ssl import help

    • OMV 1.0
    • Resolved
    • ssl import help

      I have an ssl cert from startssl and have no idea how to import it properly. I say properly because, even though I can paste in the cert and key, I keep getting errors in some browsers (firefox and chrome)and after researhing it seems the root ca is not installed (no idea).

      I used the ssl checker at sslshopper.com/ssl-checker.html which give me this:


      Server Type: nginx
      The certificate was issued by StartCom.
      The certificate will expire in 296 days.
      The hostname is correctly listed in the certificate.
      The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following StartCom's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.


      I have tried the suggestions I found at phpbb.openmediavault.org/viewtopic.php?f=12&t=3847 and How to Import a Certificate for SSL? but, as in the first link, the output chain certificate is exactly the same as the certificate i got from startssl.

      Can anyone help please?

      Thanks
    • Fixed it myself. For anyone else having this issue just paste the normal certificate into the certificate box, and the sub.class1.server certificate straight after it (in the same box). The private key needs to be decryped which can be done on the startssl website or in the terminal with openssl.

      You need to keep the
      -----BEGIN CERTIFICATE-----
      and
      -----END CERTIFICATE-----

      for BOTH certificates.

      This also solved the connection errors I have had with my android phone too!!!
      Hope this helps others! :)
    • I'm trying to resolve the same issue, but I'm having trouble figuring out what was done to resolve it.

      My StartCom certificate has four (4) certificates in it (and I don't know why).
      Should the "Certificate" box look like this:

      Source Code

      1. -----BEGIN CERTIFICATE-----
      2. -----END CERTIFICATE-----
      3. -----BEGIN CERTIFICATE-----
      4. -----END CERTIFICATE-----
      5. -----BEGIN CERTIFICATE-----
      6. -----END CERTIFICATE-----
      7. -----BEGIN CERTIFICATE-----
      8. -----END CERTIFICATE-----
      Display All


      The "comment" section seems to need some data in it, too, and I don't know what I'm supposed to put there from the various bag attributes. All paths lead to "error." If there were an award for not being able to follow instructions, I think I'd win it.

      And while I'm here, should the "Private key" box look like this?

      Source Code

      1. -----BEGIN PRIVATE KEY-----
      2. -----END PRIVATE KEY-----