On Mon, 21 Jul 2003, Stef Caunter wrote:
> On Sun, 20 Jul 2003, Doug Kaufman wrote:
>
> > default under OpenSSL for the ca-bundle is a file named "cert.pem" in
> > "/usr/local/ssl", or whatever was defined as your OPENSSL directory. The
> > directory "/usr/local/ssl/certs" should contain hashed certificates. Did
> > you run c_rehash on that directory? The environment variables to change
>
> Thanks. I had already created the hash for the self-signed
> cert, and I just used c_rehash to recreate everything.
> Environment variables are set.
Note that the environment variable handling of SSL_CERT_FILE was
broken in OpenSSL until a few months ago. Are you using a current
version? I know that it got fixed in the 0.9.7 branch, but I don't
know about the 0.9.6 branch. I am not sure that SSL_CERT_DIR has been
fully tested to see if it really works. What happens if you take the
self-signed ca_cert and concatenate it to your ca-bundle, and put it in
the default location (/usr/local/ssl) as "cert.pem"?
Doug
--
Doug Kaufman
Internet: [EMAIL PROTECTED]
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to [EMAIL PROTECTED]
