On Apr 3, 2013, at 1:15 , Glyph wrote:
OK, Nikola, I can't seem to reproduce your issue myself. If you have any other information that you think is germane, please let me know. Can you load the certificate with OpenSSL? Can you point another web server at it - not caldavd - and speak to clients with it?
Hi Glyph, I also tried the certificates with Apache - it works. However, when starting Apache, I was prompted for caldav-server.key's password. Maybe that is causing problems for twisted? If so, how could I create a passwordless key, if possible? OpenSSL correctly verifies the certificate: /tmp/keys % openssl verify -verbose -CAfile chain.crt -purpose sslserver caldav-server.crt caldav-server.crt: OK /tmp/keys % perl -n0777e 'map { print "---\n"; open(CMD, "| openssl x509 -noout -subject -issuer"); quote> print CMD; close(CMD) } /^-----BEGIN.*?^-----END.*?\n/gsm' chain.crt --- subject= /C=CH/ST=X/O=Nikola/CN=caldav-server issuer= /C=CH/ST=X/O=Nikola/CN=Intermediate CA --- subject= /C=CH/ST=X/O=Nikola/CN=Intermediate CA issuer= /C=CH/ST=X/O=Nikola/CN=Root CA --- subject= /C=CH/ST=X/O=Nikola/CN=Root CA issuer= /C=CH/ST=X/O=Nikola/CN=Root CA /tmp/keys % % openssl x509 -noout -text -in caldav-server.crt Certificate: Data: Version: 1 (0x0) Serial Number: 1 (0x1) Signature Algorithm: sha1WithRSAEncryption Issuer: C=CH, ST=X, O=Nikola, CN=Intermediate CA Validity Not Before: Mar 29 18:43:21 2013 GMT Not After : Mar 28 18:43:21 2016 GMT Subject: C=CH, ST=X, O=Nikola, CN=caldav-server Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): xx Exponent: yy Signature Algorithm: sha1WithRSAEncryption uu If it may help, these are python modules running on my system: % pip list Calendar-and-Contacts-Server (4.2.-r10865M-) distribute (0.6.35) kerberos (1.1.1) opendirectory (1.0) psutil (0.6.1) pyasn1 (0.1.6) pyasn1-modules (0.0.4) pycalendar (2.0) pycrypto (2.6) pycrypto-on-pypi (2.3) pydoctor (0.5b1) PyGreSQL (4.1.1) pyOpenSSL (0.13) python-dateutil (2.1) python-ldap (2.4.10) pytz (2013b) setproctitle (1.1.7) six (1.3.0) sqlparse (0.1.2) Twisted (12.3.0) wsgiref (0.1.2) xattr (0.6.4) zope.interface (4.0.5) Thanks, Nikola