Hi, I'm unsure which of your file names mean which things, but we expect the file referenced by SSLAuthorityChain to contain a concatenation of the following, in this order:
server cert intermediate CA certs root CA cert -dre > On Mar 28, 2016, at 12:41 AM, Gaurav Jain <monkeyfd...@gmail.com> wrote: > > I have also explained the problem at > > http://security.stackexchange.com/questions/118750/having-issues-with-sslv3-handshake-failed > > <http://security.stackexchange.com/questions/118750/having-issues-with-sslv3-handshake-failed> > > Please help. > > > On Sun, Mar 27, 2016 at 8:05 PM, Gaurav Jain <monkeyfd...@gmail.com > <mailto:monkeyfd...@gmail.com>> wrote: > Without Intermediate Certs, I get > <!-- SSL authority chain (for intermediate certs) --> > > <key>SSLAuthorityChain</key> > > > <string></string> > > 41275:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert > handshake > failure:/SourceCache/OpenSSL098/OpenSSL098-52.40.1/src/ssl/s23_clnt.c:593: > > ------------------------------------------------ Different Error > -------------------------------- > With Intermediate Certs: > > <!-- SSL authority chain (for intermediate certs) --> > > <key>SSLAuthorityChain</key> > > > <string>/etc/ssl/myProject/PositiveSSL.ca-bundle</string> > > > java.security.cert.CertPathValidatorException: Trust anchor for certification > path not found. > > On Sun, Mar 27, 2016 at 7:12 PM, Gaurav Jain <monkeyfd...@gmail.com > <mailto:monkeyfd...@gmail.com>> wrote: > Hi, > > Thank you for creating caldavd. > > I try to configure SSL with Caldavd. I am having issues configuring > SSLAuthortiyChain. > > I use positive SSL which gave following file for intermediate chain > > AddTrustExternalCARoot.crt > > COMODORSAAddTrustCA.crt > > COMODORSADomainValidationSecureServerCA.crt > > > > I created a file PositiveSSL.ca-bundle > > cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt > AddTrustExternalCARoot.crt > PositiveSSL.ca-bundle > > > > <!-- SSL authority chain (for intermediate certs) --> > > <key>SSLAuthorityChain</key> > > > <string>/etc/ssl/myProject/PositiveSSL.ca-bundle</string> > > > > But I get "HandShake Failed" error. > > openssl s_client -connect example.com:8443 <http://example.com:8443/> -CAfile > ~/ssl/comodo/PositiveSSL.ca-bundle > > CONNECTED(00000003) > > > 41275:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert > handshake > failure:/SourceCache/OpenSSL098/OpenSSL098-52.40.1/src/ssl/s23_clnt.c:593: > > > > Would you be able to point me to issue? > > > > _______________________________________________ > calendarserver-users mailing list > calendarserver-users@lists.macosforge.org > https://lists.macosforge.org/mailman/listinfo/calendarserver-users
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/calendarserver-users
