From: Ian Barton <lists@wilkesley.net>
To: Seb Frank <sebsfrank@gmail.com>,
"emacs-orgmode@gnu.org" <emacs-orgmode@gnu.org>
Subject: Re: org-caldav: problems connecting to owndrive
Date: Wed, 07 May 2014 15:39:15 +0100 [thread overview]
Message-ID: <536A4593.9050905@wilkesley.net> (raw)
In-Reply-To: <CAMF4YiM=2qYoTvjrjTvdN_c=Am7r4S1=R2NytUtsGsLE39BK7A@mail.gmail.com>
On 07/05/14 14:43, Seb Frank wrote:
> Hi there,
>
> I've been trying to setup org-caldav to sync to my owndrive calendar.
>
> Setup is
>
> #+begin_src emacs-lisp
> (setq org-caldav-url
> "https://my.owndrive.com/remote.php/caldav/calendars/myusername")
> (setq org-caldav-calendar-id "myid")
> (setq org-caldav-inbox "~/org/test.org <http://test.org>")
> #+end_src
>
> When I try org-caldav-sync, it fails with:
>
> Contacting host: my.owndrive.com:443 <http://my.owndrive.com:443>
> gnutls.c: [0] (Emacs) fatal error: Public key signature verification has
> failed.
> gnutls.el: (err=[-89] Public key signature verification has failed.)
> boot: (:priority NORMAL :hostname my.owndrive.com
> <http://my.owndrive.com> :loglevel 0 :min-prime-bits 256 :trustfiles nil
> :crlfiles nil :keylist nil :verify-flags nil :verify-error nil
> :callbacks nil)
> edebug-signal: GnuTLS error: #<process my.owndrive.com
> <http://my.owndrive.com>>, -89
>
> Testing this with gnutls on the command line confirms the problem:
> % gnutls-cli -V -p 443 my.owndrive.com <http://my.owndrive.com>
> ...
> - Status: The certificate is NOT trusted. The signature in the
> certificate is invalid.
> *** Verifying server certificate failed...
> *** Fatal error: Error in the certificate.
> *** Handshake has failed
> GnuTLS error: Error in the certificate.
>
> Does anyone know if there is a way to tell org-caldav or url-dav to use
> an untrusted certificate?
>
Hi Seb,
I think you need to handle it at the gnutls level. Have a look at
http://blog.tremily.us/posts/X.509_certificates/
Particularly:
GnuTLS
In GnuTLS, you set the list of trusted CAs using
gnutls_certificate_set_x509_trust_file. By convention this function is
pointed to the /etc/ssl/certs/ca-certificates.crt file mentioned above
Ian.
next prev parent reply other threads:[~2014-05-07 14:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-07 13:43 org-caldav: problems connecting to owndrive Seb Frank
2014-05-07 14:39 ` Ian Barton [this message]
2014-05-07 14:55 ` Ian Barton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.orgmode.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=536A4593.9050905@wilkesley.net \
--to=lists@wilkesley.net \
--cc=emacs-orgmode@gnu.org \
--cc=ian@manor-farm.org \
--cc=sebsfrank@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).