Date: Mon, 17 Sep 2012 19:55:03 -0500 From: Paul Schmehl <pschmehl_lists@tx.rr.com> To: Kurt Buff <kurt.buff@gmail.com>, FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Problems with ssl certs Message-ID: <AACAA21ECC0AAE14336E5F8F@Pauls-MacBook-Pro.local> In-Reply-To: <CADy1Ce59i2ms3S-1XWq5tu69Bh16ZFppVZ=NopFTcdibERZfPg@mail.gmail.com> References: <7B0F14047E62DBD5FCE76646@Pauls-MacBook-Pro.local> <CADy1Ce59i2ms3S-1XWq5tu69Bh16ZFppVZ=NopFTcdibERZfPg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--On September 17, 2012 5:31:25 PM -0700 Kurt Buff <kurt.buff@gmail.com> wrote: > On Mon, Sep 17, 2012 at 5:13 PM, Paul Schmehl <pschmehl_lists@tx.rr.com> > wrote: >> I'm setting up a new server and plan on migrating a Wordpress blog to it. >> Right now the server does not resolve with DNS, because the server I'm >> migrating from is still up and running. (I'm in the setup and configure >> stage.) >> >> I've got Wordpress installed and working with apache22, mysql 5.4, php >> 5.5 and suphp. I've migrated some of the blog over and installed some >> plugins I need. >> >> One of the plugins is the Wordpress jetpack. I can't figure out how to >> get this plugin to active. >> >> This is the error message I'm getting: >> >> Your website needs to be publicly accessible to use Jetpack: >> site_inaccessible >> >> Error Details: The Jetpack server was unable to communicate with your >> site [IXR -32300: transport error: http_request_failed SSL certificate >> problem, verify that the CA cert is OK. Details: error:14090086:SSL >> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed] >> >> I assume this is a problem with the site's self-signed cert not verifying >> through curl. I cat'd the cert into the ca-certfile, but it still >> doesn't work, so maybe I'm wrong. >> >> Here's the path for the ca file: >> # curl-config --ca >> /usr/local/share/certs/ca-root-nss.crt >> >> I cat'd both the site's cert and the Jetpack site's cert into the >> ca-root-nss.crt file. I think Jetpack is using php-curl. I have the >> php-curl extension installed. >> >> Is there a way to get this self-signed cert working? Or am I going to >> have to buy a cert? > > I could be off base here, and you may already have thought of this, > but is the cert tied to the IP address or the name of the server? If > it's tied to the name, and you're accessing it via the IP address, > it's been my experience that the cert will throw an error. Vice versa, > too. > That did not change a thing. Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. ******************************************* "It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead." Thomas Jefferson "There are some ideas so wrong that only a very intelligent person could believe in them." George Orwell
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AACAA21ECC0AAE14336E5F8F>