Where to place the Root CA certificate when using TLS?

Skip to first unread message


May 24, 2019, 10:28:19 AM5/24/19
to libstrophe
Hello all,

I am using libstrophe latest commit c40b4c1 on Linux.
I'm establishing a connection to an XMPP server that only allows TLS via StartTLS connections. ThereforeI set the flag XMPP_CONN_FLAG_MANDATORY_TLS.
In the connect process, I get the following error:

conn DEBUG SENT: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
xmpp DEBUG RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
xmpp DEBUG handle proceedtls called for proceed
xmpp DEBUG proceeding with TLS
tls DEBUG Certificate verification FAILED
tls DEBUG Certificate was not presented by peer
tls DEBUG error=1 errno=0
tls DEBUG error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

conn DEBUG Couldn't start TLS! error -3 tls_error 1
conn DEBUG SENT: </stream:stream>
xmpp DEBUG Send error occurred, disconnecting.
xmpp DEBUG Closing socket.
xmpp-clientd[30501]: xmpp conn disconnect: 103
xmpp-clientd[30501]: Disconnected with error=103.

The root ca cert is placed in /etc/ssl/certs/ca-certificates.crt since I found that location in one code file, but I'm not sure if it is really looked up there.

So my question is where to place the root ca certificate file for a proper validation.

Thanks in advance
Reply all
Reply to author
0 new messages