Hi! When a single CA is in the file, there is no problem. But when I put multiple CAs, only the first one is taken. OpenSER doesn't care about the others.
Greg Klaus Darilion wrote: >Hi Greg! > >I have not tested this, but from reading the openssl docs I had the >feeling that all the CAs in the ca-file will be used. > >Is the CA the only one in the ca-file or are the multiple CAs in the >ca-file? Can you try if it works when using only a single CA in the >ca-file? > >regards >klaus > > >On Sun, November 5, 2006 20:39, Gregoire said: > > >>Hi everybody! >> >>I am using OpenSER 1.1 with TLS. >>I have generate the client and server certificate with the scripts >>gen_rootCA.sh and gen_usercert.sh. >>Everything works fine, but I have generate certificate for my UA with >>another CA and I have added this CA to the file user-cacert.pem. >>When I try to connect with my UA, OpenSER logs an error like: >> >>"tls_error: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert >>unknown ca" >> >>My file user-cacert.pem looks like: >>-------BEGIN CERTIFICATE------ >>MAOIposio..... >>--------END CERTIFICATE-------- >>-------BEGIN CERTIFICATE------ >>MJ809il...... >>--------END CERTIFICATE-------- >> >>I think that OpenSER takes only the first CA certificate and not all the >>followings. >> >>Did someone have some experience with that case? >> >>Regards >> >>Greg >> >>_______________________________________________ >>Users mailing list >>[email protected] >>http://openser.org/cgi-bin/mailman/listinfo/users >> >> >> > > > > > _______________________________________________ Users mailing list [email protected] http://openser.org/cgi-bin/mailman/listinfo/users
