Contrary to StartSSL’s FAQ, it is now possible for authenticated users to submit certificate requests (CSRs) for client (S/MIME) certificates. However, certificates are issued in PEM format, while most browsers and mail clients prefer PKCS#12 format. This article describes steps to create private key and corresponding certificate request, as well as how to create PKCS#12 file after obtaining signed client certificate.
It appears that PHP 5.6.X introduced some new aspects of handling SSL/TLS communication, in a way that it now verifies peer certificates and hostnames by default. How do I know this?
It would be unfair to say that Poptop wasn’t doing a good job as my choice of PPTP server on OpenBSD for quite some time. It did meet all my requirements: it worked on OpenBSD, provided my Windows users with the ability to connect to VPN with software included in base system, and authenticated users from Active Directory. I was never quite happy administering it, however. I am not sure if it was due to its obstreperous and incomprehensible config files or terrible session monitoring capabilities. One way or another, we never got used to each other. As of OpenBSD 5.3, npppd
– New Point to Point Protocol Daemon – became a part of OpenBSD base system. The following article describes how to configure it as a PPTP server which authenticates users from RADIUS.
Desktop environments on FreeBSD are usually started by some kind of display manager, such as GDM or KDM. This is specially true for “heavy” desktops such as GNOME or KDE, which are almost impossible to run without one. On the other side, “lighter” desktops such as XFCE run just fine without a display manager. Steps to start XFCE without login manager are described in FreeBSD Handbook, but they require that user logs in and starts X server manually. The following article describes how to start XFCE automatically immediately after user logs onto local console.
Default FreeBSD installation will boot into command line login prompt, requiring users to log into the system before gaining access to the programs, which is usually done by typing username and password interactively. In some cases, however, we want to login certain user automatically on boot. Steps to accomplish this task are described in the following article.