3. /etc/pve/local/pve-ssl.pem contains the following:
-BEGIN CERTIFICATE-
[My Cert]
-END CERTIFICATE-
-BEGIN CERTIFICATE-
[Intermediate cert]
-END CERTIFICATE-
-BEGIN RSA PRIVATE KEY-
[Private key]
-END RSA PRIVATE KEY-
Please remove the
Please remove the private key here!
I guess it wasn't necessary. I've removed it and everything seems to work.
Best regards,
Adrian Costin
___
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
: [pve-devel] Spice problems with intermediate certificates
Hi all,
unfortunately spice does not work when using intermediate certificates. I
already posted the problem to the spice-devel list here:
http://lists.freedesktop.org/archives/spice-devel/2014-August/017247.html
Any help
25 Août 2014 07:32:43
Objet: [pve-devel] Spice problems with intermediate certificates
Hi all,
unfortunately spice does not work when using intermediate certificates. I
already posted the problem to the spice-devel list here:
http://lists.freedesktop.org/archives/spice-devel/2014-August
I'm using a rapidssl wildcard certificate without any problem.
certificate chain is:
*.odiso.net - rapidssl CA (intermediate) - geotrust global ca
strange. Where do you store the intermediate cert?
___
pve-devel mailing list
I just check, in my
pve-root-ca.pem
I have both intermediate ca (rapidssl) + Geotrust
cat /etc/pve/pve-root-ca.pem
-BEGIN CERTIFICATE-
rapidssl
-END CERTIFICATE-
-BEGIN CERTIFICATE-
geotrust
-END CERTIFICATE-
And what is the content of
-BEGIN CERTIFICATE-
rapidssl
-END CERTIFICATE-
Please can you post that certificate?
___
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Also, what is the output of:
# openssl verify /etc/pve/local/pve-ssl.pem
Can you verify without specifying a CAFile?
___
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
aderum...@odiso.com, pve-devel@pve.proxmox.com
Envoyé: Lundi 25 Août 2014 12:22:01
Objet: RE: [pve-devel] Spice problems with intermediate certificates
Also, what is the output of:
# openssl verify /etc/pve/local/pve-ssl.pem
Can you verify without specifying a CAFile
# openssl verify /etc/pve/local/pve-ssl.pem
# openssl verify /etc/pve/local/pve-ssl.pem
/etc/pve/local/pve-ssl.pem: serialNumber = 6OIC-
M6dsSmyl3j9087fa638RY/f8cC3, OU = GT29098117, OU = See
www.rapidssl.com/resources/cps (c)13, OU = Domain Control Validated -
RapidSSL(R), CN =
-
De: Dietmar Maurer diet...@proxmox.com
À: Alexandre DERUMIER aderum...@odiso.com
Cc: pve-devel@pve.proxmox.com
Envoyé: Lundi 25 Août 2014 13:13:30
Objet: RE: [pve-devel] Spice problems with intermediate certificates
# openssl verify /etc/pve/local/pve-ssl.pem
# openssl verify /etc/pve
] Spice problems with intermediate certificates
Yes, indeed
# openssl verify -CAfile /etc/pve/pve-root-ca.pem /etc/pve/local/pve-
ssl.pem
/etc/pve/local/pve-ssl.pem: OK
And /etc/pve/local/pve-ssl.pem only contain the server cert? Or does it include
the CA files
On Mon, 25 Aug 2014 18:35:53 +0200 (CEST)
Alexandre DERUMIER aderum...@odiso.com wrote:
And /etc/pve/local/pve-ssl.pem only contain the server cert?
yes, only the server cert.
Mine contains both the server cert and the intermediate cert as
described in the wiki:
Mine contains both the server cert and the intermediate cert as described in
the wiki:
So it seems I am the only one with that problem. So the question is if this is
related to StartCom Certification Authority.
Anybody successfully using StartCom Certification Authority with
StartCom Class 2
Anybody successfully using StartCom Certification Authority with
StartCom Class 2 Primary Intermediate Server CA?
Yes. I've done the following:
1. Private key in: /etc/pve/local/pve-ssl.key and /etc/pve/pve-www.key
2. Intermediate cert file in: /etc/pve/pve-root-ca.pem
3.
Hi all,
unfortunately spice does not work when using intermediate certificates. I
already posted the problem to the spice-devel list here:
http://lists.freedesktop.org/archives/spice-devel/2014-August/017247.html
Any help on that topic would be great.
16 matches
Mail list logo