> That's not how an intermediate cert should be used. If this worked with > OpenSSL, it was only by coincidence. The correct way to specify an > intermediate cert is to append it to CERTFILE. Your CERTFILE should > contain: > your PEM-formatted private key, your PEM-formatted certificate, and the > PEM-formatted intermediate cert, all in one file. > > I thought I had the code to support intermediate certs in the GnuTLS > flavor, > but it looks like I do not. Can you try applying the following patch and > seeing if it works (with the intermediate cert set up as per above, in > TLS_CERTFILE).
OK, I tried the patch first, it resulted in a non-working SSL configuration (clients would die with an invalid TLS packet error). I then went back to a clean copy of 0.60 compiled against GnuTLS and tried concatenating the certificate and intermediary together like you said they're supposed to be which worked great. Not sure why it was working before with OpenSSL and not GnuTLS, maybe just a fluke like you said. Thanks for your help. Jay -- Jay Lee Network / Systems Administrator Technology Services Philadelphia Biblical University -- ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users