On Wed, Jan 11, 2012 at 11:22 AM, Izz Abdullah <[email protected]> wrote: > root@xxx:/var/www/servers# openssl verify -CApath /etc/ssl/certs/ > /usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt > /usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt: OK
Yes, that is the same output I get when running the command. The problem is that only rt-mailgate is having a problem figuring out how to validate the SSL certificate that RT instance is using. All browser clients validate it fine. This thread from October 2011 http://www.gossamer-threads.com/lists/rt/users/106073 talks about editting rt-mailgate to specifically name a root ca as an ssl_option argument, but I really don't want to mess with the RT distribution and feel I shouldn;t have to because it worked fine with the old wildcard SSL cert, and browsers were able to figure out the new SSL cert without trouble as well. A -------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012
