| The solution | ||
|---|---|---|
 | Error 60 in Landscape: a failing certificate chain |  |
| The solution | ||
|---|---|---|
| | Error 60 in Landscape: a failing certificate chain | |
I found that certificate chain funny, so I reordered the certificates in the file that contains them, and reconfigured Landscape (see ). Now the client will connect to Landscape:
landscape-config --import=https://landscapehost.rug.nl/config/bootstrap.conf -t $(hostname -f) --script-users=me,you,everybody --silent --registration-password=verysecretofcourse
Fetching configuration from https://landscapehost.rug.nl/config/bootstrap.conf...
Writing SSL public key to /etc/landscape/client.conf.ssl_public_key...
* Stopping landscape-client daemon
...fail!
* Starting the landscape-client daemon
...done.
Please wait... System successfully registered.
The ssl-check gives prettier output now, but still the same non-zero exit code:
CONNECTED(00000003)
depth=3 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/C=NL/O=Rijksuniversiteit Groningen/OU=CITNWD/CN=landscapehost.rug.nl
i:/C=NL/O=TERENA/CN=TERENA SSL CA
1 s:/C=NL/O=TERENA/CN=TERENA SSL CA
i:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
2 s:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
3 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
<snip>
| |  | |
| Error 60 in Landscape: a failing certificate chain |  | Getting a virtual LWP under KVM |