[pve-devel] Fix for chained certificates in pve-ssl.pem
Michael Rasmussen
mir at datanom.net
Sat Jun 8 01:28:12 CEST 2013
On Mon, 3 Jun 2013 06:55:04 +0000
Dietmar Maurer <dietmar at proxmox.com> wrote:
> > So I have attached a file containing what the patch should look like.
>
> Please can you test if this works for you?
>
> https://git.proxmox.com/?p=vncterm.git;a=blobdiff;f=tigerpatches/trust-manager.patch;h=e8158d56a418edbe77eaaf7bb567083ff23ea91c;hp=5bbd9c6e5d31f1332188aff847f1e20a6ebb0d35;hb=75f214c0252c8a8e03ec9b16082aa10299b2d36b;hpb=e9d0f7d38b576ca8ab5d806469eda0acc56c2ddd
>
>
I have just tested and can confirm this is working. One note then: If
the pve-ssl.pem is not merged the right way the pveproxy wont start at
all. So the correct syntax for the file is
pve-ssl.pem ::= <certificate> | <certificate> <chain>
certificate ::= "server_certificate"
chain ::= "\n" "chain_certificate" | "\n" "chain_certificate" <chain>
--
Hilsen/Regards
Michael Rasmussen
Get my public GnuPG keys:
michael <at> rasmussen <dot> cc
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD3C9A00E
mir <at> datanom <dot> net
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE501F51C
mir <at> miras <dot> org
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE3E80917
--------------------------------------------------------------
Nothing is so firmly believed as that which we least know.
-- Michel de Montaigne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.proxmox.com/pipermail/pve-devel/attachments/20130608/48493ac5/attachment.sig>
More information about the pve-devel
mailing list