[Juser] Re: Maddening with SSL certificates
tuomas.santakallio at gmail.com
Wed May 9 08:22:33 CDT 2007
Can i verify a custom URL for my own ejabberd server for it?
I have a plan to compile my own jabber client with voice capability on my
On 09/05/07, Jonathan Siegle <jsiegle at psu.edu> wrote:
> Noiano said the following on 5/8/07 5:54 PM:
> > > Try doing:
> >> $ openssl version -d
> >> OPENSSLDIR: "/usr/lib/ssl"
> >> $ ls -lt /usr/lib/ssl
> >> total 8
> >> lrwxrwxrwx 1 root root 14 2007-03-19 08:56 certs -> /etc/ssl/certs
> >> drwxr-xr-x 2 root root 4096 2007-03-19 08:56 misc
> >> lrwxrwxrwx 1 root root 20 2007-03-19 08:56 openssl.cnf ->
> >> /etc/ssl/openssl.cnf
> >> lrwxrwxrwx 1 root root 16 2007-03-19 08:56 private ->
> >> drwxr-xr-x 2 root root 4096 2007-03-16 13:27 engines
> >> Look at where certs points. If it is pointing to /etc/ssl/certs, verify
> >> that the hash was made for the certificate. If no hash was made, look
> >> for problems with that.
> >> -Jonathan
> > The certificate is correctly hashed as long as I can see
> >> Starcom.pem => cb796bc1.0
> > But I still get the error
> >> Verify return code: 19 (self signed certificate in certificate chain)
> > Need some more help please!
> > Thanks for your patience!
> Thanks for your patience too. Turns out that openssl s_client does not
> have a default CApath. I don't see an environment variable you can set
> either. There are variables you can set for openssl verify, but that is
> not the issue. So for openssl s_client , you must type:
> $ openssl s_client -connect jabber.org:5223 -CApath /etc/ssl/certs/
> This is JUser -- a mailing list for end
> users of Jabber clients.
> To unsubscribe, go to the following web
> page, scroll all the way down, and type
> in your email address:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the JUser