[horde] S/Mime not verified
Andreas Mauser
andreas at mauser.info
Thu May 31 13:04:12 UTC 2012
Hi again,
----- Nachricht von Andreas Mauser <andreas at mauser.info> ---------
Datum: Wed, 30 May 2012 22:02:31 +0200
Von: Andreas Mauser <andreas at mauser.info>
Betreff: Re: [horde] S/Mime not verified
An: horde at lists.horde.org
> Hi Vilius,
>
> ----- Nachricht von Vilius ?umskas <vilius at lnk.lt> ---------
> Datum: Wed, 30 May 2012 22:52:23 +0300
> Von: Vilius ?umskas <vilius at lnk.lt>
> Betreff: Re: [horde] S/Mime not verified
> An: horde at lists.horde.org
>
>
>> Andreas Mauser <andreas at mauser.info> ra??:
>>
>>> Hi Mike, again.
>>>
>>> ----- Nachricht von Michael J Rubinsky <mrubinsk at horde.org> ---------
>>> Datum: Wed, 30 May 2012 11:28:05 -0400
>>> Von: Michael J Rubinsky <mrubinsk at horde.org>
>>> Betreff: Re: [horde] S/Mime not verified
>>> An: horde at lists.horde.org
>>>
>>>
>>>> Quoting Andreas Mauser <andreas at mauser.info>:
>>>>
>>>>> Hi Andreas,
>>>>>
>>>>> ----- Nachricht von lst_hoe02 at kwsoft.de ---------
>>>>> Datum: Wed, 30 May 2012 17:03:52 +0200
>>>>> Von: lst_hoe02 at kwsoft.de
>>>>> Betreff: Re: [horde] S/Mime not verified
>>>>> An: horde at lists.horde.org
>>>>>
>>>>>
>>>>>> To "verify" the certifcate you need a matching trusted root-CA
>>>>>> and all sub-CAs involved to verify the whole chain. I guess you
>>>>>> either don't have the root-CA on your system of Horde is not
>>>>>> able to access the path with root-CAs.
>>>>>
>>>>> Thank you for the information.
>>>>>
>>>>> In my vHost I have:
>>>>>
>>>>> SSLEngine On
>>>>> #SSLCertificateKeyFile /root/certscreate/psw2008.key
>>>>> SSLCACertificateFile /etc/httpd/conf.d/certificates/cabundle.crt
>>>>> SSLCertificateKeyFile /etc/httpd/conf.d/certificates/mauser.info.key
>>>>> SSLCertificateFile /etc/httpd/conf.d//certificates/mauser.info.crt
>>>>>
>>>>>
>>>>> Is this the right thing at the right place?
>>>>> And if so, are there any rights I have to give this vHost or
>>>>> something else?
>>>>
>>>>
>>>> No, this is for the webserver's ssl support.
>>>>
>>>> Make sure you have configured OpenSSL support in horde's config.
>>>> Specifically, the location of the root certificates bundle.
>>>
>>> If a directory is specified, then it must be a correctly formed
>>> hashed directory as the openssl command would use.
>>>
>>> Since /etc/ssl/certs is a directory, what does it mean 'it must be
>>> a correctly formed hashed directory' ?
>>
>> Just use full path of the CA bundle instead of directory.
>
> Using '/etc/pki/tls/certs/ca-bundle.crt' and restarting the
> webserver and relogin did not help.
Still got not all right ^^
As I got a CACert S/MIME Mail right now which cannot be verified I
downloaded the class3.crt from cacert.org and saved it in
/etc/ssl/certs but it did not help.
Isn't it so that I just have to save certs I need in /etc/ssl/certs to
have Horde grab it?
In Horde I switched back and set it to /etc/ssl/certs which works OK
now for all other S/MIME mails.
Any idea for that one? :)
Kind regards and cheers,
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5014 bytes
Desc: S/MIME Signatur
URL: <http://lists.horde.org/archives/horde/attachments/20120531/4efeed10/attachment.bin>
More information about the horde
mailing list