SSL Certificate Error


#1

I recently purchased a TurboSSL Certificate from GoDaddy and installed it on my DH hosted domain. Now when I hit an HTTPS page on my site, Firefox gives me a “Website Certified by an Unknown Authority” error. Under “Possible reasons for this error” it lists:

  • Your browser does not recognize the Certificate Authority that issued the site’s certificate.

  • The site’s certificate is incomplete due to a server misconfiguration.

  • You are connected to a site pretending to be …

Can anyone help me to get this certificate working properly?

To see the problem, go to www.checkerbox.com/photocart and attempt to purchase something. (Put a note in your transaction indicating it’s a test, so I know not to charge you if the transaction goes through.)

Thanks,

Jonathan


#2

It appears that the site is using the temporary self-signed certificate that DH set up when I requested my CSR, in the first part of the SSL Certificate purchase process. But I’ve since purchased the certificate, copied the certificate that I received from GoDaddy, and installed it according to the instructions in the Wiki. What else do I need to do?

Jonathan


#3

The success email? You mean a specific email announcing that I’ve successfully configured SSL? No.

Today, after I realized that the certificate was still the self-signed one, I went back in and pasted my certificate in (again). I don’t know why it didn’t work the first time, though I do recall that this was during a time when the admin panel was quite unresponsive, so it’s possible that the first update never took effect.

Now, if you go to https://www.checkerbox.com, you’ll still see a certificate error – but only in Firefox. But now the certificate is shown as being issued by Starfield Technologies, which is the provider whose certificates GoDaddy resells. So the right certificate is in there now.

So: Is this problem a function of my particular browser configuration? Do you see it too? If you do see it, do you have any idea why the certificate error appears in some browsers but not others?

Jonathan


#4

It has some similarity with a protection racket or club. It costs something to get into a browser’s default list of known certificate authorities.

http://mkruger.cfwebtools.com/index.cfm?mode=alias&alias=ca

Yours works fine for me (also Firefox).

tor.eff.org


#5

you also might have to contact support and ask them to restart the server. every time in the past that i’ve installed a SSL cert or renewed one support has told me to let them know when i was done so they can restart the server.

johngrayson.com
suffocate[us]