I recently upgraded my mail server using sendmail to use full StartTLS/SSL, using a "real" (geotrust) certificate.
However, pine complains loudly at me that it cannot verify the certificate.
A quick google search on the error yielded this page:
Now, the directions are straightforward enough, but I can't find the certs directory. A quick "locate" yields a bunch in /usr/src/crypto/openssl/certs, but nothing in a "production" directory. Are the standard root certs not installed by default? Should they be?
*IF SO* What directory should I be using?
The FAQ file in /usr/src/crypto/openssl has this to say:
* Why does <SSL program> fail with a certificate verify error?
This problem is usually indicated by log messages saying something like "unable to get local issuer certificate" or "self signed certificate". When a certificate is verified its root CA must be "trusted" by OpenSSL this typically means that the CA certificate must be placed in a directory or file and the relevant program configured to read it. The OpenSSL program 'verify' behaves in a similar way and issues similar error messages: check the verify(1) program manual page for more information.
However, the verify man page isn't in the default manpath, either.
"this is too stupid even for irc"
-mtreal, EFnet #macintosh, 09/15/2K, 12:33 AM
--------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"