Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 4827 invoked from network); 30 Nov 2006 18:22:19 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 30 Nov 2006 18:22:19 -0000 Received: (qmail 87633 invoked by uid 500); 30 Nov 2006 18:22:15 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 87623 invoked by uid 500); 30 Nov 2006 18:22:15 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 87612 invoked by uid 99); 30 Nov 2006 18:22:15 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 Nov 2006 10:22:15 -0800 X-ASF-Spam-Status: No, hits=2.8 required=10.0 tests=DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST,DNS_FROM_RFC_WHOIS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: local policy) Received: from [209.191.85.78] (HELO web36910.mail.mud.yahoo.com) (209.191.85.78) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 30 Nov 2006 10:22:02 -0800 Received: (qmail 23619 invoked by uid 60001); 30 Nov 2006 18:21:40 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=S+wsWqUHk+v3LuvENphRrQ34dYpO20Q/6xGSsFnHF3eBLq8H+0WBzqtvLPYTaXEVRKjZjhMDqFqVVttXttnqJyg+kIN0x7aJl/HwFfm4eOqXNCZOwhTtDX9u/GUe2q1Nk6vGw8fos2MmYjAaJO3x+WrIeKcxFlI/Z3sNqSGcHpY=; X-YMail-OSG: HbdXxx4VM1kA4EI1ck_nkbFnZaigKbDcgJXfBBCYzQrunO22QzfvQmmbUMLRYZ_J6YG49O55Y2viTKe1FBItbScP1ikqb2vf5PYK8_Z7E6TZ98In8Vmnwrd_3D6nnv3NhurD8wsE0rkXMEA- Received: from [198.207.223.237] by web36910.mail.mud.yahoo.com via HTTP; Thu, 30 Nov 2006 10:21:40 PST Date: Thu, 30 Nov 2006 10:21:40 -0800 (PST) From: Richard de Vries To: users@httpd.apache.org, lists@gmnet.net In-Reply-To: <1164908599.10238.111.camel@thor.greenbuzz.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <294702.22739.qm@web36910.mail.mud.yahoo.com> X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] Godaddy ssl sertificate problem... The problem is that your certificate has been signed by a Certificate Authority which is not trusted by many browsers. Your HTTPS instance worked fine on my internet explorer 7, but did indeed fail on firefox. An examination of the certificate revealed that your certificate was issued by StarField Secure Certification Authority. Quite honestly, I had never heard of these guys. I always use thawte or verisign. --- Mailing Lists wrote: > Hi, > > I am having trouble with a certificate from > Godaddy.com. My website is > https://www.piercebroscoffee.com > > On many browsers (Firefox, Epiphany, and even Lynx!) > I am not able to > validate the cert. > > Here is a clue that I noticed: > It only fails if that is the first time that you > need to validate the > intermediate starfield cert. i.e. if you go to > https://godaddy.com, then > hit https://www.piercebroscoffee.com, there is no > problem! > > I did everything that godaddy/starfield said I > needed to do. I > downloaded the intermediate certificate and here is > the entry in my > ssl.conf file: I am using apache 2, on RedHat 9. > > > > SuexecUserGroup java java > ServerAdmin webmaster@javahutroasters.com > DocumentRoot > /var/www/www.javahutroasters.com/html > ServerName www.piercebroscoffee.com > ErrorLog > logs/www.javahutroasters.com/ssl_error_log > TransferLog > logs/www.javahutroasters.com/ssl_access_log > CustomLog > logs/www.javahutroasters.com/ssl_request_log \ > "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x > \"%r\" %b" > SSLEngine on > SSLCipherSuite > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2: > +EXP:+eNULL > SSLCertificateFile > /etc/httpd/conf/ssl.crt/piercebroscoffee.com.crt > > SSLCertificateKeyFile > /etc/httpd/conf/ssl.key/piercebroscoffee.com.key > SSLCertificateChainFile > /etc/httpd/conf/ssl.crt/sf_issuing.crt > > SSLOptions +StdEnvVars > > "/var/www/www.javahutroasters.com/html"> > DirectoryIndex /cgi/javahut/service.html > AllowOverride AuthConfig > Options +Indexes +Includes > Order allow,deny > Allow from all > > ScriptAlias /cgi/ > "/var/www/www.javahutroasters.com/cgi/" > "/var/www/www.javahutroasters.com/cgi"> > SSLOptions +StdEnvVars > AllowOverride AuthConfig > Options +ExecCGI > Order allow,deny > Allow from all > > SetEnvIf User-Agent ".*MSIE.*" \ > nokeepalive ssl-unclean-shutdown \ > downgrade-1.0 force-response-1.0 > > > > Any Ideas as to what is going wrong? > > thanks > Rick > > > --------------------------------------------------------------------- > The official User-To-User support forum of the > Apache HTTP Server Project. > See for > more info. > To unsubscribe, e-mail: > users-unsubscribe@httpd.apache.org > " from the digest: > users-digest-unsubscribe@httpd.apache.org > For additional commands, e-mail: > users-help@httpd.apache.org > > ____________________________________________________________________________________ Want to start your own business? Learn how on Yahoo! Small Business. http://smallbusiness.yahoo.com/r-index --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org