security/ca_root_nss missing Let's Encrypt X3 certificate
Andrea Venturoli
ml at netfence.it
Tue Mar 26 13:45:42 UTC 2019
On 3/26/19 11:58 AM, Yasuhiro KIMURA wrote:
> What server application you use?
I use Let's Encrypt certificates in Apache's HTTPd, sendmail,
cyrus-imap, etc...
However, this is not relevant here: I'm talking about FreeBSD as a
client and not necessarily connecting to "my" servers.
> Let's Encrypt Authority X3 is signed by DST Root CA X3.
Ok.
> And DST Root CA X3 is included in security/ca_root_nss.
Right again: I did not notice this.
> So if you configured server application
> properly it should be able to use server sertificates issued by Let's
> Encrypt.
Again, it's not a server problem, but rather a client program.
It works now, even if I didn't change anything!!!
I don't know what happened really... several sites were not working, but
they are reachable again.
Thanks anyway and sorry for the noise!
bye
av.
More information about the freebsd-questions
mailing list