Hello all,
I have to make
With well-known web-servers like github.com it works well and response is 200. But my custom SSL certificate is not validated so I decided to add it to ca_root_nss.pem file manually because it is just a bunch of known CA certs concatenated together. If I export my SSL to PEM file and append it to ca_root_nss it is still not validated. I have added certificate like this:
I have also tried to import top-level CA that has issued the certificate - still no luck. What am I missing? It should be fairly simple to trust any desired certificate, but I didn't get it.
P.S. I know about "--no-check-certificate" option.
I have to make
wget https://my.server
work from FreeBSD 10 box. For this I have installed security/ca_root_nss and made symlink to /etc/ssl/cert.pemWith well-known web-servers like github.com it works well and response is 200. But my custom SSL certificate is not validated so I decided to add it to ca_root_nss.pem file manually because it is just a bunch of known CA certs concatenated together. If I export my SSL to PEM file and append it to ca_root_nss it is still not validated. I have added certificate like this:
openssl x509 -in startssl.crt -text >> /etc/ssl/cert.pem
I have also tried to import top-level CA that has issued the certificate - still no luck. What am I missing? It should be fairly simple to trust any desired certificate, but I didn't get it.
P.S. I know about "--no-check-certificate" option.