[horde] S/Mime not verified
Vilius ?umskas
vilius at lnk.lt
Wed May 30 19:52:23 UTC 2012
Andreas Mauser <andreas at mauser.info> ra??:
> Hi Mike, again.
>
> ----- Nachricht von Michael J Rubinsky <mrubinsk at horde.org> ---------
> Datum: Wed, 30 May 2012 11:28:05 -0400
> Von: Michael J Rubinsky <mrubinsk at horde.org>
> Betreff: Re: [horde] S/Mime not verified
> An: horde at lists.horde.org
>
>
>> Quoting Andreas Mauser <andreas at mauser.info>:
>>
>>> Hi Andreas,
>>>
>>> ----- Nachricht von lst_hoe02 at kwsoft.de ---------
>>> Datum: Wed, 30 May 2012 17:03:52 +0200
>>> Von: lst_hoe02 at kwsoft.de
>>> Betreff: Re: [horde] S/Mime not verified
>>> An: horde at lists.horde.org
>>>
>>>
>>>> To "verify" the certifcate you need a matching trusted root-CA
>>>> and all sub-CAs involved to verify the whole chain. I guess you
>>>> either don't have the root-CA on your system of Horde is not able
>>>> to access the path with root-CAs.
>>>
>>> Thank you for the information.
>>>
>>> In my vHost I have:
>>>
>>> SSLEngine On
>>> #SSLCertificateKeyFile /root/certscreate/psw2008.key
>>> SSLCACertificateFile /etc/httpd/conf.d/certificates/cabundle.crt
>>> SSLCertificateKeyFile /etc/httpd/conf.d/certificates/mauser.info.key
>>> SSLCertificateFile /etc/httpd/conf.d//certificates/mauser.info.crt
>>>
>>>
>>> Is this the right thing at the right place?
>>> And if so, are there any rights I have to give this vHost or
>>> something else?
>>
>>
>> No, this is for the webserver's ssl support.
>>
>> Make sure you have configured OpenSSL support in horde's config.
>> Specifically, the location of the root certificates bundle.
>
> If a directory is specified, then it must be a correctly formed
> hashed directory as the openssl command would use.
>
> Since /etc/ssl/certs is a directory, what does it mean 'it must be a
> correctly formed hashed directory' ?
Just use full path of the CA bundle instead of directory.
--
Vilius
More information about the horde
mailing list