On Tue, 22 Dec 2015, Stuart Henderson wrote: > Could some libressl people look at this please? We have a problem where > the chain coming from a server roots from a certificate that isn't in > the root store, but an intermediary certificate *is* in the root store. > Thanks. > > > As reported by dcoppa, connecting with HTTPS to tuner.pandora.com fails > with the current root cert store in OpenBSD.
Found the bug while trying to use pianobar (a pandora.com client for the console): <dcoppa@t420:~>$ pianobar Welcome to pianobar (2015.11.22)! Press ? for a list of commands. (i) Login... Network error: Peer certificate cannot be authenticated with given CA certificates I will test patches and give feedback... Thanks, David