SciFi posted on Thu, 10 Nov 2011 21:45:57 +0000 as excerpted: > There is a PEM stored: >>>>> > $ ls -al $PAN_HOME/ssl* > total 4 > drwxr-xr-x 2 scifi admin 102 Nov 10 13:04 . > drwxr-xr-x 8 scifi admin 782 Nov 10 13:05 .. > -rw------- 1 scifi admin 1208 Nov 10 13:04 80.91.229.10.pem > <<<< > > The Event Log only shows this one error: >>>>> > [date-time] Error adding certificate of server '80.91.229.10' to > Certificate Store > <<<< > however no "Successful" line at all was recorded there.
Did you try restarting pan after fetching the cert and quitting, to see if it would then use the cert it fetched in the last session? IOW, maybe it can store the cert but not use it in the same session as it stores it, in which case, once a session stores it, a quit and restart might work without the error. ... Thanks for doing all this debugging, BTW. As I believe you can see from my headers, I haven't updated in a few days so am still using pan with the unverified SSL connections. But it's nice seeing someone doing such effective testing. I'm working /crazy/ hours right now (gone 15 hours some days, 6:30-21:30 or 10:30-1:30) and hope I'm not about to get sick from it, especially since the weather just got cold. But I wasn't getting the hours earlier this year so my budget sure needs 'em, and I'm just thankful I'm getting them at all. Anyway, that means I've not done any updating since... the first, so no testing here, tho I'd like to. But all I could test with would be gmane anyway as that's all I have ATM, so you're giving the new certs code a far better workout than I could in any case. So thanks both to you and to HM, since I know the stunnel thing isn't something a lot of folks would/could bother with, and I have a feeling this code will likely be fast-tracked into mainline and hopefully a quick release, once it's working well enough, in ordered to get the feature out to all those users who are now likely either doing without ssl, or not using pan at all because the stunnel solution simply isn't a workable solution for them. All that work is certainly appreciated. =:^) -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman _______________________________________________ Pan-devel mailing list Pan-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/pan-devel
