[Operators] IM Observatory: Not recognising DigiCert root certificate
stpeter at stpeter.im
Thu Oct 31 02:02:53 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Rob Norris! I was thinking about you just the other day while walking
around the streets of Portland, Oregon. :-)
On 10/30/2013 07:44 PM, Robert Norris wrote:
> Just learned about the IM Observatory, cute idea. Of course I ran
> our server through it:
> It has some good advice, which I'm now working through.
That's the idea.
> I think the "Intermediate certificate was not included in the
> chain" error might be bogus though. Its choking on the apparent
> lack of the "DigiCert High Assurance EV Root CA" cert, however this
> is a cert normally included and trusted by browsers and clients
> No errors. Which I'd expect, considering the same keychain is used
> on all of our services.
> So is the tester subtly broken, or am I subtly misconfigured?
I'm trying with the OpenSSL s_client...
openssl s_client -connect chat.messagingengine.com:5223 -CAfile
The result I get is:
"Verify return code: 20 (unable to get local issuer certificate)"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Operators