We have problem installing the CA certificate on the Plesk server.
The error is very weird. It only appear in some computers.
Some computer works fine but some aren’t.
For example, the certificate works on all browsers in my computer, however it doesn’t work on any browsers in the accountant’s. We are both in the same network using XP.
We’ve tried all the things we found on comodo’s website.
We installed and un-installed the certificate many times using different approaches.
However, the SSL error still happened on some computers…
Please help us.
This is because Plesk wants the FULL certificate chain installed on its end. You should have received all that you needed in the ZIP file we provided. If you did not receive anything, please submit a support ticket via https://support.comodo.com and be sure to provide your order number/domain name and they’ll get to the bottom of it and get you what you need.
The error is very weird. It only appear in some computers.
It's not weird, this is how its supposed to work.
If the client can chain the certificate up to a trusted source, then no errors, otherwise you’ll see errors. Many clients such as the modern browser cache these locally for future use. You’ve probably visited a few Comodo sites before which is why you don’t see the error.
Thank you for your answer. :-TU
The problem is fixed now. It takes a day for the certificate authority cache to be refreshed in that computer.
If the client can chain the certificate up to a trusted source, then no errors, otherwise you'll see errors. Many clients such as the modern browser cache these locally for future use. You've probably visited a few Comodo sites before which is why you don't see the error.
You are right. We used certificate from another provider before. After we changed over to COMODO’s EV SSL, some of our clients’ computers seems to caching the old CA. Thus, their browsers complain that the CA is not trusted.
I also realize that the COMODO SSL seal helps the browsers to recognize COMODO SSL CA. :a0
!ot!
Here are the steps to setup the COMODO EV SSL in Apache 2 with Plesk v9.
You must create a new SSL when you have to insert the rootchain bundle file which comes with your order email. Otherwise, it complains that the CA certificate is not matching your certificate.
Then you must open up the httpd.include file for your domain and change ‘SSLCACertificateFile’ to ‘SSLCertificateChainFile’.
Next you open up the ‘SSLCertificateChainFile’ in the server and make sure there is no extra line between the certificates. Thus it looks like below.
i.e.
-----BEGIN CERTIFICATE-----
…
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
…
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
…
-----END CERTIFICATE-----
After the CA file is checked, stop and start the Apache server.
Finally, you apply the SSL Seal and the COMODO EV SSL is setup.
You can google SSL checker and use them to test if your SSL certificate is working fine. ;D
I’ve never seen or heard of that.
You are right. We used certificate from another provider before. After we changed over to COMODO's EV SSL, some of our clients' computers seems to caching the old CA. Thus, their browsers complain that the CA is not trusted.
No, this means the client (browser) can’t establish a chain of trust. The cache doesn’t matter. It’s what the server is presenting is what matters.
Here are the steps to setup the COMODO EV SSL in Apache 2 with Plesk v9.
You must create a new SSL when you have to insert the rootchain bundle file which comes with your order email. Otherwise, it complains that the CA certificate is not matching your certificate.
Then you must open up the httpd.include file for your domain and change ‘SSLCACertificateFile’ to ‘SSLCertificateChainFile’.
Next you open up the ‘SSLCertificateChainFile’ in the server and make sure there is no extra line between the certificates. Thus it looks like below.
i.e.
-----BEGIN CERTIFICATE-----
…
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
…
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
…
-----END CERTIFICATE-----
I’ve never had to do this on the thousands of Plesk servers that I have helped people set up.
You can google SSL checker and use them to test if your SSL certificate is working fine. ;D
Some of them don't work right, it's best to ask your CA if it's installed properly.