Wednesday, January 7, 2009

sec_error_unknown_issuer

A users reported, he had problems with my https sites.

He got the following error:
Secure Connection Failed

The certificate is not trusted because the issuer certificate is unknown.

(Error code: sec_error_unknown_issuer)


I checked in IE7 and FF3, but it worked for me fine.
I also got a screenshot and I assumed the user has FF2.
So I fired on old XP, SP2 virtual machine, installed FF2 and could reproduce the error.

Then I installed FF3 on the VM, and it also had problems.
So I figured, if I updated the machine it will install the root certificate update and the problem would be solved, but I just did not find this a good solution, so I investigated further.

I found out that I missed the issuers intermediate certificate installation on my server. So I did it, and the error disappeared on the unpatched machine as well.

I just had to insert the following in one of the virtual servers configuration:

SSLCertificateChainFile /path/to/intermediate/bundle/file

No comments: