[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Verifying server certificate failed?!
|
From: |
Sven Geggus |
|
Subject: |
Re: Verifying server certificate failed?! |
|
Date: |
Thu, 15 Mar 2012 15:19:08 +0000 (UTC) |
|
User-agent: |
tin/2.0.0-20110823 ("Ardenistiel") (UNIX) (Linux/2.6.27.52-ztdummy (x86_64)) |
Richard Moore <address@hidden> wrote:
> Your chain file includes the root certificate as well as the
> intermediate certificate. You should not be transmitting that one
There has been one unrelated certificate (the one for the User CA) in the
chain which caused the problem. Sending the root cert is probably tolerated.
I did not check this.
What I have now is the following:
SSLCertificateChainFile /path/to/file/with/all/intermediate/certs
SSLCACertificateFile /path/to/file/with/all/certs/including/root
Anything else causes trouble. My first try has been to put all certificates
into one file and point SSLCertificateChainFile and SSLCACertificateFile
to this file.
So I definitely think gnutls should be more tolerant about certificates
which are not in use but provided anyway.
Regards
Sven
--
"In my opinion MS is a lot better at making money than it is at making good
operating systems" (Linus Torvalds, August 1997)
/me is address@hidden, http://sven.gegg.us/ on the Web
- Verifying server certificate failed?!, Sven Geggus, 2012/03/15
- Re: Verifying server certificate failed?!, Richard Moore, 2012/03/15
- Re: Verifying server certificate failed?!,
Sven Geggus <=
- Re: Verifying server certificate failed?!, Nikos Mavrogiannopoulos, 2012/03/15
- Re: Verifying server certificate failed?!, Sven Geggus, 2012/03/15
- Re: Verifying server certificate failed?!, Ted Zlatanov, 2012/03/16
- Re: Verifying server certificate failed?!, Richard Moore, 2012/03/16
- Re: Verifying server certificate failed?!, Nikos Mavrogiannopoulos, 2012/03/17