On Monday 23 of May 2011, David Woodhouse wrote: > On Mon, 2011-05-23 at 10:52 +0200, Arkadiusz Miskiewicz wrote: > > The question is why "alert bad certificate" comes up if everything > > looks fine, all intermediate certs are provided etc? > > The intermediate certs are being provided to Exim, but is Exim actually > providing them to OpenSSL? > > See > http://git.infradead.org/users/dwmw2/openconnect.git/blob/64eddc7:/ssl.c#l7 > 47 for inspiration, perhaps?
exim loads chain if (!SSL_CTX_use_certificate_chain_file(ctx, CS expanded)) and according to openssl RT#1942 comment (mentioned in openconnect.git) "cert with the same name" bug is fixed already (I'm using openssl 1.0.0d here). -- Arkadiusz MiĆkiewicz PLD/Linux Team arekm / maven.pl http://ftp.pld-linux.org/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
