On Apr 2, 2013, at 9:46 AM, Nikola Knežević <laladelausanne@gmail.com> wrote:
On Apr 2, 2013, at 18:17 , Glyph wrote:
Still not sure; I need to go do some testing of my own, but can you check on something? I think this line might be a clue:
On Apr 1, 2013, at 1:50 AM, Nikola Knežević <laladelausanne@gmail.com> wrote:
2013-04-01 10:46:39+0200 [-] [caldav-0] [-] /usr/local/caldavd/lib/python2.7/site-packages/Twisted-12.3.0-py2.7-macosx-10.7-intel.egg/twisted/python/util.py:560: exceptions.UserWarning: tried to drop privileges and setuid 93 but uid is already 93; should we be root? Continuing.
Is your SSL cert (including private key & any chain certs) readable by UID 93?
Hi Glyph,
sure, can gladly check anything on my computer :)
Yes, it is readable:
/usr/local/caldavd/etc % ll total 176 ..snip.. -rw-r--r-- 1 _calendar _calendar 1358 Mar 26 02:53 accounts.xml -rw-r--r-- 1 _calendar _calendar 864 Mar 28 23:14 augments.xml -rw-r--r-- 1 _calendar _calendar 1131 Mar 29 21:38 caldav-server.crt -rw-r--r-- 1 _calendar _calendar 1743 Mar 29 21:38 caldav-server.key -rw-r--r-- 1 _calendar _calendar 6952 Mar 30 11:31 caldav-server.pem ..snip…
/usr/local/caldavd/etc % id 93 uid=93(_calendar) gid=93(_calendar) groups=93(_calendar),405(com.apple.sharepoint.group.4),12(everyone),29(certusers),30(_keytabusers),61(localaccounts),216(_postgres)
OK, Nikola, I can't seem to reproduce your issue myself. If you have any other information that you think is germane, please let me know. Can you load the certificate with OpenSSL? Can you point another web server at it - not caldavd - and speak to clients with it? -glyph