[Juser] Re: Maddening with SSL certificates
Jonathan Siegle
jsiegle at psu.edu
Mon May 14 06:17:46 CDT 2007
Noiano said the following on 5/12/07 5:06 AM:
> Jonathan Siegle wrote:
>> Thanks for your patience too. Turns out that openssl s_client does not
>> have a default CApath. I don't see an environment variable you can set
>> either. There are variables you can set for openssl verify, but that is=
>
>> not the issue. So for openssl s_client , you must type:
>> =20
>> $ openssl s_client -connect jabber.org:5223 -CApath /etc/ssl/certs/
>> =20
> This command does work ok...I get the 0 code which means ok! But what
> about the im clients? If i do not specify the -CApath parameter I still
> get the error...
>
No default CApath for s_client is why you would see this when you don't
specify the variable on the command line.
> Any Ideas?
>
With PSI, I get "The hostname does not match the one the certificate was
issued to". Is this what you are seeing? Do a google search on that
string to see the conversation. It sounds like we need a new certificate
on here because the CN is off because clients are seeing this.
Thanks,
Jonathan
> Thanks
>
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> This is JUser -- a mailing list for end
> users of Jabber clients.
>
> To unsubscribe, go to the following web
> page, scroll all the way down, and type
> in your email address:
>
> http://mail.jabber.org/mailman/listinfo/juser
> _______________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3319 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/juser/attachments/20070514/b6c31751/smime.bin
More information about the JUser
mailing list