본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

site SSL works on Chrome, Safari, and FF for Linux and OS-X, but not FF for Windows 7 (or any Android browser)

  • 2 답장
  • 1 이 문제를 만남
  • 4 보기
  • 최종 답변자: chrysostom

more options

I am setting up a website with SSL: https://coalitionportelgin.ca The SSL connection works (and intermediate certificates are retrieved) in Chrome on Linux, OS-X, and Windows 7; ChromeOS; Firefox (18.0) on OS-X and Linux; and Safari on OS-X, iOS, and Windows.

However, I am still getting connection errors on Firefox 18.0 on Windows 7 and on all Android browsers, with "This Connection is Untrusted...because no issuer chain was provided."

This diagnostic tool shows the certificate chain is being pulled, but still reports "Unable to get the local issuer of the certificate. The issuer of a locally looked up certificate could not be found."

http://www.networking4all.com/en/support/tools/site+check/report/?fqdn=coalitionportelgin.ca&protocol=https

Intermediate certificate is installed:

$ ls /etc/ssl/certs |grep GandiStandardSSLCA.pem GandiStandardSSLCA.pem

And it is being pointed to:

$ grep -i -r "SSLCertificateChainFile" /etc/apache2/ /etc/apache2/sites-available/000-coalitionportelgin.ca-ssl: SSLCertificateChainFile /etc/ssl/certs/GandiStandardSSLCA.pem /etc/apache2/sites-enabled/000-coalitionportelgin.ca-ssl: SSLCertificateChainFile /etc/ssl/certs/GandiStandardSSLCA.pem /etc/apache2/httpd.conf: SSLCertificateChainFile /etc/ssl/certs/GandiStandardSSLCA.pem

For good measure, the intermediate and root certificates have also been appended to the server certificate.

I have followed all steps indicated by the cert provider, as well as other sources, and have spent hours troubleshooting this. I don't see anything more to be done. Is this a problem of server configuration (and if so, what?) or is this a problem that I can't do anything about?

I am setting up a website with SSL: https://coalitionportelgin.ca The SSL connection works (and intermediate certificates are retrieved) in Chrome on Linux, OS-X, and Windows 7; ChromeOS; Firefox (18.0) on OS-X and Linux; and Safari on OS-X, iOS, and Windows. However, I am still getting connection errors on Firefox 18.0 on Windows 7 and on all Android browsers, with "This Connection is Untrusted...because no issuer chain was provided." This diagnostic tool shows the certificate chain is being pulled, but still reports "Unable to get the local issuer of the certificate. The issuer of a locally looked up certificate could not be found." http://www.networking4all.com/en/support/tools/site+check/report/?fqdn=coalitionportelgin.ca&protocol=https Intermediate certificate is installed: $ ls /etc/ssl/certs |grep GandiStandardSSLCA.pem GandiStandardSSLCA.pem And it is being pointed to: $ grep -i -r "SSLCertificateChainFile" /etc/apache2/ /etc/apache2/sites-available/000-coalitionportelgin.ca-ssl: SSLCertificateChainFile /etc/ssl/certs/GandiStandardSSLCA.pem /etc/apache2/sites-enabled/000-coalitionportelgin.ca-ssl: SSLCertificateChainFile /etc/ssl/certs/GandiStandardSSLCA.pem /etc/apache2/httpd.conf: SSLCertificateChainFile /etc/ssl/certs/GandiStandardSSLCA.pem For good measure, the intermediate and root certificates have also been appended to the server certificate. I have followed all steps indicated by the cert provider, as well as other sources, and have spent hours troubleshooting this. I don't see anything more to be done. Is this a problem of server configuration (and if so, what?) or is this a problem that I can't do anything about?

모든 댓글 (2)

more options

Try to ask advice about web development at the MozillaZine "Web Development/Standards Evangelism" forum.

The helpers at that forum are more knowledgeable about web development issues.
You need to register at the MozillaZine forum site in order to post at that forum.

more options

Thanks I'll try that. I neglected to mention that the cert also works fine with IE. This is a weird problem.