I've contacted the hosting company. Thank you so much for
troubleshooting this issue, and helping me understand certificate
verification better!


On Tue, Mar 21, 2017 at 1:37 PM, Alexander V. Lukyanov <l...@netis.ru> wrote:
> On Mon, Mar 20, 2017 at 11:49:46PM +0100, Daniel Fazekas wrote:
>> On Mar 20, 2017, at 14:55, Nathanaël Naeri <nathanael.na...@gmail.com> wrote:
>> > Is that an issue that this hosting company could do something about? I
>> > can ask their sysadmins for help.
>> It's a common setup mistake to make for server admins that they only add the 
>> server certificate to their configuration. Normally you also need to add one 
>> or more CA intermediate certs so that clients, which only normally carry and 
>> trust a bundle of root certs, could successfully verify the whole chain.
>> It's generally as simple as concatenating the intermediate cert(s) after 
>> your server certificate, for the server admin.
>> This could be the issue causing your problems, and something only they can 
>> fix, short of you manually adding that  missing intermediate cert on all 
>> your client systems, working around their mistake.
> This seems to be the issue. The certificate chain of the ftp server is not
> a chain, but rather a single link. It's necessary either change the server's
> certificate to the full chain to the root CA, or add the "next link" to the
> local CA storage.
> --
>    Alexander.
lftp mailing list

Reply via email to