[Juser] Re: Maddening with SSL certificates

Noiano noiano at x-privat.org
Sun May 6 11:21:07 CDT 2007


Matthias Wimmer wrote:
> Hi Noiano!
>=20
> Noiano schrieb:
>> I followed your instructions and I got the return code 0. Now I wonder=

>> how to tell kopete that everything is ok with the jabber.org
>> certificate. I also copied the crt file into /usr/share/ssl-cert/ but
>> nothing, if I do not specify the -CAfile option I get
> [...]
>> What to do?
>=20
> Find the correct location where your openssl binary expects the CA
> certificates to be. /usr/share/ssl-cert/ seems more likely to be a
> location where your system may have installed local certificates but no=

> CA certificates.
>=20
>=20
> Tot kijk
>     Matthias

I did copy this certificate http://cert.startcom.org/ca.crt under
/etc/ssl/certs and I made a c_rehash but I always get the same error
both using kopete/psi and using openssl.

> New, TLSv1/SSLv3, Cipher is AES256-SHA
> Server public key is 2048 bit
> Compression: NONE
> Expansion: NONE
> SSL-Session:
>     Protocol  : TLSv1
>     Cipher    : AES256-SHA
>     Session-ID: D7668B2D829AD8EDB86BAED6754B77710C64994885677927B464659=
54C05B57A
>     Session-ID-ctx:
>     Master-Key: ACD5C4DA74FB96CAE951CB6FA419342E92753A8A14C5C6C5EE9AD05=
C18018878743BB5416C23EBD31AE7B6ED5345B192
>     Key-Arg   : None
>     Start Time: 1178468444
>     Timeout   : 300 (sec)
>     Verify return code: 19 (self signed certificate in certificate chai=
n)
> ---


Please help.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/juser/attachments/20070506/6f15cea6/attachment-0001.pgp>


More information about the JUser mailing list