Self Signed Certs
Gary E. Miller
gem at rellim.com
Thu May 7 17:55:40 UTC 2020
Yo Rich!
On Thu, 7 May 2020 12:42:20 -0400
Rich Schmidt via devel <devel at ntpsec.org> wrote:
> I am still stymied trying to test NTPsec with self-signed certs. Still
> getting "unknown ca" on the server. I would appreciate any assistance
> in this effort.
I do not see where you copied your new "root" to the client root certs
diractory. Then you have to rehas the client root cers directory.
> 2020-05-07T16:23:51 ntpd[27974]: NTSc: Using dir /var/lib/ntp/certs/
> for root certificates.
Here is where the root cert from your self-signed cert needs to got.
Preferably on both server and clients.
> 2020-05-07T16:24:58 ntpd[27974]: NTS: error:14094418:SSL
> routines:ssl3_read_bytes:tlsv1 alert unknown ca
Your root cert not found on client.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can't measure it, you can't improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20200507/b8907dbd/attachment.bin>
More information about the devel
mailing list