Actually that was with a Go Daddy purchased cert, not a self signed cert.
As it stands, I have my own CA when I made my cert. I suspect I'm not putting
all the elements (ca-cert, cert, key) in the right locations.
Original Message
From: Tomasz Sterna
Sent: Saturday, May 7, 2016 8:21 AM
W dniu 03.05.2016, wto o godzinie 16∶51 -0700, użytkownik
li...@lazygranch.com napisał:
> I know when I used a web hosting company to handle my email, I would
> yearly have to blindly trust the new cert.
And this exact behavior I'd like to erradicate.
Most users do not bother to check whether
I'm not following you here. You still have encryption with a self signed cert,
but no trust. But if you can't trust yourself, who else can you trust?
On public wifi without the self signed cert, the conversation could be read,
not to mention login credentials.
Take "letsencrypt" f
W dniu 03.05.2016, wto o godzinie 02∶12 -0700, użytkownik
li...@lazygranch.com napisał:
> jabberd2 version(2.3.6)
> I followed these instructions:
> https://github.com/jabberd2/jabberd2/wiki/InstallGuide-OpenSSLConfigu
> ration
> [...]
> SM : sx (ssl.c:405) secure channel not established,
So the documentation on generating a self signed cert is not correct.
Isn't the key generated in that document technically the root CA?
Original Message
From: Tomasz Sterna
Sent: Tuesday, May 3, 2016 5:12 AM
To: jabberd2@lists.xiaoka.com
Reply To: jabberd2@lists.xiaoka.com
Subject: Re
W dniu 03.05.2016, wto o godzinie 02∶12 -0700, użytkownik
li...@lazygranch.com napisał:
> How exactly do I specify the cachain for a self signed cert.
You need to put your root CA used to sign the cert to the CA certs
store specified in 'cachain' option.
This is to encourage deployments to s
/CN=mydomain.org/emailAddress=webmas...@mydomain.org
How exactly do I specify the cachain for a self signed cert.
I get openssl error 18 meaning it can't be verified. Setting
verify-mode='0' didn't help.