Ok, after doing some more research, I need to take the
statement in which I said their certificates are not
trusted in many browsers back. It does appear that
most browsers trust StarTech.
I looked thru the CA certs in firefox and noticed it
has a trusted CA for StarTech. Hmmm very interesting.
I wonder if perhaps they updated their CA?
--- Richard de Vries <richard_devries@xxxxxxxxx>
wrote:
> The problem is that your certificate has been signed
> by a Certificate Authority which is not trusted by
> many browsers.
>
> Your HTTPS instance worked fine on my internet
> explorer 7, but did indeed fail on firefox. An
> examination of the certificate revealed that your
> certificate was issued by StarField Secure
> Certification Authority.
>
> Quite honestly, I had never heard of these guys. I
> always use thawte or verisign.
>
>
> --- Mailing Lists <lists@xxxxxxxxx> wrote:
>
> > Hi,
> >
> > I am having trouble with a certificate from
> > Godaddy.com. My website is
> > https://www.piercebroscoffee.com
> >
> > On many browsers (Firefox, Epiphany, and even
> Lynx!)
> > I am not able to
> > validate the cert.
> >
> > Here is a clue that I noticed:
> > It only fails if that is the first time that you
> > need to validate the
> > intermediate starfield cert. i.e. if you go to
> > https://godaddy.com, then
> > hit https://www.piercebroscoffee.com, there is no
> > problem!
> >
> > I did everything that godaddy/starfield said I
> > needed to do. I
> > downloaded the intermediate certificate and here
> is
> > the entry in my
> > ssl.conf file: I am using apache 2, on RedHat 9.
> >
> >
> > <VirtualHost www.piercebroscoffee.com:443>
> > SuexecUserGroup java java
> > ServerAdmin webmaster@xxxxxxxxxxxxxxxxxxx
> > DocumentRoot
> > /var/www/www.javahutroasters.com/html
> > ServerName www.piercebroscoffee.com
> > ErrorLog
> > logs/www.javahutroasters.com/ssl_error_log
> > TransferLog
> > logs/www.javahutroasters.com/ssl_access_log
> > CustomLog
> > logs/www.javahutroasters.com/ssl_request_log \
> > "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
> > \"%r\" %b"
> > SSLEngine on
> > SSLCipherSuite
> >
>
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:
> > +EXP:+eNULL
> > SSLCertificateFile
> > /etc/httpd/conf/ssl.crt/piercebroscoffee.com.crt
> >
> > SSLCertificateKeyFile
> > /etc/httpd/conf/ssl.key/piercebroscoffee.com.key
> > SSLCertificateChainFile
> > /etc/httpd/conf/ssl.crt/sf_issuing.crt
> > <Files ~ "\.(cgi|shtml|phtml|php3?)$">
> > SSLOptions +StdEnvVars
> > </Files>
> > <Directory
> > "/var/www/www.javahutroasters.com/html">
> > DirectoryIndex /cgi/javahut/service.html
> > AllowOverride AuthConfig
> > Options +Indexes +Includes
> > Order allow,deny
> > Allow from all
> > </Directory>
> > ScriptAlias /cgi/
> > "/var/www/www.javahutroasters.com/cgi/"
> > <Directory
> > "/var/www/www.javahutroasters.com/cgi">
> > SSLOptions +StdEnvVars
> > AllowOverride AuthConfig
> > Options +ExecCGI
> > Order allow,deny
> > Allow from all
> > </Directory>
> > SetEnvIf User-Agent ".*MSIE.*" \
> > nokeepalive ssl-unclean-shutdown \
> > downgrade-1.0 force-response-1.0
> > </VirtualHost>
> >
> >
> > Any Ideas as to what is going wrong?
> >
> > thanks
> > Rick
> >
> >
> >
>
---------------------------------------------------------------------
> > The official User-To-User support forum of the
> > Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html>
> for
> > more info.
> > To unsubscribe, e-mail:
> > users-unsubscribe@xxxxxxxxxxxxxxxx
> > " from the digest:
> > users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> > For additional commands, e-mail:
> > users-help@xxxxxxxxxxxxxxxx
> >
> >
>
>
>
>
>
____________________________________________________________________________________
> Want to start your own business?
> Learn how on Yahoo! Small Business.
> http://smallbusiness.yahoo.com/r-index
>
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@xxxxxxxxxxxxxxxx
> " from the digest:
> users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail:
> users-help@xxxxxxxxxxxxxxxx
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|