From owner-freebsd-questions@FreeBSD.ORG Tue Sep 18 00:31:26 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C6310106564A for ; Tue, 18 Sep 2012 00:31:26 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from mail-ee0-f54.google.com (mail-ee0-f54.google.com [74.125.83.54]) by mx1.freebsd.org (Postfix) with ESMTP id 5783E8FC14 for ; Tue, 18 Sep 2012 00:31:26 +0000 (UTC) Received: by eeke52 with SMTP id e52so3873006eek.13 for ; Mon, 17 Sep 2012 17:31:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=rE86VwJix8uoyCVpVsvk9+JoEwqkRqci8kiZSXKNozk=; b=jWQ+lwjxua1batj5yrV6/cj3AjSy9vdbai5b1MBbRRNbVUmxzrwCSGSjLG2vg/3gjm 6vO/ustKQvzYJAHs0Q8P75GEr3kxjRDFyYltez5SxI3CmyhL0qDAopBTpgkG4KVxyaeQ 5oR4UgLKamQFxNjB/YP1/HT4I00R51tlt2yOHOApGQ4ryH/TPTSZCzBe/ahw1z+HXY7B fHqUlUyI/xC4br2UkAqmTOrjAngJhLgkNZbGmQ7wRNviYlDQ1JcHWt3BLd40thG5jtls gHCzYmrd2VpYZ7ZvfuZtgusmOpdr/dw5lkiokCDkoVufHAp50aY2HrmFCEqYhXT+AMC2 kDIw== MIME-Version: 1.0 Received: by 10.14.180.68 with SMTP id i44mr15489564eem.20.1347928285307; Mon, 17 Sep 2012 17:31:25 -0700 (PDT) Received: by 10.14.214.131 with HTTP; Mon, 17 Sep 2012 17:31:25 -0700 (PDT) In-Reply-To: <7B0F14047E62DBD5FCE76646@Pauls-MacBook-Pro.local> References: <7B0F14047E62DBD5FCE76646@Pauls-MacBook-Pro.local> Date: Mon, 17 Sep 2012 17:31:25 -0700 Message-ID: From: Kurt Buff To: FreeBSD Questions Content-Type: text/plain; charset=UTF-8 Subject: Re: Problems with ssl certs X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2012 00:31:26 -0000 On Mon, Sep 17, 2012 at 5:13 PM, Paul Schmehl wrote: > I'm setting up a new server and plan on migrating a Wordpress blog to it. > Right now the server does not resolve with DNS, because the server I'm > migrating from is still up and running. (I'm in the setup and configure > stage.) > > I've got Wordpress installed and working with apache22, mysql 5.4, php 5.5 > and suphp. I've migrated some of the blog over and installed some plugins I > need. > > One of the plugins is the Wordpress jetpack. I can't figure out how to get > this plugin to active. > > This is the error message I'm getting: > > Your website needs to be publicly accessible to use Jetpack: > site_inaccessible > > Error Details: The Jetpack server was unable to communicate with your site > [IXR -32300: transport error: http_request_failed SSL certificate problem, > verify that the CA cert is OK. Details: error:14090086:SSL > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed] > > I assume this is a problem with the site's self-signed cert not verifying > through curl. I cat'd the cert into the ca-certfile, but it still doesn't > work, so maybe I'm wrong. > > Here's the path for the ca file: > # curl-config --ca > /usr/local/share/certs/ca-root-nss.crt > > I cat'd both the site's cert and the Jetpack site's cert into the > ca-root-nss.crt file. I think Jetpack is using php-curl. I have the > php-curl extension installed. > > Is there a way to get this self-signed cert working? Or am I going to have > to buy a cert? I could be off base here, and you may already have thought of this, but is the cert tied to the IP address or the name of the server? If it's tied to the name, and you're accessing it via the IP address, it's been my experience that the cert will throw an error. Vice versa, too. Kurt