[horde] S/Mime not verified

Vilius ?umskas vilius at lnk.lt
Wed May 30 19:52:23 UTC 2012


Andreas Mauser <andreas at mauser.info> ra??:

> Hi Mike, again.
>
> ----- Nachricht von Michael J Rubinsky <mrubinsk at horde.org> ---------
>   Datum: Wed, 30 May 2012 11:28:05 -0400
>     Von: Michael J Rubinsky <mrubinsk at horde.org>
> Betreff: Re: [horde] S/Mime not verified
>      An: horde at lists.horde.org
>
>
>> Quoting Andreas Mauser <andreas at mauser.info>:
>>
>>> Hi Andreas,
>>>
>>> ----- Nachricht von lst_hoe02 at kwsoft.de ---------
>>> Datum: Wed, 30 May 2012 17:03:52 +0200
>>>   Von: lst_hoe02 at kwsoft.de
>>> Betreff: Re: [horde] S/Mime not verified
>>>    An: horde at lists.horde.org
>>>
>>>
>>>> To "verify" the certifcate you need a matching trusted root-CA  
>>>> and all sub-CAs involved to verify the whole chain. I guess you  
>>>> either don't have the root-CA on your system of Horde is not able  
>>>> to access the path with root-CAs.
>>>
>>> Thank you for the information.
>>>
>>> In my vHost I have:
>>>
>>> SSLEngine On
>>> #SSLCertificateKeyFile /root/certscreate/psw2008.key
>>> SSLCACertificateFile /etc/httpd/conf.d/certificates/cabundle.crt
>>> SSLCertificateKeyFile /etc/httpd/conf.d/certificates/mauser.info.key
>>> SSLCertificateFile /etc/httpd/conf.d//certificates/mauser.info.crt
>>>
>>>
>>> Is this the right thing at the right place?
>>> And if so, are there any rights I have to give this vHost or  
>>> something else?
>>
>>
>> No, this is for the webserver's ssl support.
>>
>> Make sure you have configured OpenSSL support in horde's config.  
>> Specifically, the location of the root certificates bundle.
>
> If a directory is specified, then it must be a correctly formed  
> hashed directory as the openssl command would use.
>
> Since /etc/ssl/certs is a directory, what does it mean 'it must be a  
> correctly formed hashed directory' ?

Just use full path of the CA bundle instead of directory.

-- 
   Vilius




More information about the horde mailing list