|
I had no problem with the Godaddy certificate
we use. Though as a newbie I recall that it did take me a while to figure out
the distinguished name and its proper use in generating certificates. Browsers
virtually all recognize the godaddy cert.
I also found that their customer service is
surprizingly good for what I paid them. They helped me resolve
any issues I had at any rate. Its free support, so you might give them a
call.
Have a great day!
----- Original Message -----
Sent: Thursday, November 30, 2006 10:21
AM
Subject: Re: Godaddy ssl
sertificate problem...
The problem is that your certificate has been signed
by a
Certificate Authority which is not trusted by
many browsers.
Your
HTTPS instance worked fine on my internet
explorer 7, but did indeed fail
on firefox. An
examination of the certificate revealed that
your
certificate was issued by StarField Secure
Certification
Authority.
Quite honestly, I had never heard of these guys. I
always
use thawte or verisign.
--- Mailing Lists <lists@xxxxxxxxx> wrote:
>
Hi,
>
> I am having trouble with a certificate from
>
Godaddy.com. My website is
> https://www.piercebroscoffee.com
>
> On many browsers (Firefox, Epiphany, and even Lynx!)
>
I am not able to
> validate the cert.
>
> Here is a clue
that I noticed:
> It only fails if that is the first time that
you
> need to validate the
> intermediate starfield cert. i.e. if
you go to
> https://godaddy.com,
then
> hit https://www.piercebroscoffee.com,
there is no
> problem!
>
> I did everything that
godaddy/starfield said I
> needed to do. I
> downloaded the
intermediate certificate and here is
> the entry in my
> ssl.conf
file: I am using apache 2, on RedHat 9.
>
>
>
<VirtualHost www.piercebroscoffee.com:443>
>
SuexecUserGroup java java
> ServerAdmin webmaster@xxxxxxxxxxxxxxxxxxx
>
DocumentRoot
>
/var/www/www.javahutroasters.com/html
>
ServerName www.piercebroscoffee.com
>
ErrorLog
>
logs/www.javahutroasters.com/ssl_error_log
>
TransferLog
>
logs/www.javahutroasters.com/ssl_access_log
>
CustomLog
> logs/www.javahutroasters.com/ssl_request_log
\
> "%t %h
%{SSL_PROTOCOL}x %{SSL_CIPHER}x
> \"%r\"
%b"
> SSLEngine
on
>
SSLCipherSuite
>
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:
>
+EXP:+eNULL
> SSLCertificateFile
>
/etc/httpd/conf/ssl.crt/piercebroscoffee.com.crt
>
>
SSLCertificateKeyFile
>
/etc/httpd/conf/ssl.key/piercebroscoffee.com.key
>
SSLCertificateChainFile
>
/etc/httpd/conf/ssl.crt/sf_issuing.crt
>
<Files ~
"\.(cgi|shtml|phtml|php3?)$">
>
SSLOptions +StdEnvVars
>
</Files>
> <Directory
>
"/var/www/www.javahutroasters.com/html">
>
DirectoryIndex
/cgi/javahut/service.html
>
AllowOverride
AuthConfig
> Options
+Indexes +Includes
>
Order allow,deny
> Allow
from all
>
</Directory>
> ScriptAlias /cgi/
>
"/var/www/www.javahutroasters.com/cgi/"
>
<Directory
>
"/var/www/www.javahutroasters.com/cgi">
>
SSLOptions +StdEnvVars
>
AllowOverride
AuthConfig
> Options
+ExecCGI
> Order
allow,deny
> Allow from
all
>
</Directory>
> SetEnvIf User-Agent
".*MSIE.*" \
>
nokeepalive ssl-unclean-shutdown
\
> downgrade-1.0
force-response-1.0
> </VirtualHost>
>
>
> Any
Ideas as to what is going wrong?
>
> thanks
> Rick
>
>
>
---------------------------------------------------------------------
>
The official User-To-User support forum of the
> Apache HTTP Server
Project.
> See <URL:http://httpd.apache.org/userslist.html>
for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@xxxxxxxxxxxxxxxx
>
" from the digest:
> users-digest-unsubscribe@xxxxxxxxxxxxxxxx
>
For additional commands, e-mail:
> users-help@xxxxxxxxxxxxxxxx
>
>
____________________________________________________________________________________
Want
to start your own business?
Learn how on Yahoo! Small Business.
http://smallbusiness.yahoo.com/r-index
---------------------------------------------------------------------
The
official User-To-User support forum of the Apache HTTP Server Project.
See
<URL:http://httpd.apache.org/userslist.html>
for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For
additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|
