TLS Plugin - Problem with chained certificate

2009-01-22 Thread Dale Gallagher
Hi there I'm struggling to get qpsmtpd up and running with a chained cert from DigiCert. It's a WildCard SSL Cert, but I doubt that should make a difference. Currently there are no problems when using my self-signed certs! Within ./config/plugins: tls /path/to/server.crt /path/to/server.key /pat

Re: TLS Plugin - Problem with chained certificate

2009-01-22 Thread Dale Gallagher
2009/1/22 Dale Gallagher : > qpsmtpd starts, but a mail client such as Opera complains that the > cert can't be verified. On viewing the cert details from within Opera > mail, neither the DigiCert, nor the Entrust certificate are listed in > the chain. What is even more strange, is that the follow

Re: TLS Plugin - Problem with chained certificate

2009-01-23 Thread John Peacock
Dale Gallagher wrote: > I'm struggling to get qpsmtpd up and running with a chained cert from > DigiCert. It's a WildCard SSL Cert, but I doubt that should make a > difference. Currently there are no problems when using my self-signed > certs! Other than the first time a client uses it, they must

Re: TLS Plugin - Problem with chained certificate

2009-01-23 Thread Ask Bjørn Hansen
On Jan 23, 2009, at 4:41, John Peacock wrote: From a quick google, I think the solution is that you have to include the certificate chain in the same file as the server cert itself, in reverse order (so the CA is first, followed by any intermediate CA's, and the server cert is last). Y

Re: TLS Plugin - Problem with chained certificate

2009-01-23 Thread Robin Bowes
Ask Bjørn Hansen wrote: On Jan 23, 2009, at 4:41, John Peacock wrote: From a quick google, I think the solution is that you have to include the certificate chain in the same file as the server cert itself, in reverse order (so the CA is first, followed by any intermediate CA's, and the server

Re: TLS Plugin - Problem with chained certificate

2009-01-23 Thread Ask Bjørn Hansen
On Jan 23, 2009, at 11:56 AM, Robin Bowes wrote: [Perlbal] Are there any mailing lists? yes - http://groups.google.com/group/perlbal - ask -- http://develooper.com/ - http://askask.com/

Fwd: TLS Plugin - Problem with chained certificate

2009-01-24 Thread Dale Gallagher
2009/1/23 Ask Bjørn Hansen : > > On Jan 23, 2009, at 4:41, John Peacock wrote: > >> From a quick google, I think the solution is that you have to include the >> certificate chain in the same file as the server cert itself, in reverse >> order >> (so the CA is first, followed by any intermediate CA'

Re: TLS Plugin - Problem with chained certificate [SOLUTION]

2009-01-24 Thread Dale Gallagher
2009/1/24 Dale Gallagher : > 2009/1/23 Ask Bjørn Hansen : >> >> On Jan 23, 2009, at 4:41, John Peacock wrote: >> >>> From a quick google, I think the solution is that you have to include the >>> certificate chain in the same file as the server cert itself, in reverse >>> order >>> (so the CA is fir