8 Úno
2011
8 Úno
'11
11:51
heya--
I issued myself a self-signed ssl cert to use with fred-client. I
attempt to log into the fred system and I receive the following error;
ERROR: socket.sslerror: (1, 'error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca') (localhost:22351)
Certificate not signed by verified certificate authority.
Is there any config options to turn this off? I have trawled though
the server.conf and other files with no luck on finding such an option.
--julian
10 Úno
10 Úno
1:22
On 02/08/2011 08:51 PM, Julian De Marchi wrote:
heya--
I issued myself a self-signed ssl cert to use with fred-client. I
attempt to log into the fred system and I receive the following error;
ERROR: socket.sslerror: (1, 'error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca') (localhost:22351)
Certificate not signed by verified certificate authority.
Is there any config options to turn this off? I have trawled though
the server.conf and other files with no luck on finding such an option.
*BUMP*
1:55
Julian DeMarchi wrote:
On 02/08/2011 08:51 PM, Julian De Marchi wrote:
Hey,
You dont want to disable the CA authority check, otherwise you cant sign
certs for your users/verify them.
You need to make your own CA and sign certs by it for fred.
There is plenty of guides out there how to create one, depending on your
linux distribution, after creating the CA and signing cert for your fred
server
check the $ROOT/nofred/apache.conf and configure the following lines
correctly:
SSLCertificateFile /your/path/to/cert/signed-cert.pem
SSLCertificateKeyFile /your/path/to/cert/signed-cert-private-key.pem
SSLCACertificateFile /your/path/to/cert/CA-cert.pem
Then sign sertificate for your fred client, and you should be all set.
Georg
heya--
I issued myself a self-signed ssl cert to use with fred-client. I
attempt to log into the fred system and I receive the following error;
ERROR: socket.sslerror: (1, 'error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca') (localhost:22351)
Certificate not signed by verified certificate authority.
Is there any config options to turn this off? I have trawled though
the server.conf and other files with no luck on finding such an option.
*BUMP*
_______________________________________________
fred-users mailing list
fred-users(a)lists.nic.cz
https://lists.nic.cz/mailman/listinfo/fred-users
2:14
Hey,
Heya,
You dont want to disable the CA authority check,
otherwise you cant sign
certs for your users/verify them.
You need to make your own CA and sign certs by it for fred.
Exactly the reply I was after. Many thanks! I am an SSL noob as you can
tell, and now loaded with this information I can get it to work.
Again, many thanks!
--julian
5063
days inactive
5065
days old
3 comments
3 participants
participants (3)
-
Georg Kahest -
Julian De Marchi -
Julian DeMarchi