comment is welcome. -- Mario Guerra <mguerra(a)nic.cr>

13 let

1
0
0 0

Re: Setting up a CA and signing certificates with it

by Mario Guerra

Following this thread: 1. I setup an account in cacert.org for having certificates emitted with them. Then I generated a couple of certificates, one for the EPP Apache module and one for the client (which means that both certificates are different, not the same situation described in the README file in /usr/share/fred-mod-eppd/ssl/README. Now, I notice both certificates are emitted by the very same CA, cacert.org in this case. They work perfectly. So I have some questions: a) What happens if nic.cr has its own certificates with, say, cacert.org and the clients using fred-client generate certificates using the same CA, but with their own usernames?. My guess is that it shouldn't be a problem, because the CA cert associated in the eppd module configuration is the same. That is, for the EPP module certificate nic.cr use a cacert.org user like, say, "nicrcr" and the client connecting with nic.cr use their own user, say, "client1". b) What if nic.cr uses, say, cacert.org for the EPPD Apache module, but a client uses, Certplus, Thawte or Verising for signing their fred-client certificates?. c) I have tried to use our own (test) CA following the procedure in http://www.tc.umn.edu/~brams006/selfsign.html, part 1B, but it does not work. I guess I have to include something and I'm not aware of it. Thanks in advance. -- Mario Guerra <mguerra(a)nic.cr>

13 let

1
0
0 0

Re: FRED workshop prior to ICANN44 in Prague

by Jaromír Talíř

Hi Ghislain, You are registered. Now there are 10 people registered so there is 10 more places. Regards, Jaromir Ghislain NKERAMUGABA píše v Út 29. 05. 2012 v 15:24 +0200: > Dear Jaromir, > > > > I would like to be part of the FRED workshop participant. > > Thank you. My name is below. > > > > regards, > > > > Ghislain NKERAMUGABA > > .rw ccTLD Coordinator - RICTA > > Email: cctldc(a)ricta.org.rw / ghislain.n(a)ricta.org.rw > > Mob/Cell: +250-788470507 > > Website: www.ricta.org.rw > > > > > > > > > > > > > _______________________________________________ > fred-users mailing list > fred-users(a)lists.nic.cz > https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users -- Jaromir Talir technicky reditel / Chief Technical Officer ------------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23, 120 00 Praha 2, Czech Republic mailto:jaromir.talir@nic.cz http://nic.cz/ sip:jaromir.talir@nic.cz tel:+420.222745107 mob:+420.739632712 fax:+420.222745112 -------------------------------------------

13 let

2
1
0 0

Re: FRED workshop prior to ICANN44 in Prague

by Ghislain NKERAMUGABA

Dear Jaromir, I would like to be part of the FRED workshop participant. Thank you. My name is below. regards, Ghislain NKERAMUGABA .rw ccTLD Coordinator - RICTA Email: cctldc(a)ricta.org.rw / ghislain.n(a)ricta.org.rw Mob/Cell: +250-788470507 Website: www.ricta.org.rw

13 let

1
0
0 0

Using certificates in FRED

by Mario Guerra

I've written this so you can properly use your own certificates in a FRED production environment, either using your own or an external CA. http://www.blogger.com/blogger.g?blogID=4416341164567520466#editor/target=p… Consider this a draft and feel free to comment about it. Best regards. -- Mario Guerra <mguerra(a)nic.cr>

13 let

1
0
0 0

popen2 duplicated

by yan

Dear all, I am having a problem installing fred when I install fred-pyfred, it is giving me an error saying that the popen2 is duplicated and I should use the subprocess module. I am confused and don't want to make more errors, can you help me? Thank you

13 let

1
0
0 0

WHMCS Plugin for FRED installation

by a_brahaj＠yahoo.com

Hello everyone, Probably this is the best place to ask, since WHMCS is being used by most small hosters today, does anyone know if there is some Module for WHMCS and FRED installations!? Regards, A

13 let

4
5
0 0

Re: Setting up a CA and signing certificates with it

by Piotr Przybył

Hello guys Bryton's right. But let's not forget about registraracl table and MD5 fingerprint of the certificate after. Some more details can be found in the excerpt I attach. They're not so relevant in this case but they might be helpful to some folks in the future. It's openssl and Ubuntu based. Best Piotr On 21/05/12 18:32, bfocus(a)tznic.or.tz wrote: > > Mario, > > Have you tweaked epp file in apache by adding the new CA and the server > cert and key? > > What I normally do is I use tinyca on a separate machine... > > I create a CA,create server cert and key and finally the client cert and key. > > Once done I ship them to the server I want then does a small change on the > epp file in apache to reflect the ca and server cert/key > > Then I use client certs and key for fred-client. > > I have never tried to use the same server cert and key for the fred-client. > > Bryton. > >> I have done this, according to >> http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your >> own CA): >> >> a) create a CA authority (ca.key and ca.crt) >> b) make a certificate request (server.csr) >> c) sign the certificate request (server.crt and server.key) with the new >> CA authority >> d) change the server key so it does not ask for a passphrase. >> >> Afterwards, the server.crt and server.key files are included in >> /usr/share/fred-client/ssl directory, and the fred-client configuration >> file is modified like this: >> >> ssl_cert = %(dir)s/server.crt >> ssl_key = %(dir)s/server.key >> >> Now, if I try to run fred-client this is the result: >> >> ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL >> routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700) >> Certificate not signed by verified certificate authority >> >> What should I do for fred-client to identify these certificates as valid?. >> >> Thanks in advance. >> >> Note: the new fred-client is perfectly compatible with FRED 2.2. >> >> >> -- >> Mario Guerra <mguerra(a)nic.cr> >> _______________________________________________ >> fred-users mailing list >> fred-users(a)lists.nic.cz >> https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users >> > > > _______________________________________________ > fred-users mailing list > fred-users(a)lists.nic.cz > https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users

13 let, 1 měsíc

1
0
0 0

Re: FRED workshop prior to ICANN44 in Prague

by Dr Paulos Nyirenda

Jaromir, I would like to participate. It is my hope that you will have a detailed hands on installation session. I would like to return with a working FRED registry on my Fedora laptop that includes the new features as well like post paid billing. Regards, Paulos ============================== Dr Paulos Nyirenda Malawi SDNP Coodinator On 17 May 2012 at 13:55, Jaromir Talir wrote: > Hi, > > CZ.NIC will host next ICANN meeting in Prague in June 24-29 this year - > http://prague44.icann.org/ and http://www.icannprague.cz/ > > I had an idea to do one day workshop for FRED prior to this meeting on > Sunday 24 if there will be some demand. Topics would cover: > - features, architecture, component description > - installation procedure > - basic configuration - adding zone, adding registrar,... > - place for questions. > > The workshop would be in our offices where we have small educational > room for 20 people. Please let me know if you would like to participate > in this activity, we have five weeks to arrange it. > > Regards, > Jaromir > > -- > Jaromir Talir > technicky reditel / Chief Technical Officer > ------------------------------------------- > CZ.NIC, z.s.p.o. -- .cz domain registry > Americka 23, 120 00 Praha 2, Czech Republic > mailto:jaromir.talir@nic.cz http://nic.cz/ > sip:jaromir.talir@nic.cz tel:+420.222745107 > mob:+420.739632712 fax:+420.222745112 > ------------------------------------------- > > _______________________________________________ > fred-users mailing list > fred-users(a)lists.nic.cz > https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users ---------------------------------------------------------- Malawi SDNP Webmail: http://www.sdnp.org.mw Access your Malawi SDNP e-mail from anywhere in the world. ----------------------------------------------------------

13 let, 1 měsíc

1
0
0 0

new version 2.11

by Jaromir Talir

Hi, finally we managed to complete new version suitable for public release. I uploaded files to http://fred.nic.cz/wiki/download Just a quick summary of what are the main changes: (1) auditing component - after 3 years running fred (2007-2010) we found out that almost 99% of database size is in tables action and action_xml used to log all incoming EPP communication and database is getting to be non-maintainable. So we decided to change fred architecture and create separate general component for logging incoming request. Database for this consists of (request_*,session_*,..) monthly partitioned tables and can be installed separately from main database. It its now used by EPP fronted, unix whois, web whois and webadmin to store all requests in FRED. (2) billing component - invoicing was rewritten with intention to support not only prepaid but also postpaid model. Price list can be configured that in the way that charged operations are not blocked when there is no credit, registrar sees negative credit in 'credit_info' command and this is cleared when there is an incoming payment. Tables for holding incoming payments were simplified and there is a simple way to register new payment from general xml file describing payments. There is also new component fred-transproc for transaction processing. It queries IMAP and HTTP sources and transform responses into this new xml file that is passed to fred. There are some example modules for our local banks that can be used as starting point for your own modules (3) messaging component - we added possibility to send and archive SMS and snail mail letters automatically. But this is based on external services so there must be some local company having web service for sms or snail mail processing. Then script that call this web service must be created and uploaded into fred for this feature to work. (4) mojeid changes - we build a identity solution called mojeid (myid) over registry (www.mojeid.cz). This is not part of fred and just use fred as backend. It constis of validation of contact data by sending sms to his phone number, email to his email address and snail mail letter to his postal address. After completion of three pieces of information send by this three channels we set status identified to this contact and user can maintain his contact data directly through new application. This contact also can take advantage of openid server and used the same authentication process for different website supporting openid. I mention this because you may see some of these mojeid changes in fred, but actually are not useful for you. We are in the process of more separating these things out of fred. If you will decide to migrate we suggest to do new installation because there are quite a lot of changes in configurations and than migrate database according upgrade scripts in fred-db packages. Of course there should be a intensive testing before going to production. Regards, Jaromir -- Jaromir Talir technicky reditel / Chief Technical Officer ------------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23, 120 00 Praha 2, Czech Republic mailto:jaromir.talir@nic.cz http://nic.cz/ sip:jaromir.talir@nic.cz tel:+420.222745107 mob:+420.739632712 fax:+420.222745112 -------------------------------------------

13 let, 1 měsíc

1
0
0 0

Fred Client Error List

by besmira nushi

Hello, Does anyone know if there exists a full list of all the possible errors that might happen during the connection of Fred-Client with the server? The respective error messages might also be useful. Thanks, Besmira

13 let, 1 měsíc

2
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

fred-users