Robin, Be sure Verisign's 'root' certificate is installed in your browser's certificate store - this is probably already done by default.
Then, verify what this is pointing to (from your own log file): Unable to read server certificate from file /etc/apache2/secure.canadaeast.com.public.crt Verify that your apache config file doesn't have one of the 'alternate' certificate pointer directives activated. Various configurations 'bundle' certs together in concatenated form, for example. Be sure also that your VerifyDepth is set appropriately... Looks like a depth of at least 3 levels to me. ----- Original Message ----- From: "Robin" <diilbert.atlan...@gmail.com> To: modssl-users@modssl.org Sent: Monday, July 27, 2009 3:25:53 PM GMT -05:00 US/Canada Eastern Subject: Issue setting up a Verisign certificate I have generated a CSR, sent it to Verisign and they sent me back a cer file that I have renamed to public.crt. As per their support instructions I installed their Intermediate CA (https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR193) My virtualhost configuration is as follows: SSLEngine on SSLCertificateFile /etc/apache2/public.crt SSLCertificateKeyFile /etc/apache2/private.key SSLCACertificateFile /etc/apache2/interm.crt I am getting this error when trying to start Apache: [Mon Jul 27 16:05:07 2009] [error] Init: Unable to read server certificate from file /etc/apache2/secure.canadaeast.com.public.crt [Mon Jul 27 16:05:07 2009] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Mon Jul 27 16:05:07 2009] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error Any thoughts, because I am at a loss and am not interested in wait on how 35 minutes to speak to their support people. Thanks! ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager majord...@modssl.org
