I am using client certificat with haproxy (configred with ca file and crl-file )
I am seeing this error in the firefox:
SSL peer had some unspecified issue with the certificate it received
I am seeing this error in the haproxy:
SSl client CA chain canot be verified
I did not have any chain, i have only root ca and client crt.
I used $ openssl verify -CAfile ca.pem client.pem
to verify root CA with client certificat and the result is ok.
I used ca-ignore-err all
in haproxy config and the pb is gone
Why ca-ignore-err all
in haproxy solved the pb ?
what can i do in the log format to understand this pb ?