On Wed, 14 Apr 2010 12:32:09 -0700, Tobias Kieslich <tobias@justdreams.de> wrote:
On Wed, 07 Apr 2010, Thomas Bächler wrote:
The new openssl breaks RADIUS authentication with wpa_supplicant for me. It fails to verify the CA certificate and aborts authentication. It works if I disable verification of the certificates in the configuration (which is bad, but still helps).
I looked through my fetchmail log: fetchmail: Server certificate verification error: unable to get local issuer certificate 139953489753768:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:1056: fetchmail: SSL connection failed. fetchmail: socket error while fetching from xxxxxxx@xxxxxxxxx.xx@xxxx.xxxxxxxxxx.xxx fetchmail: Query status=2 (SOCKET)
turns out, I had to c_rehash .certs and everything was fine. I wonder how many other things might be effected ...
-T
See http://bugs.archlinux.org/task/19043 You should use the system cert store instead. -- Pierre Schmitz, https://users.archlinux.de/~pierre