[arch-dev-public] openssl 1.0 rebuild

Pierre Schmitz pierre at archlinux.de
Wed Apr 14 15:35:54 EDT 2010


On Wed, 14 Apr 2010 12:32:09 -0700, Tobias Kieslich <tobias at justdreams.de>
wrote:
> On Wed, 07 Apr 2010, Thomas Bächler wrote:
> 
>> The new openssl breaks RADIUS authentication with wpa_supplicant for
me.
>> It fails to verify the CA certificate and aborts authentication. It
>> works if I disable verification of the certificates in the
configuration
>> (which is bad, but still helps).
> 
> I looked through my fetchmail log:
> fetchmail: Server certificate verification error: unable to get local
> issuer certificate
> 139953489753768:error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
> failed:s3_clnt.c:1056:
> fetchmail: SSL connection failed.
> fetchmail: socket error while fetching from
> xxxxxxx at xxxxxxxxx.xx@xxxx.xxxxxxxxxx.xxx
> fetchmail: Query status=2 (SOCKET)
> 
> turns out, I had to c_rehash .certs and everything was fine. I wonder
> how many other things might be effected ...
> 
> 	-T

See http://bugs.archlinux.org/task/19043 You should use the system cert
store instead.

-- 
Pierre Schmitz, https://users.archlinux.de/~pierre


More information about the arch-dev-public mailing list