Solved: Error Login to UMC Webconsole: self signed certificate in certificate chain

Allyfied · June 5, 2024, 9:14pm

additional info:

/etc/univention/ssl/ucsCA/certs# univention-certificate list
List all certificates
01	server.domain.tld
02	univention-directory-manager.domain.tld
03	univention-directory-manager.domain.tld
04	nextc-81041460.domain.local
05	benno-43523496.domain.tld
06	benno-43523496.domain.tld
07	nextc-81041460.domain.tld
08	server.domain.tld
09	univention-directory-manager.domain.tld

verifying all 9 certiciates results in OK:

openssl verify -CApath /etc/univention/ssl/ucsCA/certs/ 09.pem
09.pem: OK

but:

/etc/univention/ssl/tuxserver.burglenzen.local# \
openssl verify -CApath /etc/univention/ssl/server.domain.tld/ cert.pem
C = DE, ST = DE, L = DE, O = domain.local, OU = Univention Corporate Server, CN = server.domain.tld, emailAddress = ssl@domain.tld
error 20 at 0 depth lookup: unable to get local issuer certificate
error cert.pem: verification failed

So it seems there is a missing step anywhere?