Problems with ssl certs

[Kurt Buff]

On Mon, Sep 17, 2012 at 5:13 PM, Paul Schmehl <pschmehl_lists at tx.rr.com> wrote:
> I'm setting up a new server and plan on migrating a Wordpress blog to it.
> Right now the server does not resolve with DNS, because the server I'm
> migrating from is still up and running.  (I'm in the setup and configure
> stage.)
>
> I've got Wordpress installed and working with apache22, mysql 5.4, php 5.5
> and suphp.  I've migrated some of the blog over and installed some plugins I
> need.
>
> One of the plugins is the Wordpress jetpack.  I can't figure out how to get
> this plugin to active.
>
> This is the error message I'm getting:
>
> Your website needs to be publicly accessible to use Jetpack:
> site_inaccessible
>
> Error Details: The Jetpack server was unable to communicate with your site
> [IXR -32300: transport error: http_request_failed SSL certificate problem,
> verify that the CA cert is OK. Details: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed]
>
> I assume this is a problem with the site's self-signed cert not verifying
> through curl.  I cat'd the cert into the ca-certfile, but it still doesn't
> work, so maybe I'm wrong.
>
> Here's the path for the ca file:
> # curl-config --ca
> /usr/local/share/certs/ca-root-nss.crt
>
> I cat'd both the site's cert and the Jetpack site's cert into the
> ca-root-nss.crt file.  I think Jetpack is using php-curl.  I have the
> php-curl extension installed.
>
> Is there a way to get this self-signed cert working?  Or am I going to have
> to buy a cert?

I could be off base here, and you may already have thought of this,
but is the cert tied to the IP address or the name of the server? If
it's tied to the name, and you're accessing it via the IP address,
it's been my experience that the cert will throw an error. Vice versa,
too.

Kurt