[CalendarServer-users] SSL problems with 2.3 and trunk under Debian
Cyrus Daboo
cdaboo at apple.com
Tue Jan 5 07:46:16 PST 2010
Hi Mark,
--On January 5, 2010 7:14:19 AM -0600 Mark Nipper <nipsy at bitgnome.net>
wrote:
>> Oh and also check DNS. You need to have A and PTR records set
>> correctly for your server.
>
> All of this is fine. Everything works via HTTP. And
> none of this would matter anyway with HTTPS. You would simply
> get warnings from the client (Firefox for example) if the host
> name didn't match what was in the certificate presented. But
> it's not even getting that far.
Try using the openssl command line tool from a shell to connect to your
server. That can print out lots of useful debugging information:
> openssl s_client -connect host.example.com:8443 -debug
Also note that the server is explicitly set to use SSLv3_METHOD protocol
rather than SSLv23_METHOD. It maybe your client cannot cope with that, in
which case you will need to adjust the value in the caldavd.plist (or
update the client).
--
Cyrus Daboo
More information about the calendarserver-users
mailing list