Date: Tue, 26 Mar 2019 14:45:26 +0100 From: Andrea Venturoli <ml@netfence.it> To: Yasuhiro KIMURA <yasu@utahime.org>, freebsd-questions@freebsd.org Subject: Re: security/ca_root_nss missing Let's Encrypt X3 certificate Message-ID: <2ed32cc3-ab80-7a0c-58c2-152bee067f7a@netfence.it> In-Reply-To: <20190326.195821.2023506369953085466.yasu@utahime.org> References: <d81ae160-44c1-693d-f97b-abb1830b0c48@netfence.it> <20190326.195821.2023506369953085466.yasu@utahime.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3/26/19 11:58 AM, Yasuhiro KIMURA wrote: > What server application you use? I use Let's Encrypt certificates in Apache's HTTPd, sendmail, cyrus-imap, etc... However, this is not relevant here: I'm talking about FreeBSD as a client and not necessarily connecting to "my" servers. > Let's Encrypt Authority X3 is signed by DST Root CA X3. Ok. > And DST Root CA X3 is included in security/ca_root_nss. Right again: I did not notice this. > So if you configured server application > properly it should be able to use server sertificates issued by Let's > Encrypt. Again, it's not a server problem, but rather a client program. It works now, even if I didn't change anything!!! I don't know what happened really... several sites were not working, but they are reachable again. Thanks anyway and sorry for the noise! bye av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2ed32cc3-ab80-7a0c-58c2-152bee067f7a>