[erlang-questions] SSL: "unknown ca"
Loïc Hoguin
essen@REDACTED
Sat Jan 31 22:16:27 CET 2015
On 01/31/2015 10:07 PM, e@REDACTED wrote:
> On 01/31/2015 10:00 PM, Tristan Sloughter wrote:
>>
>> https://www.openssl.org/docs/ssl/SSL_alert_type_string.html
>
> A valid certificate chain or partial chain was received, but the
> certificate was not accepted because the CA certificate could not be
> located or couldn't be matched with a known, trusted CA.
>
> WHICH certificate?
>
> The certificates i supplied to ssl as:
> 'cacertfile'
> 'certfile'
>
> are both valid according to the system's 'openssl':
>
> > openssl verify -CApath /etc/ssl/certs server.crt
> server.crt: OK
I answered that in my previous email.
The client and the server must agree on the list of trusted CAs. Did you
also provide the same cacertfile file to the client?
--
Loïc Hoguin
http://ninenines.eu
More information about the erlang-questions
mailing list