[Xymon] https failure in 4.3.4, not in 4.2.3

I upgraded my last xymon server from 4.2.3 to 4.3.4 this morning. It went well, except for one little thing. https tests.

I found that my proxy machines just ran http tests, but my main server runs https tests. An oversight I'm now correcting. How I found this is that my tests are now failing:

red Wed Aug 31 09:21:47 2011: 

red https://iadnasp1.mns.qintra.com/ - 


Seconds: 0.06

If I run a curl on the site, I get:

$ curl https://iadnasp1 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). The default bundle is named curl-ca-bundle.crt; you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

Using the --insecure works correctly.

So, we have an internal CA. So I'm guessing I need to install the CA's certificate of authority to clear this issue up? Where do I do that?

Paul.

Paul Root - Engineer III - Qwest is now CenturyLink

This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.