Starfield Wildcard SSL Certificate Not Trusted in All Browsers

Posted by Austen Cameron on Server Fault See other posts from Server Fault or by Austen Cameron
Published on 2012-11-07T21:59:14Z Indexed on 2012/11/07 23:02 UTC
Read the original article Hit count: 570

Filed under:
|
|
|

I am at a loss as to what else I might try in order to debug this issue with a Starfield Wildcard SSL Certificate.

The problem is that in certain browsers (Safari or the most-updated chrome you can get for OS X 10.5.8 for example) the certificate comes up as untrusted, even on the root domain.

My server setup / background info:

  • General LAMP setup - CentOS 6.3 - on a Godaddy VPS
  • Starfield Technologies Wildcard SSL certificate
  • Installed using the instructions from godaddy's support pages
  • ssl.conf lines are basically as follows:

    SSLCertificateFile /path/to/cert/mysite.com.cert
    SSLCertificateKeyFile /path/to/cert/mysite.key
    SSLCertificateChainFile /path/to/cert/sf_bundle.crt

Everything seemingly worked fine until the other night when I noticed the problem in OS X, I assume it's more browser version related, but have only been able to replicate it on that particular machine.

What I have tried:

  • Updating sf_bundle.crt from godaddy's cert repository and Starfield's repository versions
  • Following This ServerFault answer from Jim Phares - changing the ChainFile line to sf_intermediate.crt from Starfield's repository
  • Using http://www.sslshopper.com/ssl-checker.html on my url
    • It says the domain is correctly listed on the certificate but comes up with an error that reads The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate.

What might I try next to remedy the untrusted certificate issue?

Let me know if there is any other information needed that might help debugging this issue. Thanks in advance!

© Server Fault or respective owner

Related posts about ssl

Related posts about centos6