SSL errors
Dominic Hargreaves
dom at earth.li
Tue Apr 7 14:09:06 BST 2015
On Tue, Apr 07, 2015 at 01:33:10PM +0100, Jonathan McDowell wrote:
> On Tue, Apr 07, 2015 at 01:23:24PM +0100, Chris Emerson wrote:
> > I've recently (noticed today) been getting SSL certificate errors from
> > jabber.earth.li, apparently because the root of the chain isn't trusted.
> > openssl says:
> >
> > Verify return code: 20 (unable to get local issuer certificate)
> >
> > Am I missing a certificate, or is something wrong with jabber.earth.li's?
> >
> > Happy to run additional tests this end if that helps.
>
> The certificate is signed by the CACert (https://www.cacert.org/) root
> certificate. It was renewed yesterday so it's possible if you accepted
> it manually previously you may need to do so again.
Also, it's worth bearing in mind that CAcert has been removed from the
Debian certificate store from jessie onwards, which makes it less useful
(in my mind, anyway) than it was.
Looking forward to https://letsencrypt.org/ ...
Cheers,
Dominic.
More information about the jabber-users
mailing list