Date: Tue, 25 Jul 2017 17:07:57 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: HTTP Error: Unacceptable TLS Certificate Message-ID: <CAHu1Y70oTXXmkqts4fK_mjef_BfZw6DjLWeH7H_XH16zxomU%2BQ@mail.gmail.com> In-Reply-To: <3ee2c96d01c39aec0976fe2c20a17826.squirrel@webmail.harte-lyne.ca> References: <3ee2c96d01c39aec0976fe2c20a17826.squirrel@webmail.harte-lyne.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 25, 2017 at 11:47 AM, James B. Byrne via freebsd-questions <freebsd-questions@freebsd.org> wrote: > > We run a private CA and our https services are secured with our own > certificates. On my new desktop unit I am unable to connect to our > webdav https service because of an 'unacceptable TLS certificate'. I > speculate that this is due to our root certificates not being in the > trusted root certificate store on this machine. > > My question is: Where is the CA root certificate store configured for > the desktop file browser? > > Depends on the OS and the browser. Many things on FreeBSD use the package: ca_root_nss-3.31 Root certificate bundle from the Mozilla Pro= ject openssl typically has a symlink to this bundle: kudzu@ahab:/etc/ssl 206> ls -l /etc/ssl/ total 12 lrwxr-xr-x 1 root wheel 38 Jun 13 01:13 cert.pem -> /usr/local/share/certs/ca-root-nss.crt Some browsers have their own store. On OS X and Windows you can add it to the trusted OS store. -- "Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent person requires only two thousand five hundred." - The Mah=C4=81bh=C4=81rata
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y70oTXXmkqts4fK_mjef_BfZw6DjLWeH7H_XH16zxomU%2BQ>