On Mon, Mar 20, 2017 at 11:49:46PM +0100, Daniel Fazekas wrote:
> On Mar 20, 2017, at 14:55, Nathanaël Naeri <nathanael.na...@gmail.com> wrote:
> > Is that an issue that this hosting company could do something about? I
> > can ask their sysadmins for help.
> It's a common setup mistake to make for server admins that they only add the 
> server certificate to their configuration. Normally you also need to add one 
> or more CA intermediate certs so that clients, which only normally carry and 
> trust a bundle of root certs, could successfully verify the whole chain.
> It's generally as simple as concatenating the intermediate cert(s) after your 
> server certificate, for the server admin.
> This could be the issue causing your problems, and something only they can 
> fix, short of you manually adding that  missing intermediate cert on all your 
> client systems, working around their mistake.

This seems to be the issue. The certificate chain of the ftp server is not
a chain, but rather a single link. It's necessary either change the server's
certificate to the full chain to the root CA, or add the "next link" to the
local CA storage.

lftp mailing list

Reply via email to