Where to place the Root CA certificate when using TLS?
60 views
Skip to first unread message
seventh_son
May 24, 2019, 10:28:19 AM5/24/19
to libstrophe
Hello all,
I am using libstrophe latest commit
c40b4c1 on Linux.I'm establishing a connection to an XMPP server that only allows TLS via StartTLS connections. ThereforeI set the flag XMPP_CONN_FLAG_MANDATORY_TLS.
In the connect process, I get the following error:
conn
DEBUG SENT: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
xmpp DEBUG RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
xmpp DEBUG handle proceedtls called for proceed
xmpp DEBUG proceeding with TLS
tls DEBUG Certificate verification FAILED
tls DEBUG Certificate was not presented by peer
tls DEBUG error=1 errno=0
tls DEBUG error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
conn DEBUG Couldn't start TLS! error -3 tls_error 1
conn DEBUG SENT: </stream:stream>
xmpp DEBUG Send error occurred, disconnecting.
xmpp DEBUG Closing socket.
xmpp-clientd[30501]: xmpp conn disconnect: 103
xmpp-clientd[30501]: Disconnected with error=103.
xmpp DEBUG RECV: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
xmpp DEBUG handle proceedtls called for proceed
xmpp DEBUG proceeding with TLS
tls DEBUG Certificate verification FAILED
tls DEBUG Certificate was not presented by peer
tls DEBUG error=1 errno=0
tls DEBUG error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
conn DEBUG Couldn't start TLS! error -3 tls_error 1
conn DEBUG SENT: </stream:stream>
xmpp DEBUG Send error occurred, disconnecting.
xmpp DEBUG Closing socket.
xmpp-clientd[30501]: xmpp conn disconnect: 103
xmpp-clientd[30501]: Disconnected with error=103.
The root ca cert is placed in /etc/ssl/certs/ca-certificates.crt since I found that location in one code file, but I'm not sure if it is really looked up there.
So my question is where to place the root ca certificate file for a proper validation.
Thanks in advance
7th
Reply all
Reply to author
Forward
0 new messages