On Mon, 26 Sep 2005, Nicole Skyrca wrote:
The certificate that we purchased has an intermediate certificate.
I'm afraid that this is likely to be a problem.
Cyrus (imap/tls.c) uses SSL_CTX_use_certificate_file() rather than the
more advanced SSL_CTX_use_certificate_chain_file() to set up its
certificate. My experience with other applications is that you need to use
the _chain_ version in order for chained certificates to work.
Given that the two functions can be used interchangably, Cyrus should
probably be using SSL_CTX_use_certificate_chain_file(). The SSL manual
page for the two functions certainly recommends this.
--
David Carter Email: [EMAIL PROTECTED]
University Computing Service, Phone: (01223) 334502
New Museums Site, Pembroke Street, Fax: (01223) 334679
Cambridge UK. CB2 3QH.
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
