There was a problem with Mailman on common-lisp.net which seems to be fixed now.
Yes, I'm a member now. Thanks.
I wanted to use a chained certificate without Apache or anything else in front of hunchentoot and came up with a hack that enabled it.
My notes on the hack can be found at https://www.juranki.net/ht/hunchentoot-chained-certificate.html (if you're using IE, you're going to get a security alert because the CA I'm experimenting with is not trusted by IE)
I would like this capability to be added to hunchentoot/cl+ssl, but before doing more work I'd like to hear your comments.
Do you see the solution as a valid one? If so, how to proceed? If not, what's the better way to do it?
I only looked at it briefly, but at first glance it seems to be OK. However, for something to be accepted as a patch to Hunchentoot see the notes here:
I further examined the behaviour of the openssl functions and found that its possible to solve the problem without modifying hunchentoot, by first loading a ca-bundle, containing ca and intermediate certificates, to global context and then using the existing hunchentoot api to specify the private key and server certificate.
A patch to cl+ssl and some notes can be found at https://www.juranki.net/ht/hunchentoot-chained-certificate-v3.html
br, -juhani