openssl: verify error:num=20:unable to get local issuer certificate
Oliver Schonrock
oliver at schonrocks.com
Fri Dec 4 05:16:18 UTC 2015
On 29/11/15 16:41, Oliver Schonrock wrote:
> 2. there is something wrong with the openssl installation on that
> 10.1 machine.
I have spent nearly a week trying to get to the bottom of this. In the
end I installed a clean version of FreeBSD 10.1 to a virtual machine and
tested that. Result: exactly the same as my production FreeBSD 10.1
machine. ie openssl refuses to verify that cert, no matter what CAfile
and CApath setting I pass to it.
So, rather than fight the tide, I swam with it and upgraded my
production machine from 10.1 to 10.2 => problem solved.
For anyone reading this: openssl certificate chain verification in
FreeBSD 10.1 seems to be "broken"..certainly is for me.
10.2 works perfectly.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20151204/6e304f76/attachment.bin>
More information about the freebsd-questions
mailing list