Problems with ssl certs
Paul Schmehl
pschmehl_lists at tx.rr.com
Tue Sep 18 00:55:05 UTC 2012
--On September 17, 2012 5:31:25 PM -0700 Kurt Buff <kurt.buff at gmail.com>
wrote:
> On Mon, Sep 17, 2012 at 5:13 PM, Paul Schmehl <pschmehl_lists at tx.rr.com>
> wrote:
>> I'm setting up a new server and plan on migrating a Wordpress blog to it.
>> Right now the server does not resolve with DNS, because the server I'm
>> migrating from is still up and running. (I'm in the setup and configure
>> stage.)
>>
>> I've got Wordpress installed and working with apache22, mysql 5.4, php
>> 5.5 and suphp. I've migrated some of the blog over and installed some
>> plugins I need.
>>
>> One of the plugins is the Wordpress jetpack. I can't figure out how to
>> get this plugin to active.
>>
>> This is the error message I'm getting:
>>
>> Your website needs to be publicly accessible to use Jetpack:
>> site_inaccessible
>>
>> Error Details: The Jetpack server was unable to communicate with your
>> site [IXR -32300: transport error: http_request_failed SSL certificate
>> problem, verify that the CA cert is OK. Details: error:14090086:SSL
>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed]
>>
>> I assume this is a problem with the site's self-signed cert not verifying
>> through curl. I cat'd the cert into the ca-certfile, but it still
>> doesn't work, so maybe I'm wrong.
>>
>> Here's the path for the ca file:
>> # curl-config --ca
>> /usr/local/share/certs/ca-root-nss.crt
>>
>> I cat'd both the site's cert and the Jetpack site's cert into the
>> ca-root-nss.crt file. I think Jetpack is using php-curl. I have the
>> php-curl extension installed.
>>
>> Is there a way to get this self-signed cert working? Or am I going to
>> have to buy a cert?
>
> I could be off base here, and you may already have thought of this,
> but is the cert tied to the IP address or the name of the server? If
> it's tied to the name, and you're accessing it via the IP address,
> it's been my experience that the cert will throw an error. Vice versa,
> too.
>
That did not change a thing.
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell
More information about the freebsd-questions
mailing list