[jadmin] SASL-Auth to jabber.org
Jonathan Siegle
jsiegle at psu.edu
Wed Apr 26 05:58:25 CDT 2006
Philipp Hancke said the following on 4/26/06 1:49 AM:
> Matthias Wimmer schrieb:
>> Hi!
>>
>> Is anyone able to establish an SASL-authed s2s link to jabber.org? I
>> always get (jabber.org): TLS verification failed: unable to verify the
>> first certificate.
> Error code 21?
> You need to install the Comodo Class 3 Certificate...
> http://www.instantssl.com/ssl-certificate-support/cert_installation/ComodoSecurityServicesCA2018.crt
>
>
> That changes the error code to 27, which is a problem with the
> certificate, not yours. The problems seems to be that Comodo marks
> 'Key Usage' as critical and the cert is not used for an 'allowed'
> purpose.
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client
Authentication
I wonder what we should have requested in here.
>
> Using a cacert certificate would help, they dont set 'Key Usage' to
> critial :-)
Is this bad?
-Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3252 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/jadmin/attachments/20060426/193a9a1f/attachment-0001.bin>
More information about the JAdmin
mailing list