I’m starting up a new podcast this weekend, and I’ll be using mumble to communicate with another person. Being a proper person, I decided that I wanted a proper SSL certificated instead of the self-signed cert that mumble/murmur generates on first start.

Everything went pretty well at first. I followed the instructions at the website, adding the following to my murmur.ini file:

sslCert=/home/OliverK/tron_soliloquyforthefallen_net.crt
sslKey=/home/OliverK/myserver.key

(Protip: just use hardpaths on a server. It seems to me that I never get anywhere using relatives.)

Which made the murmur server use my newly minted rapidSSL certificate. (Did I mention I’m cheap?)

But, when I tried to connect, I received the following errors:

Server presented a certificate which failed verification ..
The specific errors with this certificate are:

1. The issuer certificate of a locally looked up certificate could not be found
2. The root CA certificate is not trusted for this purpose
3. No Certificates could be verified.

Do you wish to accept this certificate anyway?
(It will be also be stored so you won’t be asked this again.)

After some searching, I found out that I needed to add the following line:

sslCA=/home/OliverK/COMODORSADomainValidationSecureServerCA.crt

Restart the murmur server, and get the same set of errors, minus one:

Server presented a certificate which failed verification ..
The specific errors with this certificate are:

1. The issuer certificate of a locally looked up certificate could not be found
2. The root CA certificate is not trusted for this purpose

Do you wish to accept this certificate anyway?
(It will be also be stored so you won’t be asked this again.)

Searching on the internet alluded to needed to concatenate various files, but which ones? My ssl cert package used different names then everyone else? On a gambit, I did this:

[OliverK@tron ~]$ cp COMODORSADomainValidationSecureServerCA.crt COMODORSADomainValidationSecureServerCA.crt.bak
[OliverK@tron ~]$ cat COMODORSAAddTrustCA.crt >> COMODORSADomainValidationSecureServerCA.crt

After that, everything connected rather happily.

Just thought I’d through this out for anyone trying to use a rapidSSL cert on their murmur server.