For Programmers: Free Programming Magazines  


Home > Archive > Tcl > May 2007 > TLS certificate validation failure









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author TLS certificate validation failure
Tomte25

2007-05-23, 7:12 pm

Does anyone know why TLS would report that a site's certificate failed
to verify even though I know it is in fact valid? My cafile.pem file
had the certificate authority that issued the certificate in it.

Christian Nassau

2007-05-23, 7:12 pm

Tomte25 schrieb:
> Does anyone know why TLS would report that a site's certificate failed
> to verify even though I know it is in fact valid? My cafile.pem file
> had the certificate authority that issued the certificate in it.

Have you tried to verify the certificate with the OpenSSL command-line
tool? Something like

> openssl verify -CAfile cafile.pem server.pem

should tell you whether the problem comes from OpenSSL or the tls package.

If your certificate still seems valid you could try to turn on
tls-debugging, either by setting ::tls::debug to 1, or directly by
putting a puts "$option $args" at the beginning of the tls::callback
procedure (contained in the file tls.tcl in your tls installation.)

HTH,

--
=> Christian Nassau, http://www.nullhomotopie.de


Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com