当前位置:网站首页>centso7 openssl 报错Verify return code: 20 (unable to get local issuer certificate)
centso7 openssl 报错Verify return code: 20 (unable to get local issuer certificate)
2022-07-07 11:09:00 【白杨攻城狮】
问题重现:
由于centos7 默认的openssl的版本为1.1.0k,本人编译媒体服务时,需要openssl版本1.1.1以上,所有删除的之前的低版本openssl,手动编译了一个1.1.1k的版本,媒体服务正常运行,并且CA验证正常。
结果昨天晚上服务器断电重启后,当我在获取电信MQ数据时,openssl一直报错,Unhandled exception. System.Security.Authentication.AuthenticationException:The remote certificate was rejected by the provided RemoteCertificateValidat
使用openssl的命令测试连接状态:
openssl s_client -connect msgpush.ctwing.cn:16651
得到以下结果:
提示,无法加载本地证书。使用了各种方案,编译各种版本的openssl,还是不行。
百般无奈下,只能分析线上环境的openssl(线上为云服务器,openssl为1.02K)与本地服务器的openssl的区别,又经历了痛苦的几个小时。终于在查看openssl 版本的命令中,看出了端倪,这个命令很重要:
openssl version -d
线上打印的结果:
本地服务器的结果:
进入线上环境openssl 的目录:执行命令
ll
显示结果:
关键点就这个目录,看我标红的部分,这里的软链接就是证书的位置
我们再来看,本地服务器
可以看到,并没有看到证书的软链接,
所以一切的原因就是这里,没有告诉系统openssl使用的证书位置。所以我们创建一个软链接即可。
ln -s /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem cert.pem
执行结果如下:
当我们再次使用openssl的测试命令时:成功了,
边栏推荐
- 2022-07-07 Daily: Ian Goodfellow, the inventor of Gan, officially joined deepmind
- 如何让electorn打开的新窗口在window任务栏上面
- PHP calls the pure IP database to return the specific address
- test
- 初学XML
- Users, groups, and permissions
- 达晨与小米投的凌云光上市:市值153亿 为机器植入眼睛和大脑
- Ip2long and long2ip analysis
- What if the xshell evaluation period has expired
- .Net下極限生產力之efcore分錶分庫全自動化遷移CodeFirst
猜你喜欢
HZOJ #240. 图形打印四
Aosikang biological sprint scientific innovation board of Hillhouse Investment: annual revenue of 450million yuan, lost cooperation with kangxinuo
Creation and assignment of graphic objects
Leetcode brush questions: binary tree 19 (merge binary tree)
Talk about four cluster schemes of redis cache, and their advantages and disadvantages
【学习笔记】zkw 线段树
共创软硬件协同生态:Graphcore IPU与百度飞桨的“联合提交”亮相MLPerf
ISPRS2021/遥感影像云检测:一种地理信息驱动的方法和一种新的大规模遥感云/雪检测数据集
About how appium closes apps (resolved)
2022 polymerization process test question simulation test question bank and online simulation test
随机推荐
ICLR 2022 | pre training language model based on anti self attention mechanism
人均瑞数系列,瑞数 4 代 JS 逆向分析
Importance of database security
基于鲲鹏原生安全,打造安全可信的计算平台
About the problem of APP flash back after appium starts the app - (solved)
test
Conversion from non partitioned table to partitioned table and precautions
[crawler] avoid script detection when using selenium
处理链中断后如何继续/子链出错removed from scheduling
测试下摘要
[learn microservices from 0] [03] explore the microservice architecture
Unity 构建错误:当前上下文中不存在名称“EditorUtility”
How to apply @transactional transaction annotation to perfection?
Day22 deadlock, thread communication, singleton mode
博文推荐|Apache Pulsar 跨地域复制方案选型实践
Leetcode brush question: binary tree 24 (the nearest common ancestor of binary tree)
Practical example of propeller easydl: automatic scratch recognition of industrial parts
JNA学习笔记一:概念
货物摆放问题
详解ThinkPHP支持的URL模式有四种普通模式、PATHINFO、REWRITE和兼容模式