![]() If for some reason you can't configure your server to use a separate chained bundle, then you just paste your server certificate in the beginning (on the top) of the bundle and use the resulting file as your server cert. In this example I have not included the actual domain certificate and as long as your server can be configured to take a separate chained certificate bundle this is what you use. Then save the file as whatever name you like. The exact order you can get from your ssl provider if its not obvious from the names. Root CA Certificate - root.crt - at the end of the file.Intermediate CA Certificate 1 - IntermediateCA1.crt.Intermediate CA Certificate 2 - IntermediateCA2.crt - on top of the.This was already touched on earlier in this thread but it did not resove how you do this.įirst you have to make a chained certificate bundle and you do that by using your favorite text editor and just paste them in, in the correct (reverse) order i.e. The browser when someone visits your web site. Using an intermediate certificate means that you must complete anĪdditional step in the installation process to enable your siteĬertificate to be chained to the trusted root, and not show errors in The intermediate certificate, orĬertificates, completes the chain to a root certificate trusted by the Comodo's support states:Ĭertificate, or certificates, that go between your site (server)Ĭertificate and a root certificate. Therefore you have to provide the whole chain of certificates to Firefox. Firefox apparently does not have one of the intermediary certificates build in, though Firefox does trust the root CA. I found that this is a problem of the certificate chain being incomplete. We are running our website using a squid-reverse SSL proxy and Firefox would keep complaining "sec_error_unknown_issuer" as you stated, yet every other browser was OK. We had the same problem with a Comodo wildcard "positive ssl" cert. I know this thread is a little old but we ran into this too and will archive our eventual solution here for others.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |