[erlang-questions] SSL: "unknown ca"

Loïc Hoguin essen@REDACTED
Sat Jan 31 22:16:27 CET 2015


On 01/31/2015 10:07 PM, e@REDACTED wrote:
> On 01/31/2015 10:00 PM, Tristan Sloughter wrote:
>>
>> https://www.openssl.org/docs/ssl/SSL_alert_type_string.html
>
> A valid certificate chain or partial chain was received, but the
> certificate was not accepted because the CA certificate could not be
> located or couldn't be matched with a known, trusted CA.
>
> WHICH certificate?
>
> The certificates i supplied to ssl as:
> 'cacertfile'
> 'certfile'
>
> are both valid according to the system's 'openssl':
>
>  > openssl verify -CApath /etc/ssl/certs server.crt
> server.crt: OK

I answered that in my previous email.

The client and the server must agree on the list of trusted CAs. Did you 
also provide the same cacertfile file to the client?

-- 
Loïc Hoguin
http://ninenines.eu



More information about the erlang-questions mailing list