Re: [users@httpd] Cannot get certificate chain to work.

On 10/10/14 19:00, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 dE, On 10/10/14 6:30 AM, dE wrote: On 10/09/14 23:47, Christopher Schultz wrote: De, On 10/7/14 11:27 PM, dE wrote: $ openssl x509 -noout -in server.pem -text Certificate: Data: Version: 1 (0x0) Ser

Re: [users@httpd] Cannot get certificate chain to work.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 dE, On 10/10/14 6:30 AM, dE wrote: > On 10/09/14 23:47, Christopher Schultz wrote: De, > > On 10/7/14 11:27 PM, dE wrote: $ openssl x509 -noout -in server.pem -text Certificate: Data: Version: 1 (0x0) Serial Number: 13192573755114198537

Re: [users@httpd] Cannot get certificate chain to work.

On 10/09/14 23:47, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 De, On 10/7/14 11:27 PM, dE wrote: $ openssl x509 -noout -in server.pem -text Certificate: Data: Version: 1 (0x0) Serial Number: 13192573755114198537 (0xb7156feedab91609) Signature Algorithm: sha1With

Re: [users@httpd] Cannot get certificate chain to work.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 De, On 10/7/14 11:27 PM, dE wrote: > $ openssl x509 -noout -in server.pem -text Certificate: Data: > Version: 1 (0x0) Serial Number: 13192573755114198537 > (0xb7156feedab91609) Signature Algorithm: sha1WithRSAEncryption > Issuer: C=AU, ST=Some-St

Re: [users@httpd] Cannot get certificate chain to work.

On 10/09/14 03:29, Igor Cicimov wrote: On 09/10/2014 3:46 AM, "dE" > wrote: > > On 10/08/14 21:36, Eric Covener wrote: >> >> >> On Wed, Oct 8, 2014 at 12:00 PM, dE > wrote: >>> >>> intermediate.pem must get installed automatically in the

Re: [users@httpd] Cannot get certificate chain to work.

On 09/10/2014 3:46 AM, "dE" wrote: > > On 10/08/14 21:36, Eric Covener wrote: >> >> >> On Wed, Oct 8, 2014 at 12:00 PM, dE wrote: >>> >>> intermediate.pem must get installed automatically in the browsers (at least in FF), but instead these browsers don't see the certificate. >> >> >> ​No, servers

Re: [users@httpd] Cannot get certificate chain to work.

On 10/08/14 21:36, Eric Covener wrote: On Wed, Oct 8, 2014 at 12:00 PM, dE > wrote: intermediate.pem must get installed automatically in the browsers (at least in FF), but instead these browsers don't see the certificate. ​No, servers are expected to t

Re: [users@httpd] Cannot get certificate chain to work.

On Wed, Oct 8, 2014 at 12:00 PM, dE wrote: > intermediate.pem must get installed automatically in the browsers (at > least in FF), but instead these browsers don't see the certificate. ​No, servers are expected to transmit the intermediate certificates.

Re: [users@httpd] Cannot get certificate chain to work.

On 10/08/14 17:53, Igor Cicimov wrote: On 08/10/2014 9:16 PM, "dE" > wrote: > > On 10/08/14 14:33, Igor Cicimov wrote: >> >> >> >> On Wed, Oct 8, 2014 at 6:03 PM, dE > wrote: >>> >>> On 10/08/14 10:18, Igor Cicimov wrote: On We

Re: [users@httpd] Cannot get certificate chain to work.

On 08/10/2014 9:16 PM, "dE" wrote: > > On 10/08/14 14:33, Igor Cicimov wrote: >> >> >> >> On Wed, Oct 8, 2014 at 6:03 PM, dE wrote: >>> >>> On 10/08/14 10:18, Igor Cicimov wrote: On Wed, Oct 8, 2014 at 2:27 PM, dE wrote: > > On 10/08/14 05:18, Igor Cicimov wrote: >> >>

Re: [users@httpd] Cannot get certificate chain to work.

On 10/08/14 14:33, Igor Cicimov wrote: On Wed, Oct 8, 2014 at 6:03 PM, dE > wrote: On 10/08/14 10:18, Igor Cicimov wrote: On Wed, Oct 8, 2014 at 2:27 PM, dE mailto:de.tec...@gmail.com>> wrote: On 10/08/14 05:18, Igor Cicimov wrote: On We

Re: [users@httpd] Cannot get certificate chain to work.

On 10/08/14 14:35, Igor Cicimov wrote: On Wed, Oct 8, 2014 at 6:05 PM, dE > wrote: On 10/08/14 10:19, Igor Cicimov wrote: You can find more about openssl tool set here: https://www.openssl.org/docs/apps/s_client.html, its perfect for

Re: [users@httpd] Cannot get certificate chain to work.

On Wed, Oct 8, 2014 at 6:05 PM, dE wrote: > On 10/08/14 10:19, Igor Cicimov wrote: > > > >> You can find more about openssl tool set here: >> https://www.openssl.org/docs/apps/s_client.html, its perfect for ssl >> troubleshooting. >> >> By the way, did you import the CA_chain.pem in the brows

Re: [users@httpd] Cannot get certificate chain to work.

On Wed, Oct 8, 2014 at 6:03 PM, dE wrote: > On 10/08/14 10:18, Igor Cicimov wrote: > > On Wed, Oct 8, 2014 at 2:27 PM, dE wrote: > >> On 10/08/14 05:18, Igor Cicimov wrote: >> >> >> On Wed, Oct 8, 2014 at 1:59 AM, dE wrote: >> >>> On 10/07/14 18:12, Igor Cicimov wrote: >>> >>> >>> >>> On

Re: [users@httpd] Cannot get certificate chain to work.

On 10/08/14 10:19, Igor Cicimov wrote: You can find more about openssl tool set here: https://www.openssl.org/docs/apps/s_client.html, its perfect for ssl troubleshooting. By the way, did you import the CA_chain.pem in the browsers? I thought browser only needs to have the self

Re: [users@httpd] Cannot get certificate chain to work.

On 10/08/14 10:18, Igor Cicimov wrote: On Wed, Oct 8, 2014 at 2:27 PM, dE > wrote: On 10/08/14 05:18, Igor Cicimov wrote: On Wed, Oct 8, 2014 at 1:59 AM, dE mailto:de.tec...@gmail.com>> wrote: On 10/07/14 18:12, Igor Cicimov wrote: On Tue

Re: [users@httpd] Cannot get certificate chain to work.

> > You can find more about openssl tool set here: > https://www.openssl.org/docs/apps/s_client.html, its perfect for ssl > troubleshooting. > > By the way, did you import the CA_chain.pem in the browsers?

Re: [users@httpd] Cannot get certificate chain to work.

On Wed, Oct 8, 2014 at 2:27 PM, dE wrote: > On 10/08/14 05:18, Igor Cicimov wrote: > > > On Wed, Oct 8, 2014 at 1:59 AM, dE wrote: > >> On 10/07/14 18:12, Igor Cicimov wrote: >> >> >> >> On Tue, Oct 7, 2014 at 2:51 AM, dE wrote: >> >>> Hi. >>> >>> I'm in a situation where I got 3 certificate

Re: [users@httpd] Cannot get certificate chain to work.

On 10/08/14 05:18, Igor Cicimov wrote: On Wed, Oct 8, 2014 at 1:59 AM, dE > wrote: On 10/07/14 18:12, Igor Cicimov wrote: On Tue, Oct 7, 2014 at 2:51 AM, dE mailto:de.tec...@gmail.com>> wrote: Hi. I'm in a situation where I got 3 certifi

Re: [users@httpd] Cannot get certificate chain to work.

On Wed, Oct 8, 2014 at 1:59 AM, dE wrote: > On 10/07/14 18:12, Igor Cicimov wrote: > > > > On Tue, Oct 7, 2014 at 2:51 AM, dE wrote: > >> Hi. >> >> I'm in a situation where I got 3 certificates >> >> server.pem -- the end user certificate which's sent by the server to the >> client. >> intermed

Re: [users@httpd] Cannot get certificate chain to work.

changelog in 2.4.8 " *) mod_ssl: Remove the hardcoded algorithm-type dependency for the SSLCertificateFile and SSLCertificateKeyFile directives, to enable future algorithm agility, and deprecate the SSLCertificateChainFile directive (obsoleted by SSLCertificateFile). [Kaspar Brand]

Re: [users@httpd] Cannot get certificate chain to work.

On 10/07/14 22:42, Daniel wrote: SSLCertificateChainFile is deprecated in 2.4 in favour of SSLCaCertificateFile 2014-10-07 16:59 GMT+02:00 dE >: On 10/07/14 18:12, Igor Cicimov wrote: On Tue, Oct 7, 2014 at 2:51 AM, dE mailto:de.tec...@gmail.com>> wrote:

Re: [users@httpd] Cannot get certificate chain to work.

SSLCertificateChainFile is deprecated in 2.4 in favour of SSLCaCertificateFile 2014-10-07 16:59 GMT+02:00 dE : > On 10/07/14 18:12, Igor Cicimov wrote: > > > > On Tue, Oct 7, 2014 at 2:51 AM, dE wrote: > >> Hi. >> >> I'm in a situation where I got 3 certificates >> >> server.pem -- the end user

Re: [users@httpd] Cannot get certificate chain to work.

On 10/07/14 18:12, Igor Cicimov wrote: On Tue, Oct 7, 2014 at 2:51 AM, dE > wrote: Hi. I'm in a situation where I got 3 certificates server.pem -- the end user certificate which's sent by the server to the client. intermediate.pem -- server.pe

Re: [users@httpd] Cannot get certificate chain to work.

On Tue, Oct 7, 2014 at 2:51 AM, dE wrote: > Hi. > > I'm in a situation where I got 3 certificates > > server.pem -- the end user certificate which's sent by the server to the > client. > intermediate.pem -- server.pem is signed by intermediate.pem's private key. > issuer.pem -- intermediate.pem i

Re: [users@httpd] Cannot get certificate chain to work.

On 10/06/14 22:26, Daniel wrote: I found myself in a similar situation and I couldn't find the reason but I did find a workaround. To work around this, make a pkcs12 file with all files in it, your private key and the whole chain up until the root CA certificate, then extract them back out fr

Re: [users@httpd] Cannot get certificate chain to work.

I found myself in a similar situation and I couldn't find the reason but I did find a workaround. To work around this, make a pkcs12 file with all files in it, your private key and the whole chain up until the root CA certificate, then extract them back out from that pkcs12, using the extracted fi

[users@httpd] Cannot get certificate chain to work.

Hi. I'm in a situation where I got 3 certificates server.pem -- the end user certificate which's sent by the server to the client. intermediate.pem -- server.pem is signed by intermediate.pem's private key. issuer.pem -- intermediate.pem is signed by issuer.pem's private key. combined.pem is