Mailinglist Archive: opensuse (982 mails)

< Previous Next >
Re: [opensuse] When connecting to my own dovecot server, Alpine complains that it is using self-signed certificates.
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Mon, 01 Sep 2014 19:38:58 +0200
  • Message-id: <lu2bhm$qlu$1@saturn.local.net>
Carlos E. R. wrote:

On 2014-09-01 16:59, Per Jessen wrote:
Carlos E. R. wrote:


Once you have established yourself as a CA, you then act like one.
With your user hat on, you create a certificate and a signing
request and send it to your CA, i.e. yourself.

I thought that might be so, but no idea how to do that :-?

Create a root CA:

No, no. That part is already done, from YaST.

Aha.

What I need now is to create a "Certificate Signing Request" from the
already existing dovecot server certificate, or create a new dovecot
certificate together with the corresponding CSR.

I go thru that everytime I install a new HP server. The certificate is
issued by a card on the server (ILO card). I then sign it:

openssl ca -policy policy_anything -days 3650 -in server-ilo.csr -out
server-ilo.crt

and install the newly signed certificate on the card. (web interface).

YaST does a lot of things with these certificates, but this is NOT
documented.

I know you're keen on working it with YaST, but personally I wouldn't
bother. It's an area that is unlikely (IMHO) to have received much if
any testing.

I have found the documentation in paper for SLES, though. Expensive
paper.

Huh? You probably don't need to buy SLES just to use the
documentation :-)


--
Per Jessen, Zürich (12.9°C)
http://www.dns24.ch/ - your free DNS host, made in Switzerland.

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups