SSL Startcom Class 1 - website - issue

Discussion in 'Installation/Configuration' started by thibotus01, Aug 7, 2015.

  1. thibotus01

    thibotus01 Member


    I can't make my SSL cert. works with a website.
    My SSL works fine on a NAS Synology (see pic below), subdomain, so my private key is already working fine.

    • [​IMG]
    • [​IMG]

    What I did: I exported the cert from my NAS.

    Then I got:


    I put the content into there:

    • [​IMG]

    Here the SSL result on my top domain:
    I don't even know where the "test" is coming from...

    • [​IMG]
  2. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    Did you save your new cert?
  3. thibotus01

    thibotus01 Member

    In the "SSL Action" ? Yep.
  4. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    You cert expires in 2024. This is not a class 1 cert from startssl.
  5. thibotus01

    thibotus01 Member

    I know and it is not my cert. I don't know why it shows up those infos.

    I checked in vhost file in /etc/apache2/sites-enabled/
    I only have:

        <IfModule mod_ssl.c>
            SSLEngine on
            SSLProtocol All -SSLv2 -SSLv3
            SSLCertificateFile /var/www/clients/client0/web2/ssl/
            SSLCertificateKeyFile /var/www/clients/client0/web2/ssl/
            SSLCACertificateFile /var/www/clients/client0/web2/ssl/
  6. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    Are the SSL-Files identical to the filelds in the interface? Maybe your export a wrong cert or your nas just creates a self-signed-cert during export.
  7. thibotus01

    thibotus01 Member

    Ok I used the wrong files.
    the NAS export: ca.key, ca.crt, server.key, server-ca.crt, server.crt

    Had to use server.* files

    So now in Chrome I don't have any warning which is odd, but Firefox tells me that the issuer is unknown and I have to make an exception blabla...

    "Authority unknown."
    "The server maybe doesn't send the appropriate intermediate certificates."
    "You May need to import additional certificates."

  8. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    You can empty your ff-cache and check, that you use the right bundle from startssl.
  9. thibotus01

    thibotus01 Member

    I past again the bundle from startssl, working fine now :) No more alerts! Thanks :) :)

    I now have to deal with "mixed content".
    Also Firefox shows a warning icon stating that the website doesn't give any information about the owner.
    Can this be fixed with a StartSSL Class 1?
  10. thibotus01

    thibotus01 Member

    Ok, I fixed the mixed content issue and it also removed the warning icon. So it's all good :)

    Hope this thread will help future users.

Share This Page