Viktor,
I have tried the c_rehash /etc/ssl/certs and that did not help the
situation. I had seen that in a bug post and tried it.
How can I make sure that openssl is usin g the /etc/ssl/certs folder to
search for the ca certificate?
Thanks,
Eric Speake
Web Systems Administrator
O'Reilly Auto Parts
(417) 862-2674 Ext. 1975
From: Viktor Dukhovni <openssl-us...@dukhovni.org>
To: openssl-users@openssl.org
Date: 02/17/2014 12:59 PM
Subject: Re: CA cert issue
Sent by: owner-openssl-us...@openssl.org
On Mon, Feb 17, 2014 at 11:35:58AM -0600, espe...@oreillyauto.com wrote:
> If I run the following every thing works.
>
> openssl s_client -state -nbio -connect host:9471 \
> -CAfile /etc/ssl/certs/<cert_name>.pem 2>&1
>
> This:
>
> openssl s_client -state -nbio -connect host:9471 \
> -CApath /etc/ssl/certs/ 2>&1
>
> returns rify error:num=19:self signed certificate in certificate chain
# c_rehash /etc/ssl/certs
Note, this is not atomic, and may cause validation failures while
the script is running. On a busy system, you'll need a more robust
mechanism for creating the required soft links.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
--
This message has been scanned for viruses and dangerous content,
and is believed to be clean.
Message id: A24846013FD.A1197
This communication and any attachments are confidential, protected by
Communications Privacy Act 18 USCS ยง 2510, solely for the use of the intended
recipient, and may contain legally privileged material. If you are not the
intended recipient, please return or destroy it immediately. Thank you.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
