On mercredi, 23 novembre 2016 17.31:50 h CET Steve Litt wrote: > On Wed, 23 Nov 2016 16:04:22 -0600 (CST) > > Greg Rivers <gcr+dove...@tharned.org> wrote: > > On Wed, 23 Nov 2016, Steve Litt wrote: > > > [snip] > > > > > > Alpine still gives me a bad cert warning, saying I should either > > > fix it or disable checking. I haven't yet found a way to get Alpine > > > to discriminate between a valid self-signed cert and a bad one. > > > > Like a number of applications, alpine checks the system certificates > > directory for a file containing the server certificate to be > > validated that's named according to its x509 hash. If it finds it, it > > trusts it. > > > > I don't know where Linux distros keep their certs, but on FreeBSD > > it's in /etc/ssl/certs/. If you've no other way to find out, a brute > > force search of the alpine binary should locate it, e.g.: > > > > $ strings $(whence alpine) | grep '^/.*certs$' > > /etc/ssl/certs > > The directory or the certs isn't the problem. Alpine sees the > self-signed cert I just made, but complains because it's self-signed, > and gives me the choice between saying "yes" every time, and just not > checking for certs at all. > > SteveT > > Steve Litt > November 2016 featured book: Quit Joblessness: Start Your Own Business > http://www.troubleshooters.com/startbiz
One solution would be to use a Let's Encrypt certificate (that's what I do). Documentation can be found here : * https://certbot.eff.org/docs/using.html#standalone * https://community.letsencrypt.org/t/use-on-non-web-servers/425 -- Simon Doppler (dopsi)
signature.asc
Description: This is a digitally signed message part.
