That pretty much just solves the problem for your machine. It won't solve the problem for the volunteers.
See: http://boinc.berkeley.edu/trac/wiki/SecureHttp Apache needs to know about the intermediate chain file that links your ssl cert with the CA’s root certificate. ----- Rom Sent from Surface From: Bill Flynn Sent: Saturday, October 4, 2014 3:48 AM To: BOINC Dev Mailing List Actually I solved this. I downloaded the GoDaddy ca-bundle and appended its contents to C:\Program Files\BOINC\ca-bundle.crt. That cleared up the issue. On Fri, Oct 3, 2014 at 3:02 PM, Bill Flynn <wfly...@gmail.com> wrote: > Hi, > > My web server's CA (GoDaddy) isn't trusted by the boinc client. When > requesting > > https://example.domain.com/project/get_project_config.php > > the request fails with: > > [http] [ID #1] Info: Trying xxx.xxx.xxx.xxx... > [http] [ID #1] Info: Connected to example.domain.com (xxx.xxx.xxx.xxx) > port 443 (#0) > [http] [ID #1] Info: Connected to example.domain.com (xxx.xxx.xxx.xxx) > port 443 (#0) > [http] [ID #1] Info: successfully set certificate verify locations: > [http] [ID #1] Info: CAfile C:\Program Files\BOINC\ca-bundle.crt > [http] [ID #1] Info: CApath: none > [http] [ID #1] Info: SSLv3, TLS handshake, Client hello (1): > [http] [ID #1] Info: SSLv3, TLS handshake, Server hello (2): > [http] [ID #1] Info: SSLv3, TLS handshake, CERT (11): > [http] [ID #1] Info: SSLv3, TLS alert, Server hello (2): > [http] [ID #1] Info: SSL certificate problem, verify that the CA cert is > OK. Details: > [http] [ID #1] Info: error: 14090086:SSL > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > [http] [ID #1] Info: Closing connection #0 > [http] HTTP error: Peer certificate cannot be authenticated with given CA > certificates > > This is causing my any clients to fail when attaching to the project. How > can I get the BOINC client to trust the CA that signed my web server's > certificate so the client can access the get_project_config.php page? > > Thanks, > > Bill > _______________________________________________ boinc_dev mailing list boinc_dev@ssl.berkeley.edu http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address. _______________________________________________ boinc_dev mailing list boinc_dev@ssl.berkeley.edu http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
