#481560 - Pastie

From a linux node:

openssl s_client -showcerts -connect ccpuppet:8140
CONNECTED(00000003)
depth=1 /CN=ccpuppet.in2p3.fr
verify error:num=19:self signed certificate in certificate chain
verify return:0

-> it claims about self signed, but returns 0.

From a AIX node:

openssl s_client -showcerts -connect ccpuppet:8140
CONNECTED(00000003)
depth=0 /CN=ccpuppet.in2p3.fr
verify error:num=18:self signed certificate
verify return:1
depth=0 /CN=ccpuppet.in2p3.fr
verify error:num=7:certificate signature failure
verify return:1
depth=0 /CN=ccpuppet.in2p3.fr
verify return:1


From puppetd point of view, the error message is:
err: Could not retrieve catalog: Certificates were not trusted: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed