Hello, you have to place a file called ca-certs in /home/sites/<website>/certs directory. In this file you write the intermediate certificate (same as your cert.bundle). If you now restart apache, certificate with issuer information should work.
Regards, Dirk, -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von DD Gesendet: Donnerstag, 19. Januar 2012 15:45 An: 'BlueOnyx General Mailing List' Betreff: [BlueOnyx:09425] Re: sec_error_unknown_issuer Hi Carl, >http://www.sslshopper.com/ssl-checker.html#hostname= http://www.sslshopper.com/ssl-checker.html#hostname=www.tidetimes.org.uk This points me to http://www.sslshopper.com/ssl-certificate-not-trusted-error.html and then to the Comodo-specific instructions at https://support.comodo.com/index.php?_m=knowledgebase&_a=view&parentcategory id=95&pcid=1&nav=0,96,1 Selecting Apache/ModSSL takes me to these instructions: https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbartic leid=1203&nav=0,96,1,95 I made a certificate bundle using: cat PositiveSSLCA.crt UTNAddTrustServerCA.crt AddTrustExternalCARoot.crt certs/certificate > certs/cert.bundle I added the following lines to /etc/httpd/conf.d/ssl.conf: SSLEngine on SSLCertificateKeyFile /home/sites/www.tidetimes.org.uk/certs/key SSLCertificateFile /home/sites/www.tidetimes.org.uk/certs/certificate SSLCertificateChainFile /home/sites/www.tidetimes.org.uk/certs/cert.bundle Httpd won't restart with these lines so I'm doing something wrong but I have no idea what. DD _______________________________________________ Blueonyx mailing list [email protected] http://mail.blueonyx.it/mailman/listinfo/blueonyx _______________________________________________ Blueonyx mailing list [email protected] http://mail.blueonyx.it/mailman/listinfo/blueonyx
