Thank you for your answer. I have updated my version of GnuTLS to 3.5.10 and compiled lftp 4.7.7 against it. The resulting "./lftp --version" shows "Libraries used: Readline 6.3, Expat 2.1.0, GnuTLS 3.5.10, zlib 1.2.8". Yet the error I reported in my first message remains: "Certificate verification: Not trusted".
What commands did you use in your last message to verify certificate chains? The output I get with openssl verify and certtool is quite different. On Tue, Mar 14, 2017 at 7:13 AM, Alexander V. Lukyanov <l...@netis.ru> wrote: > I can't reproduce the problem. Here is what I get with OpenSSL 1.0.2k: > > Certificate depth: 3; subject: /C=SE/O=AddTrust AB/OU=AddTrust External TTP > Network/CN=AddTrust External CA Root; issuer: /C=SE/O=AddTrust AB/OU=AddTrust > External TTP Network/CN=AddTrust External CA Root > Certificate depth: 2; subject: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO > CA Limited/CN=COMODO RSA Certification Authority; issuer: /C=SE/O=AddTrust > AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root > Certificate depth: 1; subject: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO > CA Limited/CN=COMODO RSA Organization Validation Secure Server CA; issuer: > /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA > Certification Authority > Certificate depth: 0; subject: > /C=FR/postalCode=77310/ST=Seine-et-Marne/L=PRINGY/street=IMPASSE DU > BREAU/O=SDBX FRANCE/OU=0002 529997199/CN=*.seedbox.fr; issuer: > /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA > Organization Validation Secure Server CA > Certificate verification: subjectAltName: ‘www.seedbox.fr’ matched > > And with GnuTLS 3.5.10: > > Certificate: C=FR,postalCode=77310,ST=Seine-et-Marne,L=PRINGY,street=IMPASSE > DU BREAU,O=SDBX FRANCE,OU=0002 529997199,CN=*.seedbox.fr > Issued by: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA > Limited,CN=COMODO RSA Organization Validation Secure Server CA > Checking against: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA > Limited,CN=COMODO RSA Organization Validation Secure Server CA > Trusted > Certificate: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA > Limited,CN=COMODO RSA Organization Validation Secure Server CA > Issued by: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA > Limited,CN=COMODO RSA Certification Authority > Checking against: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA > Limited,CN=COMODO RSA Certification Authority > Trusted > Certificate: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA > Limited,CN=COMODO RSA Certification Authority > Issued by: C=SE,O=AddTrust AB,OU=AddTrust External TTP Network,CN=AddTrust > External CA Root > Trusted > > -- > Alexander. _______________________________________________ lftp mailing list lftp@uniyar.ac.ru http://univ.uniyar.ac.ru/mailman/listinfo/lftp
