Hi there,

I was trying to HTTPs boot a virtual machine with the following scenario:

1) I have a self signed root CA root.crt and then I use it to sign another self signed certificate myip.crt for the IP address X.X.X.X
2) I have an NGINX server configured to use SSL with the myip.crt certificate and its key.
3) I have a UEFI virtual machine configured to HTTPs boot and trust the CA certificate root.crt .

Unfortunately the machine fails in the SSL handshake step and then the UEFI config page is shown again. Using for example curl --cacert root.crt X.X.X.X it works perfectly fine (also forcing curl to use tls 1.2).

In addition to that, if I do not use a root certificate for the server's IP (i.e. I do not build a chain of certificates), the machine boots fine.

Unfortunately I don't have a physical server to make a real test. Is this a missing feature, a bug, or am I doing it completely wrong?

Thank you very much!

_._,_._,_
Groups.io Links:

You receive all messages sent to this group.

View/Reply Online (#110111) | | Mute This Topic | New Topic
Your Subscription | Contact Group Owner | Unsubscribe [rebecca@openfw.io]

_._,_._,_