Closed richvdh closed 5 years ago
I agree that in some cases it is not clear what the actual problem is -
"IssuerCommonName": "Let's Encrypt Authority X3",
(...)
"Errors": [
{
"Message": "x509: certificate signed by unknown authority"
}
],
Solution was: Using the fullchain.pem
provided by certbot, not the cert.pem
as I did
A good start is surfacing the Errors
array in the UI.
The federation tester just seems to give a binary
"ValidCertificates": false
, which isn't terribly helpful (and the UI turns into a warning about self-signed certs, whether or not the problem is that the cert is self-signed).We should give better feedback on what's wrong with the cert - possibly in the
Errors
orInfo
fields of the connection report.