Yo Hal! On Tue, 02 Apr 2019 14:59:13 -0700 Hal Murray via devel <devel@ntpsec.org> wrote:
> >> We could consider having ntpd crash if there are any problems
> >> parsing the config file.
> > At least for anything security related.
>
> The parser can't tell if an error is security related - as your
> example demonstrates.
If nts in on the server line, any failure should be fatal.
> > Another test. So I put the pi3 fullchain.pem in /tmp. I still can
> > not connect with this config:
>
> I haven't worked with the directory mode. What's in your pem file?
It is the Lets Encrypt fullchain.pem.
> I think openssl is expecting the root cert.
Well, I don't have one. Remember, LE has no "the root cert".
And in the case of ostfalia, I only could get their root cert becuase I
was talking to the guy. Much more common case is I just have the end
cert.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
g...@rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpzW38clV_ji.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
