Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BC46717756 for ; Mon, 6 Apr 2015 19:34:22 +0000 (UTC) Received: (qmail 4048 invoked by uid 500); 6 Apr 2015 19:34:14 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 4012 invoked by uid 500); 6 Apr 2015 19:34:14 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 4000 invoked by uid 99); 6 Apr 2015 19:34:14 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Apr 2015 19:34:14 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_HELO_PASS X-Spam-Check-By: apache.org Received-SPF: error (nike.apache.org: local policy) Received: from [80.67.31.39] (HELO smtprelay01.ispgateway.de) (80.67.31.39) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Apr 2015 19:33:49 +0000 Received: from [85.179.3.54] (helo=[192.168.1.2]) by smtprelay01.ispgateway.de with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.84) (envelope-from ) id 1YfClV-0000XG-R0 for users@httpd.apache.org; Mon, 06 Apr 2015 21:32:57 +0200 Message-ID: <5522DF68.4080100@pipping.org> Date: Mon, 06 Apr 2015 21:32:56 +0200 From: Sebastian Pipping User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: users@httpd.apache.org References: <1428341056.11322.10.camel@narod.ru> <5522D0FE.2040108@pipping.org> <1428347245.11322.16.camel@narod.ru> In-Reply-To: <1428347245.11322.16.camel@narod.ru> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Df-Sender: aGFydHdvcmtAYmluZXJhLmRl X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] StartSSL (not self-signed) cert but says "The certificate is not trusted because it is self-signed" On 06.04.2015 21:07, Victor Porton wrote: >> How did you prepare those? >> Did you follow the StartSSL steps on the website wizard and obtained >> both of these files through downloading from their website? >> > I've obtained both the certificate and the key (which I have deciphered > on my machine) from StartSSL. > > I have copy&pasted them from their site's control panel (if it is called > control panel). I just refound this screenshot story of the process: https://github.com/ioerror/duraconf/tree/master/startssl#user-content-startssl You could compare if anything went different for you, if you like. > I've verified my cert for a domain (withoutvowels.org) not for an IP. So > I wonder where "d1stkfactory" got from. Have you tried fgrep -R d1stkfactory /etc ? > Please explain how to disable SSLv3 in Apache. That would be SSLProtocol all -SSLv2 -SSLv3 https://wiki.mozilla.org/Security/Server_Side_TLS#Apache Best, Sebastian --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org