[cups.general] Unable to use local certificate with CUPS
Michael Sweet
msweet at apple.com
Wed Aug 15 12:24:04 PDT 2012
Without knowing the version of CUPS or the OS you are using, it is hard to help.
But for OS X, at least, your certificate needs to be at least 1024 bits these days (anything less is insecure and not accepted)
On Aug 15, 2012, at 5:37 AM, Andrey Repin <anrdaemon at freemail.ru> wrote:
> Greetings, All.
>
> Anyone?
>
> AR> Greetings, All.
>
> AR> I'm moving internal infrastructure towards smooth connectivity, and one of the
> AR> steps was to start using proper certificates to encrypt secure connections.
> AR> Apache and other services already going fine, but CUPS made me a problem.
> AR> When I point it to the new key/cert, it deny any attempts to connect to it
> AR> using SSL.
>
> AR> E [28/Jul/2012:22:06:26 +0400] encrypt_client: Unable to encrypt connection from 192.168.1.10!
> AR> E [28/Jul/2012:22:06:26 +0400] encrypt_client: Could not negotiate a supported cipher suite.
>
> AR> when I set links back to "snakeoil" certificate, everything start to behave.
> AR> FS rights on key and certificate are copied from "snakeoil" one, so I can't
> AR> think about it being file access problem.
>
> AR> Do I need any special OID's for certificate to work with CUPS, or anything
> AR> else I've missed?
>
>
>
>
>
> --
> Sincerely Yours, Andrey Repin <anrdaemon at freemail.ru>
>
> _______________________________________________
> cups mailing list
> cups at easysw.com
> http://lists.easysw.com/mailman/listinfo/cups
_________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair
More information about the cups
mailing list