Ok I solved it. Two issues:
1. the ca.crt file differed on various VMs, possibly due to bitrot
2. the -C option for syslogd to use the ca.crt as distributed to all VMs
now (wasn't the case as I would append it's content to /etc/ssl/cert.pem
and that was sufficient up till now) allows for
Hi Stuart,
On 09/10/2023 23:01, Stuart Henderson wrote:
any chance you previously had added certs to /etc/ssl/cert.pem but lost
that when upgrading?
I always readd the ca.crt used to sign the client certs to
/etc/ssl/cert.pem and distribute the file at upgrade via siteXX.tgz
It's hard to
On 2023-10-09, Peter N. M. Hansteen wrote:
> On Mon, Oct 09, 2023 at 06:42:02PM +0200, Noth wrote:
>>
>> I upgraded to 7.4 via CVS on my VMs but not my routers (yet). The 7.3
>> routers are still able to connect via TLS but the 7.4 VMs can't as they
>> don't like the self signed certs. It'd be
Hi
On 09/10/2023 19:59, Peter N. M. Hansteen wrote:
You are aware that OpenBSD 7.4 has not been released yet, right?
Of course.
On Mon, Oct 09, 2023 at 06:42:02PM +0200, Noth wrote:
This wasn't covered in http://www.openbsd.org/plus74.html . I have a setup
where various OpenBSD instances
You are aware that OpenBSD 7.4 has not been released yet, right?
On Mon, Oct 09, 2023 at 06:42:02PM +0200, Noth wrote:
>
> This wasn't covered in http://www.openbsd.org/plus74.html . I have a setup
> where various OpenBSD instances log via TLS to a central logger, using self
> signed
Hello,
This wasn't covered in http://www.openbsd.org/plus74.html . I have a
setup where various OpenBSD instances log via TLS to a central logger,
using self signed certificates I generated locally (10 year validity).
Both the server and the clients verify each other using the -c & -s
6 matches
Mail list logo
