On Thu, 2018-05-10 at 21:45 +0000, Ryan Taylor wrote: > Fedora 27. The stuff in /etc/pki, specifically /etc/pki/ca- > trust/extracted/openssl/ca-bundle.trust.crt I believe, from the > ca-certificates-2018.2.22-1.0.fc27.noarch package.
OK, then it's expected to work. If you'd said "Ubuntu" we would mostly just point and laugh; coherent system trust doesn't work there. Did you install a new CA there or is it one of the standard ones that are shipped in Fedora? Precisely what is the failure mode when the cert isn't trusted? Can you point me at the server (in private if you must, but it'll be getting thousands of portscans a day anyway). If you can drop into irc.oftc.net #openconnect we can perhaps reduce latency a little...
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
