Actually I think that Hunchentoot is a great webserver, so don't take it to heart. And I very appreciate what you all guys do.
By the way the issue is solved - no patch needed. The problem was in documentation of CL+SSL:USE-CERTIFICATE-CHAIN-FILE which was not clear. After reading the appropriate OpenSSL call reference I understood that it's needed to add only a single file. In that file I need to place 2 certificates (in pem format): the website's and the following intermediate CA's. Now it's working. Thanks a lot.
2010/9/1 Hans Hübner hans.huebner@gmail.com
On Wed, Sep 1, 2010 at 16:46, Semion Prihodko semion.ababo@gmail.com wrote:
This is really a problem, because most of certificates that can be
purchased
use intermediate root certificate... really don't understand why this
issue
was not taken into consideration in Hunchentoot design.
We're sorry to hear that Hunchentoot does not meet your requirements. We implemented the features that we need, and chained certificate support was not required by us. You are welcome to send a patch. We can also offer paid support.
-Hans
tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel