Hi All,
We have a couple of old clients running OpenACS based systems, one of whom has just had a new ssl certificate issued. The CA is Comodo/instantssl who has provided us with the actual cert. as well as 4 additional certs to chain back to the browser's trusted root.
Unfortunately for me I can't figure out how to get nsopenssl (3.0b26) to use these extra certs in ssl negotiation, so we're getting "certificate signed by an untrusted authority" errors.
I've tried bundling the extra certs into the file referenced by nsopenssl's CertFile parameter, as well as the CADir/CAFile items, but haven't found a combination that actually does the right thing. Are there any docs around for using CA certificates with nsopenssl?
cheers
Russell