[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS CA Chain Problem

To: openldap-technical@openldap.org
Subject: Re: TLS CA Chain Problem
From: Iruwen <iruwen@gmx.net>
Date: Tue, 13 Oct 2009 09:13:44 +0200
In-reply-to: <17C06D5B-A317-433D-8DD5-933F21E4CD72@gmail.com>
References: <4AD328DE.1040704@gmx.net> <17C06D5B-A317-433D-8DD5-933F21E4CD72@gmail.com>
User-agent: Thunderbird 2.0.0.23 (Windows/20090812)

Brett Maxfield schrieb:

I just got an SSL certificate issued by Comodo which doesn't work asexpected with slapd.Which means I get an untrusted certificate warning in Thunderbird.Probably I just missed something.
I'll ask the question, why would the trust chain in slapd affectthunderbird?
What thunderbird considers trusted will be up to thunderbird itself,or the underlying OS.
Cheers
Brett

Isn't that what the certificate chain in TLSCACertificateFile (or thecorresponding directives in Apache, Postfix and so on) is good for?To build the trust chain from the issued certificate up to the trustedroot certificate via intermediate certificates?If it was a problem of the underlying OS, shouldn't openssl s_client-connect localhost:<port> show exactly the same results for all services?

References:
- TLS CA Chain Problem
  - From: Iruwen <iruwen@gmx.net>

Prev by Date: Re: TLS CA Chain Problem
Next by Date: Re: TLS CA Chain Problem
Index(es):
- Chronological
- Thread