apache - Cannot get a Koji Build system work -

i setup koji build environment in centos6 machine server suggested documentation (http://fedoraproject.org/wiki/koji/serverhowto). access koji web using http. yet facing ssl certificate trouble when switching https:

client browser error produced mozilla firefox:

ssl peer unable negotiate acceptable set of security parameters. (error code: ssl_error_handshake_failure_alert) 

• having enabled 2 admin users, koji secific error when running command:

  su kojiman; koji call getloggedinuser

errors under : kojiman:

error: [('ssl routines', 'ssl3_get_server_certificate', 'certificate verify failed')] 

#

su kojiadmin; koji call getloggedinuser errors under: kojiadmin

error: [('ssl routines', 'ssl3_read_bytes', 'sslv3 alert bad certificate'), ('ssl routines', 'ssl3_write_bytes', 'ssl handshake failure')] 

---

while in httpd ssl log have following:

############################"

ssl erros:

[wed feb 05 18:37:28 2014] [error] [client 46.21.193.155] certificate verification: error (19): self signed certificate in certificate chain [wed feb 05 18:44:06 2014] [warn] rsa server certificate commonname (cn) `kojihub' not match server name!? [wed feb 05 18:44:06 2014] [warn] rsa server certificate commonname (cn) `kojihub' not match server name!? 

• when test certificate openssl:

  openssl s_client -connect localhost:443 -tls1 -cafile /etc/pki/koji/kojihub.pem

i indeed get:

verify error:num=20:unable local issuer certificate verify error:num=27:certificate not trusted verify error:num=21:unable verify first certificate  verify return:1 139736479307592:error:14094410:ssl routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1256:ssl alert number 40 139736479307592:error:1409e0e5:ssl routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:596: verify return code: 21 (unable verify first certificate) 

any appreciated!

solved. using wrong certificate main builder. changed in kojid.conf