Re: Self signed cert authorization
Jakob Bohm via openssl-users writes: > 2. cd to /etc/ssl/certs and run the command > /etc/sssl/certs# c_rehash > (This updates the numeric symlinks to certificates so openssl can > more easily find them). Thanks, I ended up finding c_rehash and that did the trick.
Re: Self signed cert authorization
On Wednesday, 24 April 2019 21:58:30 CEST Phillip Susi wrote: > I've been trying to convince git send-email to connect to my personal > smtp server without success. It keeps complaining that the cert is > self-signed. I thought all I had to do was add the cert to > /etc/ssl/certs and that should fix it, but it doesn't. Even without > doing this, and using -verify_return_error, openssl s_client does not > refuse to connect to the server. Why is this and what else do I have to > do to convince the system that this self signed cert is OK? what distribution, which version of openssl? -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic signature.asc Description: This is a digitally signed message part.
Re: Self signed cert authorization
On 24/04/2019 21:58, Phillip Susi wrote: I've been trying to convince git send-email to connect to my personal smtp server without success. It keeps complaining that the cert is self-signed. I thought all I had to do was add the cert to /etc/ssl/certs and that should fix it, but it doesn't. Even without doing this, and using -verify_return_error, openssl s_client does not refuse to connect to the server. Why is this and what else do I have to do to convince the system that this self signed cert is OK? Three suggestions, depending on what git send-email and your system does: 1. If you are on a somewhat recent Debian (or similar) system, move your cert from /etc/ssl/certs/ to /usr/local/share/ca-certificates/ and rerun # dpkg-reconfigure ca-certificates # dpkg-reconfigure ca-certificates (Yes, run it twice, it has a bug if run only once). (This does the next two suggestions in the way the system expects, even though the list of certificates shown by the configuration dialogs doesn't include your own certificates). 2. cd to /etc/ssl/certs and run the command /etc/sssl/certs# c_rehash (This updates the numeric symlinks to certificates so openssl can more easily find them). 3. If your system generates/maintains a big file with all the trusted certs concatenated, concatenate your extra cert to the end of that file. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded
Self signed cert authorization
I've been trying to convince git send-email to connect to my personal smtp server without success. It keeps complaining that the cert is self-signed. I thought all I had to do was add the cert to /etc/ssl/certs and that should fix it, but it doesn't. Even without doing this, and using -verify_return_error, openssl s_client does not refuse to connect to the server. Why is this and what else do I have to do to convince the system that this self signed cert is OK?
