Hi, On 2017-12-08 10:49:33 -0800, Russ Allbery wrote: > INN does this in a kind of old-school way and expects you to set tlscafile > or tlscapath to the separate file or directory containing the trust chain. > (Not saying we shouldn't change this to also support a cert chain in the > cert file, but that will probably get this working for you.)
Thanks for your swift reply. In fact I already set tlscafile to a file containing the whole chain. BUT: Now I re-signed the server certificate and also included TLS Web Client Authentication in the extended key usage flags and magically everything works properly. I am not quite sure why, but that's ok :-) Sorry for the noise, Cheers, Michael -- Michael Bussmann <b...@mb-net.net>
signature.asc
Description: PGP signature
