[BlueOnyx:09427] Re: sec_error_unknown_issuer
Dirk Estenfeld
dirk.estenfeld at bpanet.de
Fri Jan 20 07:21:55 -05 2012
Hello,
you have to place a file called ca-certs in /home/sites/<website>/certs directory.
In this file you write the intermediate certificate (same as your cert.bundle).
If you now restart apache, certificate with issuer information should work.
Regards,
Dirk,
-----Ursprüngliche Nachricht-----
Von: blueonyx-bounces at mail.blueonyx.it [mailto:blueonyx-bounces at mail.blueonyx.it] Im Auftrag von DD
Gesendet: Donnerstag, 19. Januar 2012 15:45
An: 'BlueOnyx General Mailing List'
Betreff: [BlueOnyx:09425] Re: sec_error_unknown_issuer
Hi Carl,
>http://www.sslshopper.com/ssl-checker.html#hostname=
http://www.sslshopper.com/ssl-checker.html#hostname=www.tidetimes.org.uk
This points me to
http://www.sslshopper.com/ssl-certificate-not-trusted-error.html and then to the Comodo-specific instructions at https://support.comodo.com/index.php?_m=knowledgebase&_a=view&parentcategory
id=95&pcid=1&nav=0,96,1
Selecting Apache/ModSSL takes me to these instructions:
https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbartic
leid=1203&nav=0,96,1,95
I made a certificate bundle using:
cat PositiveSSLCA.crt UTNAddTrustServerCA.crt AddTrustExternalCARoot.crt certs/certificate > certs/cert.bundle
I added the following lines to /etc/httpd/conf.d/ssl.conf:
SSLEngine on
SSLCertificateKeyFile /home/sites/www.tidetimes.org.uk/certs/key
SSLCertificateFile /home/sites/www.tidetimes.org.uk/certs/certificate
SSLCertificateChainFile /home/sites/www.tidetimes.org.uk/certs/cert.bundle
Httpd won't restart with these lines so I'm doing something wrong but I have no idea what.
DD
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list