From owner-freebsd-questions@FreeBSD.ORG Tue Sep 18 02:22:45 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E5F16106566C for ; Tue, 18 Sep 2012 02:22:45 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from mail-ee0-f54.google.com (mail-ee0-f54.google.com [74.125.83.54]) by mx1.freebsd.org (Postfix) with ESMTP id 7613C8FC08 for ; Tue, 18 Sep 2012 02:22:45 +0000 (UTC) Received: by eeke52 with SMTP id e52so3891407eek.13 for ; Mon, 17 Sep 2012 19:22:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Y/Bx2MBxB68u7RUChZOQg+sxQlY72ggNuMzdPmcfTk8=; b=UybFdxujsr0NEpbuGiehPDj3LfOgt63D2f3DmZI5cXZlM8/dKAb8gwTtPc1+orUYF/ i4FFnaMglCanq8VKZVftUPee+dW60wYKH5HqFXC/yxontvSjWDO7AxFMJHjh3CkF9IIB 5lVvu/it/oCiLFmO+v4oXU0slGmxCo7ZsO+6Fvl5iZP1F4Q4SnVQhe+rZWWy7KX39Luf 8twktvfgswCj20GTAVS+rWsYaYFEXC29+Y5TSSXMCqhgGTnvIH2V6OsX9pLjMj4AmEW7 l7BRoXNM8NmQ+uFmqRxXPY3H7FbCDzhf9I+BK7DZbYm2Zwfjg6cxKd9t0Mj3E9UjhD6k ab6Q== MIME-Version: 1.0 Received: by 10.14.179.136 with SMTP id h8mr15596789eem.6.1347934964217; Mon, 17 Sep 2012 19:22:44 -0700 (PDT) Received: by 10.14.214.131 with HTTP; Mon, 17 Sep 2012 19:22:44 -0700 (PDT) In-Reply-To: References: <7B0F14047E62DBD5FCE76646@Pauls-MacBook-Pro.local> Date: Mon, 17 Sep 2012 19:22:44 -0700 Message-ID: From: Kurt Buff To: FreeBSD Questions Content-Type: text/plain; charset=UTF-8 Subject: Re: Problems with ssl certs X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2012 02:22:46 -0000 On Mon, Sep 17, 2012 at 5:55 PM, Paul Schmehl wrote: > > --On September 17, 2012 5:31:25 PM -0700 Kurt Buff wrote: > >> On Mon, Sep 17, 2012 at 5:13 PM, Paul Schmehl >> wrote: >>> >>> I'm setting up a new server and plan on migrating a Wordpress blog to it. >>> Right now the server does not resolve with DNS, because the server I'm >>> migrating from is still up and running. (I'm in the setup and configure >>> stage.) >>> >>> I've got Wordpress installed and working with apache22, mysql 5.4, php >>> 5.5 and suphp. I've migrated some of the blog over and installed some >>> plugins I need. >>> >>> One of the plugins is the Wordpress jetpack. I can't figure out how to >>> get this plugin to active. >>> >>> This is the error message I'm getting: >>> >>> Your website needs to be publicly accessible to use Jetpack: >>> site_inaccessible >>> >>> Error Details: The Jetpack server was unable to communicate with your >>> site [IXR -32300: transport error: http_request_failed SSL certificate >>> problem, verify that the CA cert is OK. Details: error:14090086:SSL >>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed] >>> >>> I assume this is a problem with the site's self-signed cert not verifying >>> through curl. I cat'd the cert into the ca-certfile, but it still >>> doesn't work, so maybe I'm wrong. >>> >>> Here's the path for the ca file: >>> # curl-config --ca >>> /usr/local/share/certs/ca-root-nss.crt >>> >>> I cat'd both the site's cert and the Jetpack site's cert into the >>> ca-root-nss.crt file. I think Jetpack is using php-curl. I have the >>> php-curl extension installed. >>> >>> Is there a way to get this self-signed cert working? Or am I going to >>> have to buy a cert? >> >> >> I could be off base here, and you may already have thought of this, >> but is the cert tied to the IP address or the name of the server? If >> it's tied to the name, and you're accessing it via the IP address, >> it's been my experience that the cert will throw an error. Vice versa, >> too. >> > > That did not change a thing. Hmm. Using the loopback address? Kurt