Without Intermediate Certs, I get <!-- SSL authority chain (for intermediate certs) --> <key>SSLAuthorityChain</key> * <string></string>* 41275:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52.40.1/src/ssl/s23_clnt.c:593: ------------------------------------------------ Different Error -------------------------------- With Intermediate Certs: <!-- SSL authority chain (for intermediate certs) --> <key>SSLAuthorityChain</key> * <string>/etc/ssl/myProject/PositiveSSL.ca-bundle</string>* java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. On Sun, Mar 27, 2016 at 7:12 PM, Gaurav Jain <monkeyfdude@gmail.com> wrote:
Hi,
Thank you for creating caldavd.
I try to configure SSL with Caldavd. I am having issues configuring SSLAuthortiyChain.
I use positive SSL which gave following file for intermediate chain
AddTrustExternalCARoot.crt
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
I created a file PositiveSSL.ca-bundle
cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > PositiveSSL.ca-bundle
<!-- SSL authority chain (for intermediate certs) -->
<key>SSLAuthorityChain</key>
<string>/etc/ssl/myProject/PositiveSSL.ca-bundle</string>
But I get "HandShake Failed" error.
openssl s_client -connect example.com:8443 -CAfile ~/ssl/comodo/PositiveSSL.ca-bundle
CONNECTED(00000003)
41275:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52.40.1/src/ssl/s23_clnt.c:593:
Would you be able to point me to issue?