Results 1 to 21 of 21
  1. #1
    Join Date
    Aug 2002
    Location
    California
    Posts
    247

    FreeSSL.com - ChainedSSL Cert

    Says it uses some fancy root c.a., but I still get "untrusted" popup, was I schwamboozled (I've got AMEX on speed dial) or do I need to install some wierd intermediate certs?
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  2. #2
    Join Date
    Aug 2001
    Location
    Canada
    Posts
    2,124

    Re: FreeSSL.com - ChainedSSL Cert

    Originally posted by Idgaf
    Says it uses some fancy root c.a., but I still get "untrusted" popup, was I schwamboozled (I've got AMEX on speed dial) or do I need to install some wierd intermediate certs?
    what browser do you use?

    same here... organisation is not trusted. interesting.
    www.idologic.com - Reseller, VPS and dedicated hosting - Friendly Customer Service - DirectAdmin - cPanel - InterWorx

  3. #3
    Join Date
    Aug 2002
    Location
    California
    Posts
    247
    IE6 and NS6 both give the same error.
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  4. #4
    I think they mention somewhere that org will not be validated!

  5. #5
    Join Date
    Aug 2002
    Location
    California
    Posts
    247
    Yet, when you click on the "demo" link, the cert don't throw any errors... that is misleading and grounds for American Express [expletive deleted] them in their eye sockets.
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  6. #6
    Join Date
    Aug 2002
    Location
    California
    Posts
    247
    Oh yeah,

    I sent support an e-mail, I'm waiting to see what they say.
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  7. #7
    Join Date
    Apr 2002
    Location
    USA
    Posts
    5,783
    Sounds like you did not install the root CA. I have the same cert on one off my servers and it works great. PM me for the URL and you can test it for yourself.

  8. #8
    Join Date
    Mar 2001
    Location
    UK
    Posts
    278
    I agree with Monte, you probably only install the cert. they given, if you are using Apache, you may need to install their root cert. bunch as well!
    Hozting.com - Professional Hosting since 2000

  9. #9
    Join Date
    Aug 2002
    Location
    California
    Posts
    247
    By install, I installed the self-signed GTE CyberTrust cert in IIS and still nothing.
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  10. #10
    Join Date
    Aug 2002
    Location
    California
    Posts
    247

    What the F?

    I can get to http://www.{somesslcertificatevendorsdomain}.com/install_ca/index.htm but not http://www.{somesslcertificatevendorsdomain}.com/install_ca/anythingelse.htm... ishnt dat veerd?
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  11. #11
    I tried installing that with Plesk but failed. Any one have successfully installed it with PSA 2.5.x ?

    Naseer
    We eDrive your Business!
    Web Hosting Solutions and Consulting Services https://www.ylinx.com
    Contact: 1 (786) 866-7745

  12. #12
    With ChainedSSL, you will get two certs. You will get an intermediary cert and the actual cert. Both have to be installed. The intermediate is the cabundle. I have two installed on a cpanel server with no problems what so ever. They work like a charm.
    Marty Hoskins
    http://tlcwe.com

  13. #13
    What about plesk? Any experiences?

    Naseer
    We eDrive your Business!
    Web Hosting Solutions and Consulting Services https://www.ylinx.com
    Contact: 1 (786) 866-7745

  14. #14
    I have no experience with plesk, but I am sure it can be done, but it would probably take some command line monkeying to customize the vhost entry to point to the intermediary cert.
    Marty Hoskins
    http://tlcwe.com

  15. #15
    Join Date
    Aug 2002
    Location
    California
    Posts
    247
    Okay, so I've installed the GTE root cert, their intermediate baltimore something or other cert and on the server, the cert path is correct GTE > Intermediate > mydomain.com.

    When I hit the secure site, I get an untrusted root message and the cert path don't include the GTE root CA or intermediate CA, what gives?!?!?!?!?
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  16. #16
    Would you pm me a link to the page that you are having the problem with. I think I know why you are having a problem, but want to make sure I am correct before I give you a *dumb* answer.
    Marty Hoskins
    http://tlcwe.com

  17. #17
    I took a closer look, I assume we are talking about th e argon blue site. 2 things:

    1) On pages that you want to call securely, get rid of the live chat link. That button image is being pulled from another server and is not pulled over ssl, so it will cause a popup every time.

    2) You bought your cert for WWW.yourdomain.com so every time you link to a page you want to call securely, you must link to it as http://WWW.yourdomain.com (capital letters are for emphasis only).
    Marty Hoskins
    http://tlcwe.com

  18. #18
    Join Date
    Aug 2002
    Location
    California
    Posts
    247
    You're not reading what I said... the certification path is different on the server and client for some ready. I understand "Do you want to display insecure items" and that I have to use the same hostname as registered in the cert, that's not the error that I get...

    On the server, it says the CA path is GTE CA \ Intermediate CA \ My Certificate and when I view the "untrusted" certificate on the client, I see My Certificate only.

    Originally posted by Marty
    I took a closer look, I assume we are talking about th e argon blue site. 2 things:

    1) On pages that you want to call securely, get rid of the live chat link. That button image is being pulled from another server and is not pulled over ssl, so it will cause a popup every time.

    2) You bought your cert for WWW.yourdomain.com so every time you link to a page you want to call securely, you must link to it as http://WWW.yourdomain.com (capital letters are for emphasis only).
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  19. #19
    Okay, I see it now. I swear, though, when I checked it in Mozilla, I only got the other errors, not the untrusted cert error. There is something still wrong with the install that is preventing IE 5.5, at least, from recognizing the intermediary. I am not sure what it could be except that the ca bundle is not installed correctly.

    Are you on a cpanel server or ???

    I am not sure I can help much more without access to the server and a copy of the private key that was generated with the csr and the email that you received that contained your cert, which I am not so bold as to ask for that.
    Marty Hoskins
    http://tlcwe.com

  20. #20
    Join Date
    Aug 2002
    Location
    California
    Posts
    247
    IIS 5.0

    I followed their instructions to a T
    argonblue.com | sales | 800.710.8004
    LA Grand Avenue, Rancho Cordova, cages, racks and power plus HE Fremont cabinets available!

  21. #21
    eeeek!. Then I have no idea what to do!
    Marty Hoskins
    http://tlcwe.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •