[horde] Questions on using passwd http driver

John H. Bennett III bennettj at thebennetthome.com
Tue Jul 2 15:12:10 UTC 2013


Quoting Ralf Lang <lang at b1-systems.de>:

> On 02.07.2013 02:47, John H. Bennett III wrote:
>>> curl performs SSL certificate verification by default, using a "bundle"
>>>  of Certificate Authority (CA) public keys (CA certs). If the default
>>>  bundle file isn't adequate, you can specify an alternate file
>>>  using the --cacert option.
>>> If this HTTPS server uses a certificate signed by a CA represented in
>>>  the bundle, the certificate verification probably failed due to a
>>>  problem with the certificate (it might be expired, or the name might
>>>  not match the domain name in the URL).
>>> If you'd like to turn off curl's verification of the certificate, use
>>>  the -k (or --insecure) option.
>>>
>>> If I use the --cacert parameter, then I'm able to get to the site.
>>>
>>> curl --cacert /etc/ssl/certs/www.mytestdomain.com.crt
>>> https://www.thebennetthome3.com
>>
>> Sorry for re-replying, as someone could say that what I said I did
>> wasn't possible.  So, here's the real deal.  My test server domain is
>> thebennetthome3.com.
>>
>> Command that doesn't work, curl
>> https://www.thebennetthome3.com/user-password
>> Command that works, curl --cacert
>> /home/e-smith/ssl.crt/www.thebennetthome3.com.crt
>> https://www.thebennetthome3.com/user-password
>
> As expected: The ca cert is not installed correctly. Did you run
> c_rehash yet?
>
No sir, I don't know what I don't know.  I'm pretty new to passwd, and  
I didn't know what to expect when trying to do this.  I saw the http  
option, and I thought it might be something cool to try and see if I  
could get it to work, so I do appreciate your help.  After running  
that command, is there anything else I may need to do?

John




More information about the horde mailing list