[Fedora-directory-users] SSL problem on replication!
Richard Megginson
rmeggins at redhat.com
Tue Mar 28 16:34:10 UTC 2006
Alex wrote:
>
>
>
>> Because cacert.asc is a CA certificate, not a Server Certificate.
>>
>
> MA porc(/(&$"£%/$"(£&%£)....you are in right...now I 'm at home, but I have
> a VMWARE version of my test here and I want to try.....
>
> Only one thing: SSL HOWTO in the fedora wiki says:
>
>
> "Exporting the CA cert for use with other apps
> Now that you have your server cert, client applications will need to be able
> to verify that cert when connecting to the server. In order to do that, the
> SSL client must have the CA cert to verify that the cert presented by the
> SSL server is valid. This includes server to server communication such as
> replication. In this case, the replication supplier is the SSL client, and
> the consumer is the SSL server. "
>
Yes. The SSL client apps need the CA cert - during the SSL handshake
process, the client receives the SSL server cert and needs to verify it
using the CA cert that signed the SSL server cert.
>
> Thanks...
>
> Alex
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060328/dbe0d1fd/attachment.bin>
More information about the Fedora-directory-users
mailing list