SSL load_cert_crl_file "system lib" errors
Philip Pemberton
lists at philpem.me.uk
Fri Jan 21 15:19:07 CST 2011
Hi,
I've just installed a StartSSL certificate on my server, mainly to get
rid of the ever-present "SSL CA is not verified" alerts from Firefox,
Thunderbird and Mercurial. FFX and TBird are fine with my server's new
certificate, but Mercurial seems to have a problem...
I copied StartSSL's CA key into /home/philpem/.hgfiles/cacerts.pem, then
added this to the head of my ~/.hgrc:
[web]
cacerts = /home/philpem/.hg/cacerts.pem
Now if I try to push or pull...
philpem at cheetah:/var/www/isis$ hg push
abort: error: _ssl.c:328: error:0B084002:x509 certificate
routines:X509_load_cert_crl_file:system lib
If I comment out the cacerts line, I get...
philpem at cheetah:/var/www/isis$ hg push
warning: wolf.philpem.me.uk certificate not verified (check web.cacerts
config setting)
http authorization required
realm: Mercurial repositories on wolf.philpem.me.uk
user: [redacted]
password:
So it seems I can't win. Either I completely lose access to the server
via hg, or I get a screen full of warnings about web.cacerts not being
set...
What am I doing wrong?
Thanks,
--
Phil.
lists at philpem.me.uk
http://www.philpem.me.uk/
More information about the Mercurial
mailing list