Hi,
We use Comodo InstantSSL for some of our domains.
I'd simply upload the crt to /conf/cert where the key is too, then give the SSl Private Key File, Certificate File and leave Chained No.
That then works fine for almost everybody.
But every now and then, some people say they get warnings about it being insecure. Probably those on a tightly secured network.
This tool confirms that:
http://www.sslshopper.com/ssl-checker.html
Note the link to Comodo's Apache OpenSSL instructions:
https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=264&nav=0,96,1,88
SO ideally, we'd use the ca-bundle file Comodo send along with the CRT.
Before using Litespeed, indeed this worked in Apache:
But I can't get that to work in Litespeed.
If I upload the ca-bundle file in the same /conf/cert directory where the site's key and crt are, then say Chained Certificate - Yes, CA Certificate Path = $SERVER_ROOT/conf/cert/ and CA Certificate File = $SERVER_ROOT/conf/cert/yourSERVERNAME.ca-bundle
I restart LSWS and then that tool, and the browser thinks no SSL has been installed.
I don't understand the explanation of CA Certiticate Path and File either.
How can I use Comodo's chained bundle?
We use Comodo InstantSSL for some of our domains.
I'd simply upload the crt to /conf/cert where the key is too, then give the SSl Private Key File, Certificate File and leave Chained No.
That then works fine for almost everybody.
But every now and then, some people say they get warnings about it being insecure. Probably those on a tightly secured network.
This tool confirms that:
http://www.sslshopper.com/ssl-checker.html
The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following Comodo's Certificate Installation Instructions for your server platform (use these instructions for InstantSSL). Pay attention to the parts about Intermediate certificates.
https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=264&nav=0,96,1,88
SO ideally, we'd use the ca-bundle file Comodo send along with the CRT.
Before using Litespeed, indeed this worked in Apache:
Code:
SSLCertificateChainFile /etc/ssl/crt/yourSERVERNAME.ca-bundle
If I upload the ca-bundle file in the same /conf/cert directory where the site's key and crt are, then say Chained Certificate - Yes, CA Certificate Path = $SERVER_ROOT/conf/cert/ and CA Certificate File = $SERVER_ROOT/conf/cert/yourSERVERNAME.ca-bundle
I restart LSWS and then that tool, and the browser thinks no SSL has been installed.
I don't understand the explanation of CA Certiticate Path and File either.
How can I use Comodo's chained bundle?
Last edited by a moderator: