[erlang-questions] SSL: "unknown ca"

Loïc Hoguin essen@REDACTED
Sat Jan 31 22:16:27 CET 2015

On 01/31/2015 10:07 PM, e@REDACTED wrote:
> On 01/31/2015 10:00 PM, Tristan Sloughter wrote:
>> https://www.openssl.org/docs/ssl/SSL_alert_type_string.html
> A valid certificate chain or partial chain was received, but the
> certificate was not accepted because the CA certificate could not be
> located or couldn't be matched with a known, trusted CA.
> WHICH certificate?
> The certificates i supplied to ssl as:
> 'cacertfile'
> 'certfile'
> are both valid according to the system's 'openssl':
>  > openssl verify -CApath /etc/ssl/certs server.crt
> server.crt: OK

I answered that in my previous email.

The client and the server must agree on the list of trusted CAs. Did you 
also provide the same cacertfile file to the client?

Loïc Hoguin

More information about the erlang-questions mailing list