Search Results

Search found 2458 results on 99 pages for 'dbconsole certificate expire'.

Page 75/99 | < Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82 | Next Page >

CNAME rule being ignored

- by Ben

On a server with Plesk installed I have added a CNAME rule pointing from one of the sites subdomains to an external website. I have checked the named configuration for that domain name and it shows the CNAME however the sub domain just points to the default server page and ignores the CNAME rule. Named has been restarted and I've also run the rvmng reconfigure-vhost command. I edited another server to test this, on cPanel, and it works fine. The conf file for the domain: ; *** Ts file is automatically generated by Plesk *** $TTL 86400 @ IN SOA ns.example.com. cf.example1.com. ( 1292946742 ; Serial 10800 ; Refresh 3600 ; Retry 604800 ; Expire 10800 ) ; Minimum example.com. IN NS ns.example.com. ns.example.com. IN A xx.xxx.xxx.xx example.com. IN A xx.xxx.xxx.xx webmail.example.com. IN A xx.xxx.xxx.xx mail.example.com. IN A xx.xxx.xxx.xx beta.example.com. IN A xx.xxx.xxx.xx ftp.example.com. IN CNAME example.com. www.example.com. IN CNAME example.com. login.example.com. IN CNAME socialize.gigya.com. example.com. IN MX 10 webmail.example.com. You can see the CNAME rule in the file but it just gets ignored? Thanks in advance for any help.

Read the article
Dummy/default page for apache

- by Ency

I'm trying to set up default page for my apache2, for following cases: User is accessing http://IP_Address instead of hostname Requested protocol (HTTP/HTTPS) is not available (eg. only http*s*://domain.com exists) Currently I've got something like that <VirtualHost eserver:80> ServerAdmin webmaster@localhost DocumentRoot /var/www/local/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> </VirtualHost> I think, it works well, i'm trying to do similar thing for HTTPS, but it does not work. <VirtualHost eserver:443> SSLCertificateKeyFile /etc/apache2/ssl/dummy.key SSLCertificateFile /etc/apache2/ssl/dummy.crt SSLProtocol all SSLCipherSuite HIGH:MEDIUM ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn ServerSignature Off </VirtualHost> My default is places in sites-enabled as a first one 000-default I do not care about not certificate validity during accessing default page, my goal is not show different HTTPS page if user one of points is applied

Read the article
IIS 6.0 subdomains with host headers and non existent subdomains

- by Mustafakidd

Hey Everyone - We have a wildcard A-Record pointing to our IP and have a number of sites running on IIS 6 with host headers and have a a wildcard SSL certificate for the domain so that each site can run under SSL. For example: https://A.foo.com https:/B.foo.com https:/C.foo.com Everything is working well but I noticed that when we type a non existent subdomain, say D.foo.com, it redirects to A.foo.com. Any idea why that is or how I can change that? I think we may have set up the A.foo.com site before we applied the wildcard A-record with our domain provider and before we had set up the SSL cert. Thanks.

Read the article
Redirecting subsite on same domain to other IIS using HTTPS

- by Alberto

I've seen many similar questions (and answers) on this subject, but none seem to be on exactly the same situation I am facing. Which is weird since I don't think it is that special, so forgive me if I haven't searched enough. Anyway. I have two websites which are on two IIS7, one facing WAN and one in the LAN. The WAN facing is already HTTPS-only. I want to add the second website, but on the same HTTPS domain and SSL certificate, so that it becomes a subsite like: https://www.domain.com/subsite How can I do a redirect or rewrite on the first IIS to the second one to make this work? I don't think there is a standard IIS feature that can do this. ISA server is not an option currently. But maybe another extension to IIS exists? Done this numerous times on Apache, and am about to ditch IIS for Apache.

Read the article
VPN using Zywall

- by Rune FS

I've played around with a certificate based VPN (normally I don't do hardware) we've manged to setup the connection and the tunnel between the routers is working correctly. We now need the last step. There's no connection to the computers on the other end. What could we have forgotten? (we're testing with two standard configured Win7 machines) EDIT: Just to clarify the tunnel is working I can ping the router on the other end. I can't access the computers on the other side of that router and vice versa. (It's also possible to access the remotemangement console of the remote router on the LAN IP)

Read the article
Apache can't connect to LDAP server

- by jldugger

I'm tying SVN to LDAPS by way of Apache. I've run openssl s_client --host $host --port 636 and received an SSL certificate, so it doesn't appear to be a firewall problem. I get the following warning: [Fri Apr 02 07:38:15 2010] [warn] [client <ip withheld>] [590] auth_ldap authenticate: user jldugger authentication failed; URI /internal-svn [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server] "Can't contact LDAP server" is somewhere between vague and wrong. I'm at a loss on how to continue debugging this. Ideas?

Read the article
Failed to import SLES11 to SCOM2012

- by siyang

I try to the import my SLES11 to SCOM 2012, but failed. Below is my simple steps and failed error message. Import SLES11 mp DNS resolve both SCOM and SLES11 Install SCOM Agent and cert. Generated the cert from SLES11 then import it to SCOM, and use scxcertconfig -sign to refresh the cert, and back it to SLES11.(I restart the scxadmin on SLES11, and reboot the SCOM ) 5. On SCOM try to find the SLES11, but failed. Below is the error message. *Message: Certificate signing was not successful. Detials: Standard Output: Failed to start child process '/etc/init.d/scx-cimd' errno=13RETURN CODE:1 Standard Error: Exception Message:*

Read the article
Prevent IIS7 HTTPS from binding to all SSL IP addresses

- by robpaveza

I've had this interesting problem with IIS7. I have a number of HTTPS sites in IIS7. That hasn't been a problem, until I wanted to go and set up VisualSVN Server using an SSL certificate. The installer had trouble starting the service. When I looked in the event log, the error was that "the file is already in use by another process." I figured that the "file" was really a socket, and checked with netstat - even though IIS was only bound to three specific IP addresses (.160, .156, and .168) with port 443, it was consuming *:443. I could stop the World Wide Web Publishing Service, start VisualSVN, and then start IIS, but then none of my SSL servers would start. Any helpful hints about how I could make IIS not try to default-bind to *:443? Thanks!!

Read the article
PKI Issuing CA on Domain Controllers

- by dunxd

I am setting up a PKI which will initially be used internally. As we may grow our use of this I have opted for a three tier hierarchy - Offline Root and Policy CAs (one Policy CA at the moment for internal use), and online issuing CAs. We had initially discussed using our Domain Controllers as the Issuing CAs rather than setting up dedicated ones. I am now starting to have doubts about whether it is a good idea to have our DCs do certificate issuing. We have less than 1000 users, so our DCs aren't hugely taxed. Does anyone have any suggestions for or against doing this? We are currently running Windows 2003 Active Directory, but will be upgrading to Windows 2008 in the coming year. I'm setting up Windows 2008 PKI.

Read the article
Unknown protocol when trying to connect to remote host with stunnel

- by RaYell

I'm trying to set up a stunnel for WebDav on Windows. I want to connect 80 port on my local interface to 443 on another machine in my network. I can ping the machine remote machine. However when I use the tunnel, I'm getting this error all the time SSL state (accept): before/accept initialization SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol There is nothing in the logs on the other machine and here's my stunnel connection config [https] accept = 127.0.0.2:80 connect = 10.0.0.60:443 verify = 0 I've set it up to accept all certificates so this shouldn't be a problem with a self-signed certificate remote host uses. Does anyone knows what might be the problem that this connection cannot be eastablished?

Read the article
mysql connector/net ssl shutsdown the server

- by Simon

Hello, when I try to connect my server throw connector/net using ssl with pfx certificate I had problem with establishing the connection. I get connection timeout. And the server probably fall down (I dont know it for sure, becouse I dont manage the server). On the Windows XP works all right, but on Windows 7 dont. Please, where is problem? In Windows 7 or on the server (mysql 5.0)? Sometimes I get "Calling interface SSPI Failed" error, but not everytime. Sometimes is only connection timeout error. Thank you a lot for any help. Regards, simon

Read the article
Enabling AES 256 GCM on Windows Server 2012 R2

- by Feanaro

I'd like to enable the use of the AES 256 GCM encryption instead of the AES 256 CBC. We already have ECC certificates based on ECDSA so that pre-requisite has been fullfilled. The certificate has a SHA-256 signature and uses a 256-bit ECC keyset. The ciphersuite I'd like to use: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 This is our ciphersuite order: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 Still when I check the website it says we use TLS 1.2 and ECDHE_ECDSA for key exchange AES_256_CBC encryption and SHA1 for message digest. I suspect it uses this suite for some reason: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 When I remove that ciphersuite the site has a protocol mismatch and won't load the https anymore. Does anyone know how to enable the ciphersuite? Did I forget to set something in the registry or do I need to do something else to enable that specific suite. Thanks in advance!

Read the article
Automating and deploying new linux servers

- by luckytaxi

I'm in the process of developing a method to automate new virtual machines into my environment. 90% of our machines are virtual but the process is similar for both physical and vmware based images. What I do now is I use cobbler to install the base OS. The kickstart script has post hooks to modify the yum repo and installs puppet and func. Once the servers are running, I manually add them into nagios and sign the certificate via the puppetmaster. I've since migrated most of the resources to use mysql as the backend. I wanted to see what others are doing and my goal for 2011 is to have puppet inventory the hardware into mysql, and somehow i'll script a python script to have nagios grab the info and automatically add it for monitoring purposes. It's kind of tedious to have to add each new server into nagios, puppet's dashboard, munin, etc...

Read the article
how do you add an A record for a root domain

- by nbv4

this seems really simple, but I can't figure it out. I'm using xname.org since it's free and I own a bunch of domains spread over a few different registrars. The setup I desire is very simple: one A record that points the bare domain name to my server, plus a wildcard CNAME record pointing all subdomains to the same server. So if the user goes to domain.com it will point them to 285.24.435.75, if they go to www.domain, blah.domain.com, or any other sub domain, they'll get sent to 285.24.435.75. All the examples I read on the internet about setting up A records all have the A record set to a subdomain such as www. WWW is deprecated so I want to have noting to do with it. Currently my xname.org zone looks like this: $TTL 86400 ; Default TTL domain.com. IN SOA ns0.xname.org. nbvfour.gmail.com. ( 2010052503 ; serial 10800 ; Refresh period 3600 ; Retry interval 604800 ; Expire time 10800 ; Negative caching TTL ) $ORIGIN domain.com. IN NS ns2.xname.org. IN NS ns0.xname.org. IN NS ns1.xname.org. @ IN A 65.49.73.148 * IN CNAME domain.com The '@' symbol is something that the godaddy domain interface uses to mean "this root domain', but that may have been specefic to that interface and has no meaning here. Before I had a 'www' entry in the A rcords and it worked in the sense that I could ping 'www.domain.com' and it returned a response, but pinging the root domain 'domain.com' returned "no host found".

Read the article
Can a malicious hacker share Linux distributions which trust bad root certificates?

- by iamrohitbanga

Suppose a hacker launches a new Linux distro with firefox provided with it. Now a browser contains the certificates of the root certification authorities of PKI. Because firefox is a free browser anyone can package it with fake root certificates. Thus a fake root certificate would contain a the certification authority that is not actually certified. Can this be used to authenticate some websites. How? Many existing linux distros are mirrored by people. They can easily package software containing certificates that can lead to such attacks. Is the above possible? Has such an attack taken place before?

Read the article
OpenVPN with MacOS X Client and same subnets in local and remote net.

- by Daniel

I have a homenetwork 192.168.1.0/24 with gteway 192.168.1.1 and a remote network with the same parameters. Now I want to create a OpenVPN tunnel between those networks. I have no problems with Windows, because Windows routes everything to 192.168.1.0/24 except 192.168.1.1 throught the tunnel. On MacOS X however I see the folling line in the Details window: 2010-05-10 09:13:01 WARNING: potential route subnet conflict between local LAN [192.168.1.0/255.255.255.0] and remote VPN [192.168.1.0/255.255.255.0] When I list the routes I get the following: Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.1.1 UGSc 13 3 en1 127 localhost UCS 0 0 lo0 localhost localhost UH 12 3589 lo0 169.254 link#5 UCS 0 0 en1 192.168.1 link#5 UCS 1 0 en1 192.168.1.1 0:1e:e5:f4:ec:7f UHLW 13 17 en1 1103 192.168.1.101 localhost UHS 0 0 lo0 192.168.6 192.168.6.5 UGSc 0 0 tun0 192.168.6.5 192.168.6.6 UH 1 0 tun0 My Interfaces are en1 - My local Wifi network tun0 - The tunnel interface As can be seen from the routes above there is no entry for 192.168.1.0/24 that routes the traffic through the tunnel interface. When I manually route a single IP like 192.168.1.16 over the tunnel gateway 192.168.6.6, this works. Q: How do I set up my routes in MacOS X for the same behaviour as on windows, to route everything except 192.168.1.1 through the tunnel, but leave the default gateway to be my local 192.168.1.1 ?

Read the article
configure server and create website without any control panel

- by Emad Ahmed

i am trying to configure my new server without cpanel i've installed php/mysql/apache And it's now working fine if you visit the server ip http://46.166.129.101/ you'll see the welcome page i've configured my dns too my nameserverips file [root@server]# cat /etc/nameserverips 46.166.129.101=ns1.isellsoftwares.com 46.166.129.101=ns2.isellsoftwares.com if you visit this link http://ns1.isellsoftwares.com you'll see the welcome page too!! but if you visit isellsoftwares.com you'll see ( 'Firefox can't find the server at www.isellsoftwares.com.' ) Now my question is: How to create an account for this domain on the server?? i've tryied to add virtualHost tag in apache <VirtualHost *:80> ServerAdmin [email protected] ServerAlias www.isellsoftwares.com DocumentRoot /var/www/html/issoft ServerName isellsoftwares.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common </VirtualHost> it still not working ... i've added named file for this domain (( isellsoftwares.com.db )) ; Zone file for isellsoftwares.com $TTL 14400 isellsoftwares.com. 86400 IN SOA ns1.isellsoftwares.com. elsolgan.yahoo.com. ( 2012031500 ;Serial Number 86400 ;refresh 7200 ;retry 3600000 ;expire 86400 ;minimum ) isellsoftwares.com. 86400 IN NS ns1.isellsoftwares.com. isellsoftwares.com. 86400 IN NS ns2.isellsoftwares.com. isellsoftwares.com. 14400 IN A 46.166.129.101 localhost 14400 IN A 127.0.0.1 isellsoftwares.com. 14400 IN MX 0 isellsoftwares.com. mail 14400 IN A 46.166.129.101 www 14400 IN CNAME isellsoftwares.com. ftp 14400 IN A 46.166.129.101 cpanel 14400 IN A 46.166.129.101 whm 14400 IN A 46.166.129.101 webmail 14400 IN A 46.166.129.101 webdisk 14400 IN A 46.166.129.101 ns1 14400 IN A 46.166.129.101 ns2 14400 IN A 46.166.129.101 but it still not working !!!!! So, what else i should do??

Read the article
Why would you use EAP-TTLS instead of PEAP?

- by Ivan Macek

As I understood EAP-TTLS and PEAP share same level of security when implemented in wireless networks. Both only provide server side authentication via certificate. The drawback of EAP-TTLS can be non native support in Microsoft Windows so every user has to install additional software. The benefit of EAP-TTLS can be support for less secure authentication mechanisms (PAP, CHAP, MS-CHAP) but why would you need them in modern and properly secure wireless system? What are you opinions? Why should I implement EAP-TTLS instead of PEAP? Let's say that I have most Windows users, medium Linux users and least iOS, OSX users.

Read the article
Get OWA and ActiveSync working on server using HTTP redirect in IIS 7

- by eric

We have two servers on our LAN. One is a Windows 2003 Server domain controller running Exchange 2003. The other is a stand-alone Windows 2008 server running IIS 7. Our company website runs on the IIS 7 (2008) server, so the firewall forwards port 80 to this. How can I get OWA and ActiveSync to work with this setup? And without using SSL. I have tried setting up a website on the IIS 7 box (mail.ourdomain.com) and using HTTP redirect to point to http://mailserver/exchange, but this doesn't work. Do we have to purchase an SSL certificate for this to work?

Read the article
Using mod_wsgi with mpm_itk: socket permission issue

- by djechelon

I'm using mod_itk as MPM for increased security in shared environment. I also have a Firefox Sync Server within one of the VHosts I host. That vhost is restricted to a certain user via AssignUserId user group. The problem is that the socket /var/run/wsgi...whatever.sock is chmodded srwx------ and owned by Apache's wwwrun. While I configured the vhost with WSGIProcessGroup sync WSGIDaemonProcess sync user=djechelon group=djechelon processes=1 threads=5 I still get the error that Apache wants to access a socket that is not accessible and because of this gets an error. Is it possible to configure mod_wsgi in order to create different sockets with different owners for different applications or to chmod its socket in a different way (less secure)? Currently, I'm running Firefox Sync as the only WSGI application. Moving it to a vhost that doesn't AssignUserId could solve this problem but will force me to change URL (and buy an additional SSL certificate), so I wouldn't consider this

Read the article
Setting up WHM nameservers

- by Miskone

I am new to server administration and I've just got a dedicated root server from Hetzner. First I set up in Hetzner's robot DNS entries Registered nameservers: ns1.raybear.com 88.198.32.57 ns2.raybear.com 88.198.32.57 Under DNS entires I have buzz-buzz.me pointing to 88.198.32.57 // My server IP address and on my WHM I have DNS zone for buzz-buzz.me ; cPanel first:11.42.1.17 (update_time):1402062640 Cpanel::ZoneFile::VERSION:1.3 hostname:hosting.raybear.com latest:11.42.1.17 ; Zone file for buzz-buzz.me $TTL 14400 buzz-buzz.me. 86400 IN SOA ns1.raybear.com. miskone.gmail.com. ( 2014060605 ;Serial Number 86400 ;refresh 7200 ;retry 3600000 ;expire 86400 ) buzz-buzz.me. 86400 IN NS ns1.raybear.com. buzz-buzz.me. 86400 IN NS ns2.raybear.com. buzz-buzz.me. 14400 IN A 88.198.32.57 localhost 14400 IN A 127.0.0.1 buzz-buzz.me. 14400 IN MX 0 buzz-buzz.me. mail 14400 IN CNAME buzz-buzz.me. www 14400 IN CNAME buzz-buzz.me. ftp 14400 IN CNAME buzz-buzz.me. agent 14400 IN A 88.198.32.57 src 14400 IN A 88.198.32.57 platform 14400 IN A 88.198.32.57 But still I have some problems accesing buzz-buzz.me, agent.buzz-buzz.me and platform.buzz-buzz.me Also I have problem getting mails on Google account, I can send but not receive emails. How to solve this. As I said I am completly new here and I need urgent help.:(

Read the article
disable "SSL 2.0+ upgrade support" in nginx

- by Bhargava

I evaluated the SSL credentials of my server with qualsys ssl page ( https://www.ssllabs.com/ssldb/index.html ) and found the entry "SSL 2.0+ upgrade support" being marked as yes. I want to disable this sslv2 handshake too. I searched around and found http://forum.nginx.org/read.php?2,104032m, which points to creating a openssl.cnf file. Have a naive question here. After creating the file, does one need to re-key his certificate for this to work ? Are there any other steps to follow ? I use nginx 1.0.11 and openssl "OpenSSL 1.0.0e-fips 6 Sep 2011". I have set ssl_ciphers in nginx to SSLv3 TLSv1;

Read the article
CA and VPN setup

- by Raj

We are a small comany about 20 employees. We have some off site some i houser servers. Where should I install CA? On a domain controller or VM? can I obtain my own certificate for MS VPN? Where should I install MS vpn server? can I install on VM CA server? Do I need to open any ports on Firewall? Please send me or direct me to a web site where I can get setip by step installation instructions. Thanks.

Read the article
Server unreachable without www

- by deamon

My server is unreachable without "www." prefix, even when trying it with ping. The DNS entry looks like this: $TTL 86400 @ IN SOA ns1.first-ns.de. postmaster.robot.first-ns.de. ( 2011010600 ; serial 14400 ; refresh 1800 ; retry 604800 ; expire 86400 ) ; minimum @ IN NS robotns3.second-ns.com. @ IN NS robotns2.second-ns.de. @ IN NS ns1.first-ns.de. @ IN A 1.2.3.4 localhost IN A 127.0.0.1 mail IN A 1.2.3.4 www IN A 1.2.3.4 ftp IN CNAME www imap IN CNAME www loopback IN CNAME localhost pop IN CNAME www relay IN CNAME www smtp IN CNAME www @ A DNS record of the same type for another domain on the same server is working with and without "www". And the VirualHost config looks like this: <VirtualHost *:80> ServerName somewhere.com ServerAlias www.somewhere.com ServerSignature Off ... </VirtualHost> Any idea what could be wrong?

Read the article
DNS name not on cert

- by blsub6

I've got an interesting one... My users have always typed in 'mail' to get to their mail. There was an internal DNS A record that resolved that to the IP of the mail server. I'm putting in an Exchange server to replace that. In order for people to get their mail, I try putting in an A record that does the same thing as the previous one. When I try to get to OWA, it tells me that the certificate on the server is not trusted. I only have the names: mail.mydomain.com autodiscover.mydomain.com autodiscover.mydomain.internal mydomain.internal mailserver.mydomain.internal so when the browser sees that this cert is trying to cover https://mail/owa it says the cert's not trusted. What amy I supposed to do about that?

Read the article

< Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82 | Next Page >