Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

SSL certificate doesn't work in FF only. It says "The certificate is not trusted because no issuer chain was provided."

  • 6 antwoorde
  • 7 hierdie probleem
  • 28 views
  • Laaste antwoord deur cor-el

more options

It is suggested here (https://support.mozilla.org/en-US/questions/1021610) to check the website on networking4all.com I performed the check and the results are pretty fine. See below: http://www.networking4all.com/en/support/tools/site+check/report/?fqdn=happydemics.com&protocol=https

But Firefox still says it is untrusted. What's wrong with the certificate?

It is suggested here (https://support.mozilla.org/en-US/questions/1021610) to check the website on networking4all.com I performed the check and the results are pretty fine. See below: http://www.networking4all.com/en/support/tools/site+check/report/?fqdn=happydemics.com&protocol=https But Firefox still says it is untrusted. What's wrong with the certificate?

Gekose oplossing

All Replies (6)

more options

hello rocketblr, the site isn't providing a full certificate chain that links the intermediate certificate that it uses to the root certificate trusted by the browser: https://www.ssllabs.com/ssltest/analyze.html?d=happydemics.com&hideResults=on&latest (in this case it will depend on chance/if you have visited another site which used and implemented the same intermediate certificate properly).

please report that issue to the webmasters of this particular site... http://wiki.gandi.net/en/ssl/faq#what_is_an_intermediate_ssl_certificate

more options

Many thanks for a quick reply.

So the issue is on Gandi side? Did I get it right?

more options

no the issue is with happydemics.com and how they are presenting their certificate - in essence that website should signal this to the browser: i'm signed by Gandi Standard SSL CA, which is in turn signed by USERTrust RSA Certification Authority, which is signed by AddTrust External CA Root, which is already trusted by the browser (a complete chain between the site's certificate and the root ca trusted by the browser)!

however the site at the moment just says: i'm signed by Gandi Standard SSL CA (which is no particular authority that firefox would trust out of the box).

more options

But Gandi provided only their intermediate certificate. Where can we download USERTrust and AddTrust certificates and add them to combined crt? Is it possible?

more options

they appear to provide all certs of the chain at http://wiki.gandi.net/en/ssl/intermediate (you don't need AddTrust since this is included in the browser already). if you are having trouble installing them on your server (i don't know the details about that), please contact the support of the certificate's vendor.

more options

Gekose oplossing

You can find a link to download the two certificates on this page:

Gandi Standard SSL CA 2: