Hello, [...] > > cant make initial connection: IO::Socket::SSL: SSL connect attempt > > failed > > with unknown errorerror:14090086:SSL > > routines:SSL3_GET_SERVER_CERTIFICATE: > > certificate verify failed at ./x line 4, <DATA> line 253. > > > > when using verify => 'require'. > > Without this option the connection request succeeds. > > > > What am I missing here? > > > > I read a lot of reports about this error in the web, but never a > > solution. > > Is this also an IO::Socket::SSL problem? > > No, this is just because of the way you're configuring the socket. > Using verify => require means that the server's SSL certificate is > *required* to be checked by IO::Socket::SSL, and if that check fails > the socket is closed. [...] > By default IO::Socket::SSL *probably* uses a default capath pointing > at the CA certificates installed with the copy of OpenSSL that it > uses, so you could try installing your CA certificate in that > directory. (There's a special way to install a CA certificate, check > the OpenSSL docs for all the details.)
uhm, I thought, I had understood and configured that correctly 8-( Shouldn't think too much. I installed our root certificate in /etc/ssl/certs, where "capath" points to. The .pem file is correctly linked to the file with the hashed name of itself. But I will double check this - obviously something is wrong here. > > Cheers, > > Chris > Thx. Bye. Michael.
