Firefox RapidSSL certificate problem
- # www.fduran.com
- For RapidSSL certificates Firefox warns "The certificate is not trusted because the issuer certificate is unknown.".
- The issue seems to be that RapidSSL has introduced recently a <a href="https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AD239">new intermediate certificate authority</a>.
- The site's certificate can be tested from <a href="https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=SO9556&actp=LIST&viewlocale=en_US">this page<a/> of theirs.
- That shows rror: "Invalid Chain, example.com failed for the following reasons: The intermediate CA certificate cannot be found for the following certificate chain.".
- The solution is to add this new RappidSSL intermediate certificate to the server.
- Add to the Apache SSL configuration (ex /etc/apache2/sites-enabled/default-ssl ) the directive:
- SSLCACertificateFile /etc/apache2/ssl.crt/intermediate.crt
- and copy the contents of <a href="https://knowledge.rapidssl.com/library/VERISIGN/ALL_OTHER/RapidSSL%20Intermediate/RapidSSL_CA_bundle.pem into that new file /etc/apache2/ssl.crt/intermediate.crt ">their intermediate certificate</a>
- Restart apache (/etc/init.d/apache2 restart)
RAW Paste Data