On Nov 30, 2006, at 9:43 AM, Mailing Lists wrote:
> I did everything that godaddy/starfield said I needed
to do. I
> downloaded the intermediate certificate and here is the
entry in my
> ssl.conf file: I am using apache 2, on RedHat 9.
The problem is that your server is not sending the
intermediate
certificate. This means your browser cannot make the
connection
between the cert your server presents and the CA Certificate
your
browser has.
Try connecting to your server using openssl s_client
-showcerts -
connect www.piercebroscoffee.com:443 , and compare that to
the same
command directed at either godaddy.com:443 or
issues.apache.org:443.
> SSLCertificateFile /etc/httpd/conf/ssl.crt/
> piercebroscoffee.com.crt
>
> SSLCertificateKeyFile
/etc/httpd/conf/ssl.key/piercebroscoffee.com.key
> SSLCertificateChainFile
/etc/httpd/conf/ssl.crt/sf_issuing.crt
The weird thing is that your configuration is exactly right.
The ASF
also has certificates from Godaddy, and we have exactly the
same
configuration down to the chain cert filename. Did you
restart your
server after you added the SSLCErtificateChainFile
directive? Try a
full stop-start perhaps?
Of course we're running httpd 2.2.3, but I can't imagine
that this
was broken in 2.0.40... this is fairly fundamental to server
functionality and I figure either we or Red Hat would have
fixed such
an issue fortwith.
S.
--
sctemme apache.org http://www.temme.net/san
der/
PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
|