If you have java installed, you can check for the "ikeyman" tool (X11 application!) to create and adminsiter ssl certificates; the command line tool should be "keytool"; entering "keytool" without parameters, you'll get the command syntax.
Code:
$> which ikeyman
/usr/java5_64/jre/bin/ikeyman
$> which keytool
/usr/java5_64/jre/bin/keytool
There is also the tool
Code:
gsk7cmd
which can be used to work on SSL keystores and also create certificates etc. Entering it without parameters you get the sytnax help. This tool is part of the package "gskta.rte 7.0.3.30".
If you have openSSL installed, you could just use "openssl"; there is plenty of syntax examples if you use your favourite search engine.
i have configured Squid proxy server in Fedora 8 with two network interfaces.
HTTP, HTTPS, FTP are working fine but we are unable to download mails using mail clients from mail server with POP3(ssl) and SMTP(ssl).
so please someone help us how to enable pop and smtp in Squid. (1 Reply)
Does anyone know how to extract the expiration date of a Solaris 9 certificate? I have searched over the 'net and it seems this command ssl-cert-check comes up often but this does not work on my servers. Not sure how to extraxt the expiration dates of the SSL Certs so if anyone can help that would... (2 Replies)
Hello all :b:
I need a little advice on securing my VSFTPD server. I currently have it setup and working using a self signed certificate by following instructions on the net and im happy with it to a certain extent.
One of my clients is not... He said he cannot connect to the server unless... (1 Reply)
Hello,
I have been attempting to automate the addition of SSL certificates to keychains on a MAC using the "security" command. I've noticed two things, 1 of which I don't understand.
1. If I use something like "security add-trusted-cert -d -k /System/Library/Keychains/SystemRootCertificates... (1 Reply)
I have interesting problem.
https:/host/some/x.cgi
- this script has run twice when I call this url
But
http:/host/some/x.cgi
work fine, only once.
Output is text/plain.
If I change output format to the Content-type text/html,
then both urls works fine - executed only once. (2 Replies)
Hi everyone,
I am working on a Nginx + Apache installation for learning purposes, and just got to the point of installing a self-signed certificate for securing some pages that will be used to send "sensitive" information such as login credentials. So far so good.
What a I want to know is how can... (2 Replies)
Hello All,
0. Firstly, I am not very Unix savvy. For instance, I don't know what the purpose of certificates are, and I don't know if this is the right forum for this question.
1. The problem: I can't use homebrew or use git. Running git pull, for instance, gives the following error:
... (2 Replies)
Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website!
please advise if I missed any concept / configs... Thank you!
httpd.conf
<VirtualHost *:80>
ServerName www.my-site.com
ServerAdmin... (0 Replies)
Discussion started by: ashokvpp
0 Replies
LEARN ABOUT DEBIAN
net::sslglue::smtp
Net::SSLGlue::SMTP(3pm) User Contributed Perl Documentation Net::SSLGlue::SMTP(3pm)NAME
Net::SSLGlue::SMTP - make Net::SMTP able to use SSL
SYNOPSIS
use Net::SSLGlue::SMTP;
my $smtp_ssl = Net::SMTP->new( $host,
SSL => 1,
SSL_ca_path => ...
);
my $smtp_plain = Net::SMTP->new( $host );
$smtp_plain->starttls( SSL_ca_path => ... );
DESCRIPTION
Net::SSLGlue::SMTP extends Net::SMTP so one can either start directly with SSL or switch later to SSL using the STARTTLS command.
By default it will take care to verify the certificate according to the rules for SMTP implemented in IO::Socket::SSL.
METHODS
new The method "new" of Net::SMTP is now able to start directly with SSL when the argument "<SSL =" 1>> is given. In this case it will not
create an IO::Socket::INET object but an IO::Socket::SSL object. One can give the usual "SSL_*" parameter of IO::Socket::SSL to
"Net::SMTP::new".
starttls
If the connection is not yet SSLified it will issue the STARTTLS command and change the object, so that SSL will now be used. The usual
"SSL_*" parameter of IO::Socket::SSL will be given.
peer_certificate ...
Once the SSL connection is established the object is derived from IO::Socket::SSL so that you can use this method to get information
about the certificate. See the IO::Socket::SSL documentation.
All of these methods can take the "SSL_*" parameter from IO::Socket::SSL to change the behavior of the SSL connection. The following
parameters are especially useful:
SSL_ca_path, SSL_ca_file
Specifies the path or a file where the CAs used for checking the certificates are located. This is typically "etc/ssl/certs" on UNIX
systems.
SSL_verify_mode
If set to 0, verification of the certificate will be disabled. By default it is set to 1 which means that the peer certificate is
checked.
SSL_verifycn_name
Usually the name given as the hostname in the constructor is used to verify the identity of the certificate. If you want to check the
certificate against another name you can specify it with this parameter.
SEE ALSO
IO::Socket::SSL, Net::SMTP
COPYRIGHT
This module is copyright (c) 2008, Steffen Ullrich. All Rights Reserved. This module is free software. It may be used, redistributed
and/or modified under the same terms as Perl itself.
perl v5.14.2 2012-04-06 Net::SSLGlue::SMTP(3pm)