Hi Cyrille, https in my browser works, https in leightning (debian calendar) works as well. Kerberos authentication works as well (on browser and leightning with https and http) I can connect with iCal but only when I'm sending my Kerberos -Ticket unencrypted without https over http. When trying to connect through https I get there Error message I mentioned:
"The account information could not be found - Unexpected error at the secure name resoltion (Error -9813). The servername <name> is maybe incorrect "
I my case the SSL-Cert and the private-key are stored in two different files (with different priviliges but belonging by root). This is the first time I heard of SSL Certs and Privatekey that are stored in one file. From my point of view they are useless then ;-) But I have not found information about that tool you mentioned. All Calendarclient programs except iCal ask if they my trust my certificates. I believe if I could tell iCal to trust them everything would be ok Do you use iCal as a client with https connection? Thanks a lot Georg Am 19.02.2009 um 08:54 schrieb Cyrille Colin:
Oops, i didn't see the error was in ical .. are you sure your certificate common name is set to your server url ? https seems to work, to verify connect your server via a browser : https://xxx:8443/calendars/users/
Le mercredi 18 février 2009 à 23:27 +0100, Georg Troska a écrit :
Hi, Are you sure private and public keys are stored in the same file?
Georg Am 18.02.2009 um 22:19 schrieb Cyrille Colin:
hi, Self-signed certs works for me. I create it with createmake-ssl-cert /usr/share/ssl-cert/ssleay.cnf /calendar/certs/ calendar.pem and set .plist :
<!-- Public key --> <key>SSLCertificate</key> <string>/calendar/certs/calendar.pem</string>
<!-- Private key --> <key>SSLPrivateKey</key> <string>/calendar/certs/calendar.pem</string>
hope this help.
On mer., 2009-02-18 at 21:18 +0100, Georg Troska wrote:
Hi,
ok maybe this is a better forum to ask this question
Anfang der weitergeleiteten E-Mail:
Von: Georg Troska <georg.troska@uni-dortmund.de> Datum: 18. Februar 2009 15:08:13 MEZ An: calendarserver-dev@lists.macosforge.org Betreff: [CalendarServer-dev] HTTPS-Problem
Hi,
I have problems to get HTTPS running on the calendarserver. (Ubuntu-Intrepid) HTTP works fine now, but using HTTPS gives me an error-message in iCal:
"The account inforation could not be found - Unexpected error at the secure name resoltion (Error -9813). The servername <name> is maybe incorrect "
(This is translated from german)
I'm sure that HTTPS is running as I can reach it in the Browser - authentication is running as well
Thanks Georg
_______________________________________________ calendarserver-dev mailing list calendarserver-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver- dev
meanwhile I found out, that I have a logentry in /var/log/ system.log on my client: --- Feb 18 21:14:01 regulus iCal[97893]: SMA: -[DAVRequest(Private) translateSSLError:]: { -9813 } Feb 18 21:14:01 regulus iCal[97893]: [DAVRequest _readStreamEvent]: SecTrustEvaluate failed. Failing with error: (null) ---
putting this into google made me a bit nervous when I read this: http://www.zimbra.com/forums/administrators/16397-caldav-issue-leopard.html
is it true that iCal cannot handle "selfmade SSL-Certs"? How can I put the cert on "always trust"?
I hope you can help. Thanks a lot Georg
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users