httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Temme <scte...@apache.org>
Subject Re: [users@httpd] Godaddy ssl sertificate problem...
Date Thu, 30 Nov 2006 20:06:28 GMT

On Nov 30, 2006, at 9:43 AM, Mailing Lists wrote:

> I did everything that godaddy/starfield said I needed to do. I
> downloaded the intermediate certificate and here is the entry in my
> ssl.conf file: I am using apache 2, on RedHat 9.

The problem is that your server is not sending the intermediate  
certificate. This means your browser cannot make the connection  
between the cert your server presents and the CA Certificate your  
browser has.

Try connecting to your server using openssl s_client -showcerts - 
connect www.piercebroscoffee.com:443 , and compare that to the same  
command directed at  either godaddy.com:443 or issues.apache.org:443.

>     SSLCertificateFile /etc/httpd/conf/ssl.crt/ 
> piercebroscoffee.com.crt
>
> SSLCertificateKeyFile /etc/httpd/conf/ssl.key/piercebroscoffee.com.key
>     SSLCertificateChainFile /etc/httpd/conf/ssl.crt/sf_issuing.crt

The weird thing is that your configuration is exactly right. The ASF  
also has certificates from Godaddy, and we have exactly the same  
configuration down to the chain cert filename. Did you restart your  
server after you added the SSLCErtificateChainFile directive? Try a  
full stop-start perhaps?

Of course we're running httpd 2.2.3, but I can't imagine that this  
was broken in 2.0.40... this is fairly fundamental to server  
functionality and I figure either we or Red Hat would have fixed such  
an issue fortwith.

S.

-- 
sctemme@apache.org            http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF



Mime
View raw message