I haven't been able to check Server 10.6.1 yet.After you have generated your root authority with BounCA ( Install BounCA), your root certificates needs to be added to your systems to let them trust your issued certificates. If I remove the filename from the SSLAuthorit圜hain attribute, the server starts normally but, naturally, connections fail unless I add the intermediate certificate to the local client's keychain. Using openssl I verified that those three files are, in fact, correct. + 22:42:11-0700 : +īut the key and the certificate do match, as confirmed by the other apps working fine and openssl x509/rsa -modulus. + 22:42:11-0700 ctx.useĬertificate_chainfile(self.certificateChainFile)+ + 22:42:11-0700 File "/usr/share/caldavd/lib/python/twistedcaldav/tap.py", line 437, in cacheContext+ + 22:42:11-0700 File "/usr/share/caldavd/lib/python/twistedcaldav/tap.py", line 727, in makeService_Slave+ + 22:42:11-0700 File "/usr/share/caldavd/lib/python/twistedcaldav/tap.py", line 754, in makeService+ + 22:42:11-0700 File "/usr/share/caldavd/lib/python/twisted/application/app.py", line 202, in createOrGetApplication+ + 22:42:11-0700 self.application = self.createOrGetApplication()+ + 22:42:11-0700 File "/usr/share/caldavd/lib/python/twisted/scripts/twistd.py", line 23, in runApp+ Mail (Both postfix and cyrus) are happy with it. It and the intermediate cert are present in the /Library/Keychains/System.keychain and in /etc/certificates. I just upgraded from a self-signed cert to a cert from StartCom, which requires use of an intermediate certificate on the server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |