All posts by Michael Albert

rsyslog: Configure TLS/SSL

Hi,

to setup a remote syslog server TLS encryption is strongly recommended.

Continue reading rsyslog: Configure TLS/SSL

openssl: Create a selfsigned certificate

Hi,

creating selfsigned certificate with openssl is one step 🙂
Continue reading openssl: Create a selfsigned certificate

Debian: Enable apt debug logging

Hi,

for troubleshooting purposes (i.e. certificate issues) it is sometimes to enable the debug logging of apt.
Continue reading Debian: Enable apt debug logging

openssl: Verifiy failed with error 3 at 0 depth lookup: unable to get certificate CRL

Hi,

openssl can verify certificates against the root CA/intermediate CA chain and also can check a crl list if a certificate is revoked.
Continue reading openssl: Verifiy failed with error 3 at 0 depth lookup: unable to get certificate CRL

Debian: Disable certificate crl check for apt

Hi,

there is an issue in the openssl libraries < version 3 that an crl check of an certificate fails if the file size of the crl file is greater then 100kB.

Continue reading Debian: Disable certificate crl check for apt