Ticket #3217 (closed defect: duplicate)
Untrusted SSL certificate on this site
Reported by: | AlexJ | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | adm | Version: | |
Keywords: | Site issue | Cc: | |
Blocked By: | Blocking: | ||
Branch state: | no branch | Votes for changeset: |
Description
Browsers complaining about untrusted SSL certificate on this site.
StartCom? chain certificate (can be downloaded here: http://www.startssl.com/certs/sub.class1.server.ca.pem) need to be installed on server otherwise issuer not recognized in browsers.
See attachment of screenshot of fresh installed firefox
Example of setup chain certificate on Apache here:
https://www.startssl.com/?app=21
Attachments
Change History
Changed 11 years ago by AlexJ
- Attachment 2014-05-21_13;05;26_Capture 'Untrusted Connection'.png added
comment:1 Changed 11 years ago by andrew_b
- Status changed from new to closed
- Resolution set to duplicate
- Milestone Future Releases deleted
Closed as duplicate of #3164.
comment:2 Changed 11 years ago by zaytsev
Okay, since this is already a second request of this type, I have added the CA certificate to the server response. Strictly speaking, this doesn't make sense, because if users don't have the CA certificate in their trust store, there is absolutely no reason to trust what I'm providing: could very well be a self-signed certificate for that matter. Also, it wastes network traffic upon negotiation.
But if it makes people happy feeling any more secure (which they of course aren't), whatever...
comment:3 Changed 10 years ago by sorin
Can we reopen this? The website is not opening in Chrome.
If you cannot keep the SSL certificate valid and monitoring, why bothering putting one, it only makes the experience worse, not to count that this will break indexing and down list the site from Google. I would not be surprised to see it delisted too.