[lug] apache ssl error (intermittent)
David L. Anselmi
anselmi at anselmi.us
Fri May 13 14:25:07 MDT 2011
Ben Luey wrote:
> I'm using a commerical SSL certificate from GoDaddy. It is a UCC
> (multi-domain) certificate. This problem started around the time I
> switched from a almost expired 1024 bit regular godaddy ssl cert to a
> new 2048 bit UCC certificate.
What does s_client use as a trusted cert store? All CA certs are self-signed and if s_client
doesn't trust any of them it's reasonable for it to point out the self-signed cert at the top of the
chain. I'd guess that isn't part of the problem though.
Is it possible that your openssl/apache have bugs related to either UCC or 2048 bit certs? Have you
looked for bug reports related to the error messages you've seen with wget and s_client? Seems like
you're using a relatively new cert with a relatively old server.
Dave
More information about the LUG
mailing list