[CalendarServer-users] SSL with caldavd

[Gaurav Jain]

Without Intermediate Certs, I get

<!-- SSL authority chain (for intermediate certs) -->

    <key>SSLAuthorityChain</key>

*    <string></string>*

41275:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake
failure:/SourceCache/OpenSSL098/OpenSSL098-52.40.1/src/ssl/s23_clnt.c:593:
------------------------------------------------ Different Error
--------------------------------

With Intermediate Certs:

<!-- SSL authority chain (for intermediate certs) -->

    <key>SSLAuthorityChain</key>

*    <string>/etc/ssl/myProject/PositiveSSL.ca-bundle</string>*

java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.

On Sun, Mar 27, 2016 at 7:12 PM, Gaurav Jain <monkeyfdude at gmail.com> wrote:

> Hi,
>
> Thank you for creating caldavd.
>
> I try to configure SSL with Caldavd. I am having issues configuring
> SSLAuthortiyChain.
>
> I use positive SSL which gave following file for intermediate chain
>
> AddTrustExternalCARoot.crt
>
> COMODORSAAddTrustCA.crt
>
> COMODORSADomainValidationSecureServerCA.crt
>
>
> I created a file PositiveSSL.ca-bundle
>
> cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt
>  AddTrustExternalCARoot.crt      > PositiveSSL.ca-bundle
>
>
>     <!-- SSL authority chain (for intermediate certs) -->
>
>     <key>SSLAuthorityChain</key>
>
>     <string>/etc/ssl/myProject/PositiveSSL.ca-bundle</string>
>
>
> But I get "HandShake Failed" error.
>
> openssl s_client -connect example.com:8443 -CAfile
> ~/ssl/comodo/PositiveSSL.ca-bundle
>
> CONNECTED(00000003)
>
> 41275:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
> handshake
> failure:/SourceCache/OpenSSL098/OpenSSL098-52.40.1/src/ssl/s23_clnt.c:593:
>
>
> Would you be able to point me to issue?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-users/attachments/20160327/9c93d0a0/attachment.html>