Hoping that someone can help w/ this and shed a little light on this one, i have spent a good bit of time working on this issue and i feel that i have been bashing my head in to the wall repeatedly.
Here is my issue i have created a CA internal of my organization using microsoft certificate services. I built to Wildfire servers version 3.0.1 on cent os 4.3, both on the same network. I used the keytool to create a CSR on each server and sent them up the CA and had it signed. I then imported the CA key as a trusted key and then the certificate that was signed.
The 2 servers work perfectly w/ the clients. Comm is excellent all features work.
The issue starts when we come to the server to server communications. The servers will communicate w/ each other if I make SSL server to server comm optional.
If i turn on SSL required for server to server, which is a feature that i need to have, i start to get errors.
The first error that i started to get was that the root certificate was not trusted, so i added the ca cert to the trustore, issue resolved to a new issue.
I then started to get an error that the certificate could not be verified for the server that it was attempting to open a connection w/ to send over the message.
If i add the option to turn off SSL cert verification then the issue clears, but being a paranoid person i like to fully understand what is causing the SSL verification to fail b4 i turn it off.
The CA is trusted
The Cert is Valid
The Cert is for the correct server name
The Cert is not on the CRL
If there is anyone that can shed a little light on this I would appreciated