FreeBSD pfsense root CA fails

Question

I have some problem with root CA of my pfsense installation. My test script is this:

openssl s_client -showcerts -connect fbstatic-a.akamaihd.net:443

And the answer is:

 Verify return code: 20 (unable to get local issuer certificate)

I tried to update CA roots with

pkg install security/ca_root_nss

but nothing changes... what can it be?

score 0 · Answer 1 · answered May 01 '15 at 15:35

ca_root_nss is included by default. openssl probably just needs to be pointed to the cert.pem file if you're calling it directly like that. Using fetch instead, 'fetch https://fbstatic-a.akamaihd.net', will verify whether the cert is recognized by the OS in general.

FreeBSD pfsense root CA fails

1 Answers1