D
David Abdala
Guest
Hi Brian, thanks for the information. I've tried to add the "missing" certificate, but failed (honorably, of course). So the only solution was to replace the certificate. In the end, the best sequence to solve SSL issue was: - openssl s_client -showcerts -connect : this shows any problem with the certificate and the available chipers and protocols. Can be run from anywhere, including the problematic server. If there is any certificate problem, solve it or change the certificate. The only "problem" that can be ignore is 18:self signed certificate. - access server with any browser, export the certificate (choose PEM format if there is the option, .crt is PEM) - proenv (on connecting endpoint) - certutil -import (on connecting endpoint) - force the proper -chipers -protocols and -no-host-verify, if it's a self signed certificate, in the CONNECT string, if a simple CONNECT fails. Done!, or change the certificate and try again.. Thanks for the help. David.
Continue reading...
Continue reading...