[CalendarServer-users] Exception thrown when using chained certificates

[Nikola Knežević]

On Apr 2, 2013, at 18:17 , Glyph wrote:

> Still not sure; I need to go do some testing of my own, but can you check on something?  I think this line might be a clue:
> 
> On Apr 1, 2013, at 1:50 AM, Nikola Knežević <laladelausanne at gmail.com> wrote:
> 
>> 2013-04-01 10:46:39+0200 [-] [caldav-0]  [-] /usr/local/caldavd/lib/python2.7/site-packages/Twisted-12.3.0-py2.7-macosx-10.7-intel.egg/twisted/python/util.py:560: exceptions.UserWarning: tried to drop privileges and setuid 93 but uid is already 93; should we be root? Continuing.
> 
> Is your SSL cert (including private key & any chain certs) readable by UID 93?


Hi Glyph,

sure, can gladly check anything on my computer :)

Yes, it is readable:

/usr/local/caldavd/etc % ll
total 176
..snip..
-rw-r--r--  1 _calendar  _calendar   1358 Mar 26 02:53 accounts.xml
-rw-r--r--  1 _calendar  _calendar    864 Mar 28 23:14 augments.xml
-rw-r--r--  1 _calendar  _calendar   1131 Mar 29 21:38 caldav-server.crt
-rw-r--r--  1 _calendar  _calendar   1743 Mar 29 21:38 caldav-server.key
-rw-r--r--  1 _calendar  _calendar   6952 Mar 30 11:31 caldav-server.pem
..snip…

 /usr/local/caldavd/etc % id 93
uid=93(_calendar) gid=93(_calendar) groups=93(_calendar),405(com.apple.sharepoint.group.4),12(everyone),29(certusers),30(_keytabusers),61(localaccounts),216(_postgres)

Best,
Nikola