At the checkout stage, users are getting the pop up message: Safari can’t verify the identity of the the website www.flooringsupplies.co.uk (screen shots attached)
Can anyone shed any light on how we can rectify this?
The certificate is not trusted because the issuer certificate is unknown.
(Error code: sec_error_unknown_issuer)
* This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.
* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.
I passed the info along to our hosting company, but they think the issue may be more localised to Safari/Mac and IIS7 as there doesn’t seem to be any problems with IE and Windows OS viewing the pages.
It is not. I can tell you this, by using OpenSSL’s s_client command and connecting to your server. Not to mention you’re using the wrong certificate. You should be using the InstantSSL, but your server shows you’re using the Essential.
Here’s what your server is showing us…
Certificate chain
0 s:/OU=Domain Control Validated/OU=EssentialSSL/CN=www.flooringsupplies.co.uk
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=EssentialSSL CA
This is not what the InstantSSL chain looks like. There should be two certs in total presented.
Can I ask where InstantSSL comes into play, we wish to use the EssentialSSL cert we purchased, and not use the InstantSSL cert which was for a server that is now redundant.
The most recent order on our system is for the InstantSSL. This much I can see. This is why I pointed it out to begin with.
At any rate the certificate is not fully installed. The server is still not presenting the appropriate certificate chain for the Essential certificate. (as shown above)
famous last words! I have had a user call to say our site appears insecure when using IE7. I cannot replicate this error though, even on a clean vista install with IE7 or IE8 RC1.
Would Comodo be able to check once more that the certs are installed correctly.
Certificate chain
0 s:/OU=Domain Control Validated/OU=EssentialSSL/CN=www.flooringsupplies.co.uk
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=EssentialSSL CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=EssentialSSL CA
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority
Problem seems to be that your server took on a root certificate update which is a known problem with using IIS. That or someone changed how the certificate was installed. At any rate, the certificate is not chaining up appropriately. Please remove “Comodo Certification Authority” from the Root Certificate store and re-install the Root and Intermediates using the the KB article previously outlined in “Root and Intermediate Certificate installation via MMC”.
I have at this time re-sent you the certificates needed to fully install the certificate.