Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Nim and ssl

Status
Not open for further replies.
fjdude

fjdude

Programmer
Jan 2, 2009
3
NL
Hi all,

I'm trying to secure my environment by using nimsh and ssl. So i can diable all remote-exec services (rsh,rexec and rlogin).

I running AIX 6100-02-01-0847, openssl 0.9.6m-2.
Installing went fine.
Nim works via nimsh without ssl.
But when i run command nimclient -c it all stops....
nimlog:
Fri Jan 2 15:25:31 2009 file descriptor is 5
Fri Jan 2 15:25:31 2009 file descriptor is : 5
Fri Jan 2 15:25:31 2009 family is : 2
Fri Jan 2 15:25:31 2009 source port is : 1023
Fri Jan 2 15:25:31 2009 source addr is : 172.211.171.631
Fri Jan 2 15:25:31 2009 source hostname is : unix5.org.nl
Fri Jan 2 15:25:31 2009 getting 2nd port
Fri Jan 2 15:25:31 2009 count equals 0
Fri Jan 2 15:25:31 2009 count equals 1
Fri Jan 2 15:25:31 2009 count equals 2
Fri Jan 2 15:25:31 2009 count equals 3
Fri Jan 2 15:25:31 2009 count equals 4
Fri Jan 2 15:25:31 2009 got stderr port 1022
Fri Jan 2 15:25:31 2009 success: we got 1st write query is 0
Fri Jan 2 15:25:31 2009 success: we got 2nd write local id is 00C9811E4C00
Fri Jan 2 15:25:31 2009 success: we got 3rd write remote id is 00C1F11E4C00
Fri Jan 2 15:25:31 2009 success: we got 4th write command is /usr/lpp/bos.sysmgt/nim/me
Fri Jan 2 15:25:31 2009 passing OpenSSL setting of 1
Fri Jan 2 15:25:31 2009 set symbol table
Fri Jan 2 15:25:31 2009 seed_prng
Fri Jan 2 15:25:31 2009 cert filename - /ssl_nimsh/certs/unix5.org.nl.0
Fri Jan 2 15:25:31 2009 Loading certificates..
Fri Jan 2 15:25:31 2009 Loading private key file..
Fri Jan 2 15:25:31 2009 create BIO
Fri Jan 2 15:25:31 2009 -Error: peer certificate: application verification failure
Fri Jan 2 15:25:31 2009 Error checking SSL object after connection

Could not find any other log to help me out.

Thnx Fjd

 
Sort by date Sort by votes
If you figure it out let me know. I wasn't able to get it working and never bothered to open a support call. I figured maybe they would fix the problem with a new release :)
 
Upvote 0 Downvote
This looks a bit odd ...

source addr is : 172.211.171.631
 
Upvote 0 Downvote
My company wouldnt like me to elaborate about the adresses we use.
So i randomly changed numbers and yes.......
172.211.171.631
seems to be wrong.

I suppose if you had the correct numbers you solve this problem ???
 
Upvote 0 Downvote
Resolved !

activate ssl on server (smitty nim_ssl)
activate ssl onclient (smitty nim_config_services)
This will get new server.pem from master on client but still...... not working:

stopsrc -s nimesis on server
stopsrc -s nimsh on client
startsrc -s nimesis onserver
startsrc -s nimsh on client.

will resolve the certificate problem.

THNX all
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

E
  • Locked
  • Question
What are reservations and how do you set them?
Replies
0
Views
316
emze
E
jkc2023
  • Locked
  • Question
AIX TL and SP upgrade
Replies
0
Views
443
jkc2023
jkc2023
Dan Gaeta
  • Locked
  • Question
Power 740 and HMC
Replies
1
Views
357
pa2nc
pa2nc
vipermaus
  • Locked
  • Question
IBM 615-6C3 Fans missing fault (1011 7620 and 1011 7611)
Replies
0
Views
208
vipermaus
vipermaus
trifo
  • Locked
  • Question
Setting up NIM for different networks
Replies
0
Views
188
trifo
trifo

Part and Inventory Search

Sponsor

Back
Top