[horde] Questions on using passwd http driver
Ralf Lang
lang at b1-systems.de
Tue Jul 2 06:02:17 UTC 2013
On 02.07.2013 02:47, John H. Bennett III wrote:
>> curl performs SSL certificate verification by default, using a "bundle"
>> of Certificate Authority (CA) public keys (CA certs). If the default
>> bundle file isn't adequate, you can specify an alternate file
>> using the --cacert option.
>> If this HTTPS server uses a certificate signed by a CA represented in
>> the bundle, the certificate verification probably failed due to a
>> problem with the certificate (it might be expired, or the name might
>> not match the domain name in the URL).
>> If you'd like to turn off curl's verification of the certificate, use
>> the -k (or --insecure) option.
>>
>> If I use the --cacert parameter, then I'm able to get to the site.
>>
>> curl --cacert /etc/ssl/certs/www.mytestdomain.com.crt
>> https://www.thebennetthome3.com
>
> Sorry for re-replying, as someone could say that what I said I did
> wasn't possible. So, here's the real deal. My test server domain is
> thebennetthome3.com.
>
> Command that doesn't work, curl
> https://www.thebennetthome3.com/user-password
> Command that works, curl --cacert
> /home/e-smith/ssl.crt/www.thebennetthome3.com.crt
> https://www.thebennetthome3.com/user-password
As expected: The ca cert is not installed correctly. Did you run
c_rehash yet?
--
Ralf Lang
Linux Consultant / Developer
Tel.: +49-170-6381563
Mail: lang at b1-systems.de
B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.horde.org/archives/horde/attachments/20130702/4caabe90/attachment.bin>
More information about the horde
mailing list