18 Lis
2021
18 Lis
'21
13:28
On 18 Nov 2021 at 11:29, bsd(a)todoo.biz wrote:
Hello Dr. Nyirenda,
Thanks a lot for your help.
Do you by any chance have the formula that you are using to create or
renew your client side certificates? ,
What is your TLD ?
We are using openssl and I do not think there is a "formula" as such
We are fighting because one of our engineer has left
the company and
did´t properly document things. One certificate has expired in
july, we didn´t notice until server was rebooted... Now it is a bit
emergency.
One of the ways could be for you to create your own CA, put the CA certificate into the
FRED
config on the server side and using that issue a new certificate to the registrar.
Regards,
PC
=============================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.nic.mw
SDNP: http://www.sdnp.org.mw
Tel: +265-(0)-882 089 166
Cell: +265-(0)-888-824787
WhatsApp: +265-(0)-887386433
Sincerely yours.
Le 18 nov. 2021 à 08:54, Dr Paulos Nyirenda <paulos(a)sdnp.org.mw >
a écrit :
On 16 Nov 2021 at 14:41, bsd(a)todoo.biz wrote:
Hello,
I was wondering if the SSL certs which are created to authenticate
EPP requests will need to be bound to a CA or if they only needed
to be created as plain Cert + Key.
In fred-client.conf - there only seems to have an :
ssl_cert = %(dir)s/cert.xxx.pem
ssl_key = %(dir)s/key.unenc.xxx.pem
If I remember correctly, this is enough on the client side.
No sign of CA.
Also if I remember correctly, the CA certificate corresponding to
your client certificate is only needed to be installed on the
FRED server side for your EPP client
Hope this helps.
Regards,
Paulos
=============================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD
http://www.nic.mw
SDNP: http://www.sdnp.org.mw
Tel: +265-(0)-882 089 166
Cell: +265-(0)-888-824787
WhatsApp: +265-(0)-887386433
--
This email has been checked for viruses by AVG.
https://www.avg.com