Comodo PositiveSSL Firefox
I’ve read a lot of forums and the Comodo instructions over and over, but I can’t get firefox to accept my SSL certificate. I keep getting, (Error code: secerrorunknown_issuer). Chrome and IE8 work fine, but firefox and the chrome mobile browser just don’t like it. I’m pretty sure it has something to do with the ca.bundle and that I’m just setting something up wrong.
Here’s what I’m working with:
- Ubuntu / apache server
Comodo PositiveSSL
AddTrustExternalCARoot.crt
domain_com.crt
PositiveSSLCA.crt
UTNAddTrustServerCA.crt
SSLEngine on
SSLCACertificatePath /etc/apache2/sslcerts/
SSLCertificateKeyFile /etc/apache2/sslcerts/domain.key
SSLCertificateFile /etc/apache2/sslcerts/domain.crt
SSLCertificateChainFile /etc/apache2/sslcerts/domain.ca-bundle
What exactly should be in the domain.ca-bundle and in what order? I’ve tried so many different combinations of the order in the domain.ca-bundle, but no luck. I keep reading about intermediate/chain certificate and that it must be missing or I just don’t have it setup properly. Any help would be greatly appreciated, thanks!
6 Replies
For anyone with a Comodo PositiveSSL certificate the .ca-bundle in order from top to bottom that is working for me is: AddTrustExternalCARoot.crt, UTNAddTrustServerCA.crt, PositiveSSLCA.crt