I have done this, according to http://www.tc.umn.edu/~brams006/selfsign.html, part 1B (generating your own CA): a) create a CA authority (ca.key and ca.crt) b) make a certificate request (server.csr) c) sign the certificate request (server.crt and server.key) with the new CA authority d) change the server key so it does not ask for a passphrase. Afterwards, the server.crt and server.key files are included in /usr/share/fred-client/ssl directory, and the fred-client configuration file is modified like this: ssl_cert = %(dir)s/server.crt ssl_key = %(dir)s/server.key Now, if I try to run fred-client this is the result: ERROR: socket.sslerror: [Errno 1] _ssl.c:480: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (200.107.82.18:700) Certificate not signed by verified certificate authority What should I do for fred-client to identify these certificates as valid?. Thanks in advance. Note: the new fred-client is perfectly compatible with FRED 2.2. -- Mario Guerra <mguerra(a)nic.cr> _______________________________________________ fred-users mailing list fred-users(a)lists.nic.cz https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users