Date: Mon, 10 Aug 2009 12:14:32 -0800 From: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net> To: freebsd-questions@freebsd.org Cc: Stefan Miklosovic <miklosovic.freebsd@gmail.com> Subject: Re: vsftpd with ssl Message-ID: <200908101214.32647.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> In-Reply-To: <f99a79ec0908101159q7112b066me71c2a0ed00e6f09@mail.gmail.com> References: <f99a79ec0908101159q7112b066me71c2a0ed00e6f09@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 10 August 2009 10:59:34 Stefan Miklosovic wrote:
> Hi there,
>
> I am installing vsftpd server with ssl.
> It seems it works good, BUT
>
> *~:*ftp-tls notebook
> Trying 127.0.0.1...
> Connected to localhost.
> 220 Welcome to miniBSD service.
> 234 Proceed with negotiation.
> [Starting SSL/TLS negotiation...]
> WARNING: Server's certificate issuer's certificate isn't available locally.
This is an ftp-tls error, not vsftpd. It took some searching through OpenSSL
sources, cause half of the manpages aren't available, but the certificate
should be in /etc/ssl on the connecting machine.
The error above is the same as described in the verify(1) manpage for OpenSSL:
2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certifi-
cate
the issuer certificate could not be found: this occurs if the
issuer certificate of an untrusted certificate cannot be found.
The verify(1) manpage also describes how to store your trusted certificates in
there, though it doesn't contain too much info.
Perhaps this guide will help you:
http://gagravarr.org/writing/openssl-certs/others.shtml#ca-openssl
--
Mel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200908101214.32647.mel.flynn%2Bfbsd.questions>