[horde] S/Mime not verified

Andreas Mauser andreas at mauser.info
Wed May 30 15:42:26 UTC 2012 

Hi Michael,

----- Nachricht von Michael J Rubinsky <mrubinsk at horde.org> ---------
   Datum: Wed, 30 May 2012 11:28:05 -0400
     Von: Michael J Rubinsky <mrubinsk at horde.org>
Betreff: Re: [horde] S/Mime not verified
      An: horde at lists.horde.org


> Quoting Andreas Mauser <andreas at mauser.info>:
>
>> Hi Andreas,
>>
>> ----- Nachricht von lst_hoe02 at kwsoft.de ---------
>>  Datum: Wed, 30 May 2012 17:03:52 +0200
>>    Von: lst_hoe02 at kwsoft.de
>> Betreff: Re: [horde] S/Mime not verified
>>     An: horde at lists.horde.org
>>
>>
>>> To "verify" the certifcate you need a matching trusted root-CA and  
>>> all sub-CAs involved to verify the whole chain. I guess you either  
>>> don't have the root-CA on your system of Horde is not able to  
>>> access the path with root-CAs.
>>
>> Thank you for the information.
>>
>> In my vHost I have:
>>
>> SSLEngine On
>> #SSLCertificateKeyFile /root/certscreate/psw2008.key
>> SSLCACertificateFile /etc/httpd/conf.d/certificates/cabundle.crt
>> SSLCertificateKeyFile /etc/httpd/conf.d/certificates/mauser.info.key
>> SSLCertificateFile /etc/httpd/conf.d//certificates/mauser.info.crt
>>
>>
>> Is this the right thing at the right place?
>> And if so, are there any rights I have to give this vHost or something else?
>
>
> No, this is for the webserver's ssl support.
>
> Make sure you have configured OpenSSL support in horde's config.  
> Specifically, the location of the root certificates bundle.

In Horde Administration/OpenSSL I have set the first line to: /etc/ssl/certs
And the second line to: /usr/bin/openssl

/etc/ssl/certs is a link to /etc/ssl/certs -> ../pki/tls/certs

/usr/bin/openssl does exist in that path

Are there any rights I have to give?
Must /etc/ssl/certs be a directory or a file?
Does it point to the right direction?

This is what I found regarding certs in my system:

/etc/pki/CA/certs
/etc/pki/CA/newcerts
/etc/pki/dovecot/certs
/etc/pki/dovecot/certs/dovecot.pem
/etc/pki/java/cacerts
/etc/pki/tls/certs
/etc/pki/tls/certs/Makefile
/etc/pki/tls/certs/ca-bundle.crt
/etc/pki/tls/certs/ca-bundle.trust.crt
/etc/pki/tls/certs/localhost.crt
/etc/pki/tls/certs/make-dummy-cert
/etc/pki/tls/certs/webster.ocean.mauser.info.crt
/etc/ssl/certs

Thank you and regards,
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5014 bytes
Desc: S/MIME Signatur
URL: <http://lists.horde.org/archives/horde/attachments/20120530/b84a1afa/attachment.bin>

More information about the horde mailing list