perelandra
You have provided very little and quite non specific information, the old "help it doesn't work" syndrome.
If I'm interpreting your problem correctly, [...]
Hi Ray!
I must admit, that my posting is kind of confusing...
I just quoted the point where Jay tells us about the sucessfull install of a GoDady Certificate and that it ALL works - EXCEPT with some Emailclients which do not seem "to like the end result":
In Outlook it says "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider."
Thunderbird is a little less specific.... and remember.... IE and Firefox are fine with this. So it's like the chain is properly installed.... but the email clients don't like the end result.
Now,... this is exactly my point, too. And to make it a bit clearer for the readers: I installed a Multiple Domains Cert incl. a chain cert and it works "like a charm" (see:
http://forums.contribs.org/index.php?topic=39310.0 ) except the odd email warning Jay describes...
To bring it down to two questions:
- Do I have to edit /etc/httpd/conf.d/ssl.conf and comment out the ChainFile path OR
- Do I just need to tell the db the correct settings through
config setprop modSSL CertificateChainFile /usr/share/ssl/certs/gd_intermediate_bundle.crt
OR
- Do I have to do BOTH?
And: could it be, that some Emailclients are missinterpreting the Certificate Chain, if one (or two or all three) of the settings pointed out above is not set (properly)?
Or (what would relax me a bit) is it a client specific thing? Though the most of the clients warn me: Thunderbird, Outlook, OE (on WIN2K but not on XP), Sylpheed, Evolution. So I assume it's not a client specific thing.
btw: I searched a lot and I picked up this old thread because it outlines excactly which problem I have, but i doesn't solve it - yet!
Thanks for listening...