Using lets-encrypt, I am not able to renew SSL certification for my domain and when I try:
kubectl describe certificate --namespace=master
It's always stacked with this message:
Waiting for CertificateRequest "root-tls-xxxxx" to complete
Related
Any help or hint would be greatly appreciated it!!
I have windows 11 Pro.
I installed openshift.
I did "crc setup" and I did "crc start":
INFO Adding crc-admin and crc-developer contexts to kubeconfig...
ERRO Cannot update kubeconfig: x509: certificate has expired or is not yet valid: current time 2022-05-24T00:01:26-04:00 is after 2022-01-13T22:29:55Z
Started the OpenShift cluster.
The server is accessible via web console at:
https://console-openshift-console.apps-crc.testing
I get the following error when I tried to login:
C:\Users\Albert Lam>oc login -u developer https://api.crc.testing:6443
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): n
error: The server uses a certificate signed by unknown authority. You may need to use the --certificate-authority flag to provide the path to a certificate file for the certificate authority, or --insecure-skip-tls-verify to bypass the certificate check and use insecure connections.
C:\Users\Albert Lam>oc login -u developer https://api.crc.testing:6443
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): y
I had the same problem and it was caused by an old certificate that was expired and had nothing to do (VMware one) with Openshift.
I've found the problem by viewing the certificate inside my chrome browser after navigating to https://console-openshift-console.apps-crc.testing.
The correct certificate should have *.apps-crc.testing as CN, but mine has another one.
I suggest you to find the wrong certificate and delete it if expired.
On windows, for VMware you can find it inside C:\ProgramData\VMware\SSL.
On Windows you can look for certificates by using the "manage certificates" app.
I am trying to secure the client API in API Management using the client certificates.
context.Deployment.Certificates.Any(c => c.Value.Thumbprint == context.Request.Certificate.Thumbprint)
only checks against the certificates stored in "Certificate" directory and not against "CA Certificate"
How do I get all the certificates stored in CA Certificates and then compare against the thumbprint
There is no runtime access to that collection. The purpose of CA certificates is to make sure that SSL certificates and any certificate you call .Validate on can build and validate chain.
I am attempting to establish MariaDB replication using SSL Certificates for authentication. Reading the documentation about setting up the master server with a slave user which uses the GRANT command.
At the following link ( https://mariadb.com/kb/en/mariadb/grant/#per-account-ssltls-options ), the part to set up authentication on the account uses REQUIRE ISSUER and REQUIRE SUBJECT. These take in string representations of part of the SSL Certificates.
My question is, how is the client certificate, which will be provided on connection by the slave server, verified by the master? I cannot see in config where the master server is provided with a client certificate chain that the slave's certificate is issued off. Have I missed where the master is loaded with CA/chain certificates or even just the client certificate?
If it does not, the replication does not seem to be using any of the crypographic properties of the certificate. Just string matching on the certificate subject/issuer.
I am connecting to google geocode web service from .NET code. It works perfectly in my local machine and when deployed in windows 2003 std. server, I am getting the below error.
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Where can I get the certificate for Google web service? I tried downloading it from chrome by hitting the url and saved the certificate in a file and added to Trusted certificate store but still having same issue when the site is running.
Any suggestion will be greatly appreciated.
Can't get mails then connected with The Bat!
Server sends:
-ERR Authentication failed.
and the record in maillog is:
dovecot: auth(default): Failed to lookup domain owner of
The problem occurred after I rebuild the Apache.
Where can be problem?
As hoster support said:
The reason was that the hostname was the same as domain. The mail server tried to authenticate agains system users for the VPS instead of virtual users for the domain.