Fwd: [CalendarServer-dev] HTTPS-Problem
Hi, ok maybe this is a better forum to ask this question Anfang der weitergeleiteten E-Mail:
Von: Georg Troska <georg.troska@uni-dortmund.de> Datum: 18. Februar 2009 15:08:13 MEZ An: calendarserver-dev@lists.macosforge.org Betreff: [CalendarServer-dev] HTTPS-Problem
Hi,
I have problems to get HTTPS running on the calendarserver. (Ubuntu- Intrepid) HTTP works fine now, but using HTTPS gives me an error-message in iCal:
"The account inforation could not be found - Unexpected error at the secure name resoltion (Error -9813). The servername <name> is maybe incorrect "
(This is translated from german)
I'm sure that HTTPS is running as I can reach it in the Browser - authentication is running as well
Thanks Georg
_______________________________________________ calendarserver-dev mailing list calendarserver-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-dev
meanwhile I found out, that I have a logentry in /var/log/system.log on my client: --- Feb 18 21:14:01 regulus iCal[97893]: SMA: -[DAVRequest(Private) translateSSLError:]: { -9813 } Feb 18 21:14:01 regulus iCal[97893]: [DAVRequest _readStreamEvent]: SecTrustEvaluate failed. Failing with error: (null) --- putting this into google made me a bit nervous when I read this: http://www.zimbra.com/forums/administrators/16397-caldav-issue-leopard.html is it true that iCal cannot handle "selfmade SSL-Certs"? How can I put the cert on "always trust"? I hope you can help. Thanks a lot Georg
hi, Self-signed certs works for me. I create it with createmake-ssl-cert /usr/share/ssl-cert/ssleay.cnf /calendar/certs/calendar.pem and set .plist : <!-- Public key --> <key>SSLCertificate</key> <string>/calendar/certs/calendar.pem</string> <!-- Private key --> <key>SSLPrivateKey</key> <string>/calendar/certs/calendar.pem</string> hope this help. On mer., 2009-02-18 at 21:18 +0100, Georg Troska wrote:
Hi,
ok maybe this is a better forum to ask this question
Anfang der weitergeleiteten E-Mail:
Von: Georg Troska <georg.troska@uni-dortmund.de> Datum: 18. Februar 2009 15:08:13 MEZ An: calendarserver-dev@lists.macosforge.org Betreff: [CalendarServer-dev] HTTPS-Problem
Hi,
I have problems to get HTTPS running on the calendarserver. (Ubuntu-Intrepid) HTTP works fine now, but using HTTPS gives me an error-message in iCal:
"The account inforation could not be found - Unexpected error at the secure name resoltion (Error -9813). The servername <name> is maybe incorrect "
(This is translated from german)
I'm sure that HTTPS is running as I can reach it in the Browser - authentication is running as well
Thanks Georg
_______________________________________________ calendarserver-dev mailing list calendarserver-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-dev
meanwhile I found out, that I have a logentry in /var/log/system.log on my client: --- Feb 18 21:14:01 regulus iCal[97893]: SMA: -[DAVRequest(Private) translateSSLError:]: { -9813 } Feb 18 21:14:01 regulus iCal[97893]: [DAVRequest _readStreamEvent]: SecTrustEvaluate failed. Failing with error: (null) ---
putting this into google made me a bit nervous when I read this: http://www.zimbra.com/forums/administrators/16397-caldav-issue-leopard.html
is it true that iCal cannot handle "selfmade SSL-Certs"? How can I put the cert on "always trust"?
I hope you can help. Thanks a lot Georg
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
Hi, Are you sure private and public keys are stored in the same file? Georg Am 18.02.2009 um 22:19 schrieb Cyrille Colin:
hi, Self-signed certs works for me. I create it with createmake-ssl-cert /usr/share/ssl-cert/ssleay.cnf /calendar/certs/ calendar.pem and set .plist :
<!-- Public key --> <key>SSLCertificate</key> <string>/calendar/certs/calendar.pem</string>
<!-- Private key --> <key>SSLPrivateKey</key> <string>/calendar/certs/calendar.pem</string>
hope this help.
On mer., 2009-02-18 at 21:18 +0100, Georg Troska wrote:
Hi,
ok maybe this is a better forum to ask this question
Anfang der weitergeleiteten E-Mail:
Von: Georg Troska <georg.troska@uni-dortmund.de> Datum: 18. Februar 2009 15:08:13 MEZ An: calendarserver-dev@lists.macosforge.org Betreff: [CalendarServer-dev] HTTPS-Problem
Hi,
I have problems to get HTTPS running on the calendarserver. (Ubuntu-Intrepid) HTTP works fine now, but using HTTPS gives me an error-message in iCal:
"The account inforation could not be found - Unexpected error at the secure name resoltion (Error -9813). The servername <name> is maybe incorrect "
(This is translated from german)
I'm sure that HTTPS is running as I can reach it in the Browser - authentication is running as well
Thanks Georg
_______________________________________________ calendarserver-dev mailing list calendarserver-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-dev
meanwhile I found out, that I have a logentry in /var/log/system.log on my client: --- Feb 18 21:14:01 regulus iCal[97893]: SMA: -[DAVRequest(Private) translateSSLError:]: { -9813 } Feb 18 21:14:01 regulus iCal[97893]: [DAVRequest _readStreamEvent]: SecTrustEvaluate failed. Failing with error: (null) ---
putting this into google made me a bit nervous when I read this: http://www.zimbra.com/forums/administrators/16397-caldav-issue-leopard.html
is it true that iCal cannot handle "selfmade SSL-Certs"? How can I put the cert on "always trust"?
I hope you can help. Thanks a lot Georg
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
Georg Troska Experimentelle Physik IV TU Dortmund +49 231 755 3501
Oops, i didn't see the error was in ical .. are you sure your certificate common name is set to your server url ? https seems to work, to verify connect your server via a browser : https://xxx:8443/calendars/users/ Le mercredi 18 février 2009 à 23:27 +0100, Georg Troska a écrit :
Hi, Are you sure private and public keys are stored in the same file?
Georg Am 18.02.2009 um 22:19 schrieb Cyrille Colin:
hi, Self-signed certs works for me. I create it with createmake-ssl-cert /usr/share/ssl-cert/ssleay.cnf /calendar/certs/ calendar.pem and set .plist :
<!-- Public key --> <key>SSLCertificate</key> <string>/calendar/certs/calendar.pem</string>
<!-- Private key --> <key>SSLPrivateKey</key> <string>/calendar/certs/calendar.pem</string>
hope this help.
On mer., 2009-02-18 at 21:18 +0100, Georg Troska wrote:
Hi,
ok maybe this is a better forum to ask this question
Anfang der weitergeleiteten E-Mail:
Von: Georg Troska <georg.troska@uni-dortmund.de> Datum: 18. Februar 2009 15:08:13 MEZ An: calendarserver-dev@lists.macosforge.org Betreff: [CalendarServer-dev] HTTPS-Problem
Hi,
I have problems to get HTTPS running on the calendarserver. (Ubuntu-Intrepid) HTTP works fine now, but using HTTPS gives me an error-message in iCal:
"The account inforation could not be found - Unexpected error at the secure name resoltion (Error -9813). The servername <name> is maybe incorrect "
(This is translated from german)
I'm sure that HTTPS is running as I can reach it in the Browser - authentication is running as well
Thanks Georg
_______________________________________________ calendarserver-dev mailing list calendarserver-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-dev
meanwhile I found out, that I have a logentry in /var/log/system.log on my client: --- Feb 18 21:14:01 regulus iCal[97893]: SMA: -[DAVRequest(Private) translateSSLError:]: { -9813 } Feb 18 21:14:01 regulus iCal[97893]: [DAVRequest _readStreamEvent]: SecTrustEvaluate failed. Failing with error: (null) ---
putting this into google made me a bit nervous when I read this: http://www.zimbra.com/forums/administrators/16397-caldav-issue-leopard.html
is it true that iCal cannot handle "selfmade SSL-Certs"? How can I put the cert on "always trust"?
I hope you can help. Thanks a lot Georg
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
Georg Troska Experimentelle Physik IV TU Dortmund +49 231 755 3501
Hi Cyrille, https in my browser works, https in leightning (debian calendar) works as well. Kerberos authentication works as well (on browser and leightning with https and http) I can connect with iCal but only when I'm sending my Kerberos -Ticket unencrypted without https over http. When trying to connect through https I get there Error message I mentioned:
"The account information could not be found - Unexpected error at the secure name resoltion (Error -9813). The servername <name> is maybe incorrect "
I my case the SSL-Cert and the private-key are stored in two different files (with different priviliges but belonging by root). This is the first time I heard of SSL Certs and Privatekey that are stored in one file. From my point of view they are useless then ;-) But I have not found information about that tool you mentioned. All Calendarclient programs except iCal ask if they my trust my certificates. I believe if I could tell iCal to trust them everything would be ok Do you use iCal as a client with https connection? Thanks a lot Georg Am 19.02.2009 um 08:54 schrieb Cyrille Colin:
Oops, i didn't see the error was in ical .. are you sure your certificate common name is set to your server url ? https seems to work, to verify connect your server via a browser : https://xxx:8443/calendars/users/
Le mercredi 18 février 2009 à 23:27 +0100, Georg Troska a écrit :
Hi, Are you sure private and public keys are stored in the same file?
Georg Am 18.02.2009 um 22:19 schrieb Cyrille Colin:
hi, Self-signed certs works for me. I create it with createmake-ssl-cert /usr/share/ssl-cert/ssleay.cnf /calendar/certs/ calendar.pem and set .plist :
<!-- Public key --> <key>SSLCertificate</key> <string>/calendar/certs/calendar.pem</string>
<!-- Private key --> <key>SSLPrivateKey</key> <string>/calendar/certs/calendar.pem</string>
hope this help.
On mer., 2009-02-18 at 21:18 +0100, Georg Troska wrote:
Hi,
ok maybe this is a better forum to ask this question
Anfang der weitergeleiteten E-Mail:
Von: Georg Troska <georg.troska@uni-dortmund.de> Datum: 18. Februar 2009 15:08:13 MEZ An: calendarserver-dev@lists.macosforge.org Betreff: [CalendarServer-dev] HTTPS-Problem
Hi,
I have problems to get HTTPS running on the calendarserver. (Ubuntu-Intrepid) HTTP works fine now, but using HTTPS gives me an error-message in iCal:
"The account inforation could not be found - Unexpected error at the secure name resoltion (Error -9813). The servername <name> is maybe incorrect "
(This is translated from german)
I'm sure that HTTPS is running as I can reach it in the Browser - authentication is running as well
Thanks Georg
_______________________________________________ calendarserver-dev mailing list calendarserver-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver- dev
meanwhile I found out, that I have a logentry in /var/log/ system.log on my client: --- Feb 18 21:14:01 regulus iCal[97893]: SMA: -[DAVRequest(Private) translateSSLError:]: { -9813 } Feb 18 21:14:01 regulus iCal[97893]: [DAVRequest _readStreamEvent]: SecTrustEvaluate failed. Failing with error: (null) ---
putting this into google made me a bit nervous when I read this: http://www.zimbra.com/forums/administrators/16397-caldav-issue-leopard.html
is it true that iCal cannot handle "selfmade SSL-Certs"? How can I put the cert on "always trust"?
I hope you can help. Thanks a lot Georg
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
participants (2)
-
Cyrille Colin
-
Georg Troska