I am at a loss as to what else I might try in order to debug this issue with a Starfield Wildcard SSL Certificate.
The problem is that in certain browsers (Safari or the most-updated chrome you can get for OS X 10.5.8 for example) the certificate comes up as untrusted, even on the root domain.
My server setup / background info:
- General LAMP setup - CentOS 6.3 - on a Godaddy VPS
- Starfield Technologies Wildcard SSL certificate
- Installed using the instructions from godaddy's support pages
ssl.conf lines are basically as follows:
SSLCertificateFile /path/to/cert/mysite.com.cert
SSLCertificateKeyFile /path/to/cert/mysite.key
SSLCertificateChainFile /path/to/cert/sf_bundle.crt
Everything seemingly worked fine until the other night when I noticed the problem in OS X, I assume it's more browser version related, but have only been able to replicate it on that particular machine.
What I have tried:
- Updating sf_bundle.crt from godaddy's cert repository and Starfield's repository versions
- Following This ServerFault answer from Jim Phares - changing the ChainFile line to sf_intermediate.crt from Starfield's repository
- Using http://www.sslshopper.com/ssl-checker.html on my url
- It says the domain is correctly listed on the certificate but comes up with an error that reads The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate.
What might I try next to remedy the untrusted certificate issue?
Let me know if there is any other information needed that might help debugging this issue. Thanks in advance!
Solution:
My problem ended up being that I had forgotten to add the SSLCertificateChainFile line to the virtual host(s) in my httpd.conf and had only been editing those lines in ssl.conf instead, thanks for all the suggestions!