Results 1 to 16 of 16
-
04-25-2004, 01:53 PM #1Web Hosting Evangelist
- Join Date
- Dec 2001
- Posts
- 518
Verifying that a SSL cert is installed correctly
Is there any way to verify that a SSL cert I installed is done correctly? I had to renew one, and the first time I went to the site, it prompted me to trust (or not) the source.
TerryKeep your customers in the know with www.KnownOutage.com - free alerting software that you host. Did I mention that it's free?
-
04-25-2004, 02:32 PM #2Web Hosting Master
- Join Date
- Jul 2002
- Posts
- 1,443
You can look at the cert info.
Synergy Blue LLC
SonataWeb.net | SynergyBlue.com
USA should so something about: http://www.brillig.com/debt_clock/
-
04-25-2004, 02:42 PM #3Temporarily Suspended
- Join Date
- Mar 2004
- Location
- Motorcity
- Posts
- 150
well its supposed to ask you to trust it or not isnt it ? so when you come back next time it will know.
Do you get lock icon on bottom when typing your https addy ?
-
04-25-2004, 03:41 PM #4Web Hosting Master
- Join Date
- Jan 2004
- Location
- South East U.K.
- Posts
- 1,303
Originally posted by peilo
well its supposed to ask you to trust it or not isnt it ? so when you come back next time it will know.
Do you get lock icon on bottom when typing your https addy ?
You should see the reason for asking when that box comes up.
-
04-25-2004, 06:25 PM #5Web Hosting Evangelist
- Join Date
- Dec 2001
- Posts
- 518
Got it at EV1 servers, and the cert says issued by me, to me, so it's definately not installed correctly. I'll give it another try.
Keep your customers in the know with www.KnownOutage.com - free alerting software that you host. Did I mention that it's free?
-
04-26-2004, 03:18 AM #6Web Hosting Master
- Join Date
- Jan 2004
- Location
- South East U.K.
- Posts
- 1,303
Originally posted by DSD
Got it at EV1 servers, and the cert says issued by me, to me, so it's definately not installed correctly. I'll give it another try.
p.s. are the dates correct on the certificate?
-
04-26-2004, 08:16 AM #7Web Hosting Evangelist
- Join Date
- Dec 2001
- Posts
- 518
I bought it for two years, but the cert only says that it's valid for 1 year. So I guess the dates are wrong.
Keep your customers in the know with www.KnownOutage.com - free alerting software that you host. Did I mention that it's free?
-
04-26-2004, 10:48 AM #8Web Hosting Master
- Join Date
- Jan 2004
- Location
- South East U.K.
- Posts
- 1,303
If you're referring to the certificate on the website in your sig
1) It hasn't come from a trusted authority (according to IE), not sure about others, but I tend not to trust them myself
2) It's only valid for a month
-
04-26-2004, 11:08 AM #9Web Hosting Master
- Join Date
- Jan 2004
- Location
- South East U.K.
- Posts
- 1,303
Addendum!! Just had a look at another secure site to better understand the info a certificate gives you, & it looks like you've signed this certificate yourself, I'm not sure anyone would trust that on an ecommerce site. To answer your original question, it looks like the cerificate is installed right, but it doesn't seem to be the one you bought from EV1
-
04-26-2004, 10:13 PM #10Junior Guru
- Join Date
- Jun 2002
- Location
- Sherbrooke, Québec
- Posts
- 184
Most Mozilla users should still trust the certificate given the fact that I had to tell it about 15 times that I didn't trust it before it allowed me to close the window
-
04-27-2004, 04:49 AM #11Web Hosting Master
- Join Date
- Jan 2004
- Location
- South East U.K.
- Posts
- 1,303
That's because it's putting up at least a dozen certificate 'nag' boxes, never seen that before
-
04-27-2004, 11:47 AM #12Junior Guru
- Join Date
- Jun 2002
- Location
- Sherbrooke, Québec
- Posts
- 184
I am not sure (don't remember well -- and won't get there again) but I think the images were from the HTTPS site while the actual page was on the HTTP site. Instead of loading one SSL item, it loads many.
But in my opinion the browser should only ask once in a given time frame so that you are not 'nagged' like this.
-
04-27-2004, 12:47 PM #13Web Hosting Evangelist
- Join Date
- Feb 2003
- Location
- CT
- Posts
- 484
Is it a chained ssl cert? If so it looks like the chained certificate is not installed.
-
04-29-2004, 10:09 AM #14Web Hosting Evangelist
- Join Date
- Dec 2001
- Posts
- 518
Well, it's out of the bag that it's my site.... I was just trying to save a little face.
So, I install the cert throught cpanel, and http promptly refuses to start (if I install it with my new Key from EV1).
If I don't put the Key in (where cpanel has labeled it "ca bundle - optional) the server installs my self signed cert just fine, and httpd restarts happily
Could there be a problem with the key that ev1 gave me? I tend to think that the problem is between the chair and the keyboard, but would happily accept suggestions.Keep your customers in the know with www.KnownOutage.com - free alerting software that you host. Did I mention that it's free?
-
04-29-2004, 06:27 PM #15Junior Guru Wannabe
- Join Date
- Feb 2003
- Posts
- 82
DSD - in WHM, the actual certificate file goes in the top box (that will be the bit EV1 sent you). Then fill in the account info, and CPanel will try to grab the private key for you (second box).
The final box you will only need to fill in for a chained cert (InstantSSL, ChainedSSL etc.)
Then hit 'Do It'. This should...er....do it!!
HTH
Note that CPanel can be bad sometimes and get the wrong key. You'll know if it does this if you get a 'Key modulus mismatch error' when you hit Do It.
-
05-02-2004, 09:49 PM #16Web Hosting Evangelist
- Join Date
- Dec 2001
- Posts
- 518
Thanks guys, I got everything working fine now. I was simply putting key in the wrong place.
Keep your customers in the know with www.KnownOutage.com - free alerting software that you host. Did I mention that it's free?