[SLL] unable to get local issuer certificate
Mark Foster
mark at foster.cc
Thu Oct 25 09:57:59 PDT 2007
Jeremy C. Reed wrote:
> Any ideas on what is wrong? Am I supposed to be also serving the Thawte
> Premium Server Certificate? Is it supposed to be appended to my
> SSLCertificateKeyFile or something?
>
Hi Jeremy.
I have found the following command useful in troubleshooting certificate
verification issues.
openssl s_client -connect serverhostname:443 -showcerts
According to my research Thawte isn't using an intermediate CA, so you
shouldn't be encountering a chaining issue where an intermediate CA cert
needs be specified using the SSLCertificateChainFile directive.
Anyway run the command above and you can examine the chains to validate
by hand.
You can probably safely post the output to the list for further help.
--
Said one park ranger, 'There is considerable overlap between the
intelligence of the smartest bears and the dumbest tourists.'
Mark D. Foster, CISSP <mark at foster.cc> http://mark.foster.cc/
More information about the linux-list
mailing list