Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 17 Sep 2012 22:03:00 -0500
From:      Paul Schmehl <pschmehl_lists@tx.rr.com>
To:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: Problems with ssl certs
Message-ID:  <08A12383C3E88E69782C5A19@Pauls-MacBook-Pro.local>
In-Reply-To: <CADy1Ce5%2BNGew-Pha8msSJCXMXmP8sn6uoSo=bg0stX87r1dopQ@mail.gmail.com>
References:  <7B0F14047E62DBD5FCE76646@Pauls-MacBook-Pro.local> <CADy1Ce59i2ms3S-1XWq5tu69Bh16ZFppVZ=NopFTcdibERZfPg@mail.gmail.com> <AACAA21ECC0AAE14336E5F8F@Pauls-MacBook-Pro.local> <CADy1Ce5%2BNGew-Pha8msSJCXMXmP8sn6uoSo=bg0stX87r1dopQ@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
--On September 17, 2012 7:22:44 PM -0700 Kurt Buff <kurt.buff@gmail.com> 
wrote:

> On Mon, Sep 17, 2012 at 5:55 PM, Paul Schmehl <pschmehl_lists@tx.rr.com>
> wrote:
>>
>> --On September 17, 2012 5:31:25 PM -0700 Kurt Buff <kurt.buff@gmail.com>
>> wrote:
>>
>>> On Mon, Sep 17, 2012 at 5:13 PM, Paul Schmehl <pschmehl_lists@tx.rr.com>
>>> wrote:
>>>>
>>>> I'm setting up a new server and plan on migrating a Wordpress blog to
>>>> it. Right now the server does not resolve with DNS, because the server
>>>> I'm migrating from is still up and running.  (I'm in the setup and
>>>> configure stage.)
>>>>
>>>> I've got Wordpress installed and working with apache22, mysql 5.4, php
>>>> 5.5 and suphp.  I've migrated some of the blog over and installed some
>>>> plugins I need.
>>>>
>>>> One of the plugins is the Wordpress jetpack.  I can't figure out how to
>>>> get this plugin to active.
>>>>
>>>> This is the error message I'm getting:
>>>>
>>>> Your website needs to be publicly accessible to use Jetpack:
>>>> site_inaccessible
>>>>
>>>> Error Details: The Jetpack server was unable to communicate with your
>>>> site [IXR -32300: transport error: http_request_failed SSL certificate
>>>> problem, verify that the CA cert is OK. Details: error:14090086:SSL
>>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed]
>>>>
>>>> I assume this is a problem with the site's self-signed cert not
>>>> verifying through curl.  I cat'd the cert into the ca-certfile, but it
>>>> still doesn't work, so maybe I'm wrong.
>>>>
>>>> Here's the path for the ca file:
>>>> # curl-config --ca
>>>> /usr/local/share/certs/ca-root-nss.crt
>>>>
>>>> I cat'd both the site's cert and the Jetpack site's cert into the
>>>> ca-root-nss.crt file.  I think Jetpack is using php-curl.  I have the
>>>> php-curl extension installed.
>>>>
>>>> Is there a way to get this self-signed cert working?  Or am I going to
>>>> have to buy a cert?
>>>
>>>
>>> I could be off base here, and you may already have thought of this,
>>> but is the cert tied to the IP address or the name of the server? If
>>> it's tied to the name, and you're accessing it via the IP address,
>>> it's been my experience that the cert will throw an error. Vice versa,
>>> too.
>>>
>>
>> That did not change a thing.
>
> Hmm. Using the loopback address?
>

Um, no.  I'm accessing the site from my house over the web.

Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?08A12383C3E88E69782C5A19>