[Juser] Re: Maddening with SSL certificates
Jonathan Siegle
jsiegle at psu.edu
Mon May 7 10:47:10 CDT 2007
Noiano said the following on 5/6/07 12:21 PM:
> Matthias Wimmer wrote:
>> Hi Noiano!
>> =20
>> Noiano schrieb:
>>> I followed your instructions and I got the return code 0. Now I wonder=
>
>>> how to tell kopete that everything is ok with the jabber.org
>>> certificate. I also copied the crt file into /usr/share/ssl-cert/ but
>>> nothing, if I do not specify the -CAfile option I get
>> [...]
>>> What to do?
>> =20
>> Find the correct location where your openssl binary expects the CA
>> certificates to be. /usr/share/ssl-cert/ seems more likely to be a
>> location where your system may have installed local certificates but no=
>
>> CA certificates.
>> =20
>> =20
>> Tot kijk
>> Matthias
>
> I did copy this certificate http://cert.startcom.org/ca.crt under
> /etc/ssl/certs and I made a c_rehash but I always get the same error
> both using kopete/psi and using openssl.
>
Try doing:
$ openssl version -d
OPENSSLDIR: "/usr/lib/ssl"
$ ls -lt /usr/lib/ssl
total 8
lrwxrwxrwx 1 root root 14 2007-03-19 08:56 certs -> /etc/ssl/certs
drwxr-xr-x 2 root root 4096 2007-03-19 08:56 misc
lrwxrwxrwx 1 root root 20 2007-03-19 08:56 openssl.cnf ->
/etc/ssl/openssl.cnf
lrwxrwxrwx 1 root root 16 2007-03-19 08:56 private -> /etc/ssl/private
drwxr-xr-x 2 root root 4096 2007-03-16 13:27 engines
Look at where certs points. If it is pointing to /etc/ssl/certs, verify
that the hash was made for the certificate. If no hash was made, look
for problems with that.
-Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3319 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/juser/attachments/20070507/33df5bad/smime.bin
More information about the JUser
mailing list