TLS: unable to get certificate ...
Wesley Craig
wes at umich.edu
Sat Apr 12 14:17:06 EDT 2008
From the article:
> I’ve *finally* discovered why my IMAP server no longer likes my
> self-signed certificates. The certificates are just fine. Cyrus is
> just fine. It’s OpenSSL that’s the problem - Bug 1513 to be exact.
> Cyrus calls SSL_CTX_use_certificate_chain_file() to read in the
> certificate file, but in my case, since I don’t have CA data set,
> an earlier function returns an error, so the
> SSL_CTX_use_certificate_chain_file() function also returns an
> error, even though the certificate and key are just fine.
What does that buy you? Why not set the cert as the CA, since that
is the meaning of "self-signed certificate"?
:wes
On 12 Apr 2008, at 12:33, brian wrote:
> That's what I was wondering, also, after coming across this last
> night:
> http://weblog.elwing.org/elwing/index.php/archive/2007/07/18/cyrus-
> imap-and-certificates/
More information about the Info-cyrus
mailing list