10 More Discussions You Might Find Interesting
1. AIX
Anyone have any procedures or tutorials on how to change the self-signed certificate on the IBM AIX VIOS Intergrated Virtulization Manager web site?
I've googled till my fingers broke and most links take me to generic replacements for IBM products that I don't have.
Any help is appreciated.... (3 Replies)
Discussion started by: JAY2068
3 Replies
2. Programming
Hello Team,
I have to verify the Client server certificate validation in HTTPS request(SSL hand shake before the actual HTTPS post request), And tried various ways and failed to verify it successfully.
here are the trials and errors,
resp = requests.post(url, req, verify=True, timeout=5,... (0 Replies)
Discussion started by: chandana.hs
0 Replies
3. UNIX for Advanced & Expert Users
:rolleyes:I am trying to setup all certificate based client-server environment in Linux using vsftpd and curl with openssl.
I would like to make a user access with vsftpd certificate and user own client certificate (self-signed) with private/public key.
I don't see google posts about the my plan... (4 Replies)
Discussion started by: gogogo
4 Replies
4. HP-UX
Hi.
I'm having problems with my HP C8000 and 11.11 (ifs client needs to be restarted every week), trying to get it worked out.
When I searched the web it seems, I require the following patches:
PHKL_41041, PHKL_43823, PHKL_43577
Is there anyway to get hold of these packages?
Many thanks... (2 Replies)
Discussion started by: plantage
2 Replies
5. UNIX for Dummies Questions & Answers
I have to call a webservice , I need to pass the static request from Unix which should have message signing details in the soap header . I am using cURL command for this. I do not have java , I need to do it through Unix only .
Below is the kind of Soap envelop I want to wrap around my request .... (0 Replies)
Discussion started by: IshuGupta
0 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I am trying to call a http soap webservice using curl command , I have tried the below option but I am getting a failure .
curl -H "Content-Type: text/xml; charset=utf-8" -H SOAPAction:" -d @Request.xml -X POST... (1 Reply)
Discussion started by: IshuGupta
1 Replies
7. Red Hat
Hi Guys,
These days, I am busy in configuring OpenLDAP. I plan to enable security.
I don't know how to install CA Certificate on Red Hat Linux OS (Red Hat Enterprise Linux Server release 5.3).
Could you please help me out of this trouble?
---------- Post updated at 06:45 PM ----------... (1 Reply)
Discussion started by: crest.boy
1 Replies
8. UNIX for Dummies Questions & Answers
Dear All..........
if anyone can help me with a problem i'm facing :(.......i will be really grateful!!!:)
If i install a new certificate in a cluster (2 machines) should it be restarted the whole cluster? A separate restart per server is it enough? My main query is if a restart is needed?
... (4 Replies)
Discussion started by: unbalanced
4 Replies
9. UNIX for Advanced & Expert Users
Hello!
I have setup a site to which users authenticate against with openssl certificates.
Everything works just fine, be I wish to be able to redirect to a error page with instructions instead of displaying the default error page that firefox displays.
How to? I got nothing out of google...... (6 Replies)
Discussion started by: Esaia
6 Replies
10. HP-UX
Hi all!
I am running an NIS Server with Linux. Now I want to configure a HPUX-Server to use this NIS Server. I have don all the configuration stuff exactly as described in the documentation.
When I run YPWHICH, it shows me the right server and domain. If I run YPCAT passwd, I'll get the... (4 Replies)
Discussion started by: pepade
4 Replies
STAP-AUTHORIZE-SIGNING-CERT(8) System Manager's Manual STAP-AUTHORIZE-SIGNING-CERT(8)
NAME
stap-authorize-signing-cert - systemtap signing authorization utility
SYNOPSIS
stap-authorize-signing-cert CERTFILE [ DIRNAME ]
DESCRIPTION
The staprun program will load modules for members of the group stapusr if they are signed by a trusted signer. A trusted signer is usually
a systemtap compile server which signs modules when the client (stap-client) specifies the --unprivileged option.
The trustworthiness of a given signer can not be determined automatically without a trusted certificate authority issuing systemtap signing
certificates. This is not practical in everyday use and so, staprun must authenticate servers against its own database of trusted signers.
In this context, establishing a given signer as trusted means adding that signer's certificate to staprun's database of trusted signers.
The stap-authorize-signing-cert program adds the given signing certificate to the given certificate database, making that signer a trusted
server for staprun when using that database.
ARGUMENTS
The stap-authorize-signing-cert program accepts two arguments:
CERTFILE
This is the name of the file containing the certificate of the new trusted signer. For systemtap compile servers, this is the file
named stap.cert which can be found in the server's certificate database. On the server host, for servers started by the stap-server
service, this database can be found in /var/lib/stap-server/.systemtap/ssl/server/. For servers run by other non-root users, this
database can be found in $HOME/.systemtap/ssl/server/. For root users (EUID=0), it can be found in /etc/systemtap/ssl/server.
DIRNAME
This optional argument is the name of the directory containing the certificate database to which the certificate is to be added. If
not specified, the default is /etc/systemtap/staprun/. That is, the default result is that all users on the local host will trust
this signer. Note that this default directory is only writable by root.
SAFETY AND SECURITY
Systemtap is an administrative tool. It exposes kernel internal data structures and potentially private user information. See the stap(1)
manual page for additional information on safety and security.
Systemtap uses Network Security Services (NSS) for module signing and verification. The NSS tool certutil is used for the generation of
certificates. The related certificate databases must be protected in order to maintain the security of the system. Use of the utilities
provided will help to ensure that the proper protection is maintained. staprun will check for proper access permissions before making use
of any certificate database.
FILES
/etc/systemtap/staprun/
staprun's trusted signer certificate database.
/var/lib/stap-server/.systemtap/ssl/server/stap.cert
Signing certificate for servers started by the stap-server service.
SEE ALSO
stap(1), staprun(8), stap-server(8), stap-client(8), NSS, certutil
BUGS
Use the Bugzilla link of the project web page or our mailing list. http://sources.redhat.com/systemtap/, <systemtap@sources.redhat.com>.
Red Hat 2010-07-05 STAP-AUTHORIZE-SIGNING-CERT(8)
