Hello! I'm trying to switch to new wildcard certificate provided by DigiCert, but I have small issue:
http://www.digicert.com/help/index.htm says that "This certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate." Certificate (with the intermediate cert.) is visible and recognized by browsers on Windows (FF, IE, Safari), however same browsers on Mac OSX (Safari, FF) claim that it is not signed by trusted CA. Important parts of pound configuration are: Cert "/etc/pound/host.pem" CAList "/etc/pound/DigiCertCA.crt" where host.pem contain: -----BEGIN RSA PRIVATE KEY----- (...my private key used to generate CSR) -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- (...certificate provided by DigiCert) -----END CERTIFICATE----- and ca-c contain: -----BEGIN CERTIFICATE----- (...) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (...) -----END CERTIFICATE----- So: root and intermediate certificate provided by DigiCert. Whats more interesting: openssl verify -CAfile DigiCertCA.crt host.pem host.pem: OK do you have any hints? Thanks in advance Grzegorz Danecki -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
