Enketo certificate issue on Central 0.9

Really appreciate your patience as got Enketo submissions ready, @MatthewMac and @dr_michaelmarks. We're especially eager to hear what you think of the public link feature that benefited a lot from my conversation with @chrissyhroberts.

I think @dmenne is on to something and it's likely related to the way that your certificate is issued. It looks like Enketo does stricter verification of the certificate chain. To turn it around, @dmenne, have you been able to use Enketo features with your certificate issued by your private certificate authority?

@MatthewMac do you use a public root certificate authority or a private one? Is it possible that the certificate used for your server doesn't include the full certificate chain? That is, the fullchain.pem file described in the docs is supposed to include the server's certificate, followed by any intermediate certificates that may separate the server and the root, followed by the root CA's certificate. Depending on what certificate authority you use, you may need to build this file yourself. If it's a public CA and you let us know which one, we may be able to provide more specific guidance.

This excellent Stackoverflow post has more details and also a way to get intermediate certificates without going back to your CA.

1 Like