Hi All!
I want to start with a brief intro: I manage more than 10 dedicated servers and more than 50 VPS all running for my clients and I swear I never had this kind of problems before, I am really well “seasoned” and I know how to manage perfectly Servers and various control panel and… really I don’t know, maybe I am tired or maybe I have many things in my head but with one dedicated server I already lost the patience on putting working at 100% two websites with SSL…
So the problem is that in my side everything is working perfectly so if I load this two websites with Safari, Camino, Firefox and Opera the websites are 100% trusted, I asked a friend with a windows PC to make some checks and she neither had problems… all trusted and without issues…
But of every “fairy tale” there’s the dark side of the moon… so:
Some clients are experiencing an issue that I cannot understand how to fix because I know I did everything in the correct way. Ah, right… the issue:
Some people receive a message saying that the Website is NOT trusted as it seems that the Chain certificate is not correctly installed… Using various websites to check the SSL status of a Website I get every time this problem:
Common names localsearchtool.org
Alternative names localsearchtool.org www.localsearchtool.org
Prefix handling Both (with and without WWW)
Valid from Tue Nov 22 00:00:00 UTC 2011
Valid until Wed Nov 21 23:59:59 UTC 2012 (expires in 10 months and 15 days)
Key RSA / 2048 bits
Signature algorithm SHA1withRSA
Server Gated Cryptography No
Weak key (Debian) No
Issuer PositiveSSL CA
Next Issuer UTN-USERFirst-Hardware TRUSTED
Chain length (size) 1 (1330 bytes)
Chain issues Incomplete <<<<<<<<<<<<<<<<<<< HERE!!!
Validation type Domain-validated (DV)
Revocation information CRL, OCSP
Revocation status Good (not revoked)
Trusted Yes
So I thought that the problem WAS the issuer, PositiveSSL (Comodo) but the problem is that the same issue is for another website that use a GoDaddy Certificate, same old song: Chain Issue: Incomplete.
So, what I am doing wrong? What I am skipping?? Why only in one server???
This is the configuration:
SSLEngine on
SSLCertificateFile /home/xxxxx/ssl.cert
SSLCertificateKeyFile /home/xxxxx/ssl.key
SSLCACertificateFile /home/xxxxx/PositiveSSL.ca-bundle
SSLCertificateChainFile /home/xxxxx/PositiveSSL.ca-bundle
Thanks in advance for your help and sorry of my english and my attitudes on writing long novels instead of a normal post!