Sven Löschner schrieb: >>Try using "openssl s_client ...." to connect(? arg for >>options). It'll give alot of debug info. > > > Okay, I tried "openssl s_client -connect www.test.de:443 -CAfile > /etc/ssl/UserCA/UserCAchaincert.pem -verify 3 -cert > /etc/ssl/UserCA/svencert.pem -key /etc/ssl/UserCA/svenkey.pem -reconnect > -showcerts -state -bugs" > > The output is the following: > > CONNECTED(00000003) > SSL_connect:before/connect initialization > SSL_connect:SSLv2/v3 write client hello A > SSL_connect:SSLv3 read server hello A > depth=0 /C=DE/ST=NRW/L=Hattingen/O=MX/OU=Demo > Server/CN=www.test.de/[EMAIL PROTECTED] > verify error:num=20:unable to get local issuer certificate
Seems you don't have the required Root-CA-Certificates installed on your webserver. (you need the root-certificate of your client-certificates) anyone correct me if I'm wrong. Paul -- Linux-User #271918 with the Linux Counter, http://counter.li.org/
signature.asc
Description: OpenPGP digital signature