Changes between Initial Version and Version 2 of Ticket #29970
- Timestamp:
- Jun 29, 2011, 8:33:23 PM (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #29970
- Property Owner changed from macports-tickets@… to mww@…
- Property Port openssl added
-
Ticket #29970 – Description
initial v2 4 4 5 5 To test this I do the following: 6 - rename /opt/local/etc/openssl/cert.pem so it is not interfering with the test. 7 - install google's cert chain (www.google.com,thawte,versign) to /opt/local/etc/openssl/certs/ 8 - run /opt/local/bin/c_rehash to install the hashed links to the certs 9 - run openssl s_client -CApath /opt/local/etc/openssl/certs/ -connect www.google.com:443 and succeed 10 - run wget -O - https://www.google.com and fail with: 6 - rename /opt/local/etc/openssl/cert.pem so it is not interfering with the test. 7 - install google's cert chain (www.google.com,thawte,versign) to /opt/local/etc/openssl/certs/ 8 - run /opt/local/bin/c_rehash to install the hashed links to the certs 9 - run openssl s_client -CApath /opt/local/etc/openssl/certs/ -connect www.google.com:443 and succeed 10 - run wget -O - https://www.google.com and fail with: 11 {{{ 11 12 ERROR: cannot verify www.google.com’s certificate, issued by “/C=/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA”: 12 13 Unable to locally verify the issuer’s authority. 13 - run lynx https://www.google.com and fail with: 14 }}} 15 - run lynx https://www.google.com and fail with: 16 {{{ 14 17 Making HTTPS connection to encrypted.google.com 15 18 SSL callback:unable to get local issuer certificate, preverify_ok=0, ssl_okay=0 … … 21 24 22 25 lynx: Can't access startfile https://www.google.com/ 23 24 - if the certificates are appended to /opt/local/etc/openssl/cert.pem then wget and lynx requests to https://www.google.com work26 }}} 27 - if the certificates are appended to /opt/local/etc/openssl/cert.pem then wget and lynx requests to https://www.google.com work 25 28 26 29 This issue affects all tools built again openssl.