This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Help! SSL Troubles

1 post / 0 new

Topic locked

#1 Wed, 01/11/2012 - 12:12

chkme

Help! SSL Troubles

Hi All!

I want to start with a brief intro: I manage more than 10 dedicated servers and more than 50 VPS all running for my clients and I swear I never had this kind of problems before, I am really well "seasoned" and I know how to manage perfectly Servers and various control panel and... really I don't know, maybe I am tired or maybe I have many things in my head but with one dedicated server I already lost the patience on putting working at 100% two websites with SSL...

So the problem is that in my side everything is working perfectly so if I load this two websites with Safari, Camino, Firefox and Opera the websites are 100% trusted, I asked a friend with a windows PC to make some checks and she neither had problems... all trusted and without issues...

But of every "fairy tale" there's the dark side of the moon... so:

Some clients are experiencing an issue that I cannot understand how to fix because I know I did everything in the correct way. Ah, right... the issue:

Some people receive a message saying that the Website is NOT trusted as it seems that the Chain certificate is not correctly installed... Using various websites to check the SSL status of a Website I get every time this problem:

Common names localsearchtool.org Alternative names localsearchtool.org www.localsearchtool.org Prefix handling Both (with and without WWW) Valid from Tue Nov 22 00:00:00 UTC 2011 Valid until Wed Nov 21 23:59:59 UTC 2012 (expires in 10 months and 15 days) Key RSA / 2048 bits Signature algorithm SHA1withRSA

Server Gated Cryptography No Weak key (Debian) No Issuer PositiveSSL CA Next Issuer UTN-USERFirst-Hardware TRUSTED Chain length (size) 1 (1330 bytes) Chain issues Incomplete <<<<<<<<<<<<<<<<<<< HERE!!!!! Validation type Domain-validated (DV) Revocation information CRL, OCSP Revocation status Good (not revoked) Trusted Yes

So I thought that the problem WAS the issuer, PositiveSSL (Comodo) but the problem is that the same issue is for another website that use a GoDaddy Certificate, same old song: Chain Issue: Incomplete.

So, what I am doing wrong? What I am skipping?? Why only in one server???

This is the configuration:

SSLEngine on SSLCertificateFile /home/xxxxx/ssl.cert SSLCertificateKeyFile /home/xxxxx/ssl.key SSLCACertificateFile /home/xxxxx/PositiveSSL.ca-bundle SSLCertificateChainFile /home/xxxxx/PositiveSSL.ca-bundle

Thanks in advance for your help and sorry of my english and my attitudes on writing long novels instead of a normal post!