> Also, do you account for intermediate CA in your setup? You have basically > two options how to handle it: > > 1) "standard": server-cert.pem should contain the whole chain of certificates > under root CA, e.g: > * Int. CA 1 > * Int. CA 2 > * server cert > you just cat them to the file in that order. You then add the root CA to the .vv > file and things should work. We have several user using such setup successfully. But it does not work with my StartCom certificates - strange. > 2) "custom": treat intermediate CA that actually signed the server cert as > trusted root: use it in ca-cert.pem and pass it to remote-viewer. > Given that you need to supply remote-viewer with a CA, this approach is less > "wrong" than in different TLS use cases. This also fails when using the "StartCom Class 2 Primary Intermediate Server CA". So the question is if someone has a working setup using " StartCom Class 2 Primary Intermediate Server CA" and spice? _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel