Article 15832 at 09/07/21 07:21:40 From: jsikes (at mark) sikesland.com Subject: [coba-e:15832] Re: Godaddy SSL problems

Index: [Article Count Order] [Thread]

Date: Mon, 20 Jul 2009 17:21:26 -0500 From: John Sikes <jsikes (at mark) sikesland.com> Subject: [coba-e:15832] Re: Godaddy SSL problems To: coba-e (at mark) bluequartz.org Message-Id: <6FC00233-A629-456A-B1AE-EE3006B56783 (at mark) sikesland.com> In-Reply-To: <09F7F03B3B0C499D9A94BA82810D17DB@OfficeKen> References: <C1400FCA-E3A2-49D6-A559-4E8A5CAB674B (at mark) sikesland.com> <09F7F03B3B0C499D9A94BA82810D17DB (at mark) OfficeKen> X-Mail-Count: 15832

----- Original Message ----- From: John Sikes
To: coba-e (at mark) bluequartz.org
Sent: Saturday, July 18, 2009 8:57 PM
Subject: [coba-e:15824] Godaddy SSL problems

I have checked in the archives and have seen a lot of issues with  
GoDaddy SSl's.  I have an vsite that has purchased one and I need to  
get it installed and working properly.   I followed the normal ssl  
install instructions from the manual and it 'kinda' works.  The  
problems appears to be with the intermediate cert.  The instructions  
state to add 3 lines to the httpd.conf file,

Open the Apache httpd.conf file and add the following directives:
SSLCertificateFile /path to certificate file/your issued certificate
SSLCertificateKeyFile /path to key file/your key file
SSLCertificateChainFile /path to intermediate certificate/null
but there instructions are for a service wide install.  I would think  
that they should be put into the correct vhost.include file for the  
vsite.  This however results in an unhappy response from apache.

Starting httpd: Syntax error on line 5 of /etc/httpd/conf.d/ 
ssl_perl.conf:
$s->add_config() has failed: SSLCertificateChainFile: file '/home/ 
sites/domain.com/gd_bundle.crt/null' does not exist or is empty at / 
usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi/Apache/ 
PerlSections.pm line 203.\n

Worse yet is web server crashes a few minutes and can not be restarted.

I commented out the changes, restarted apache and everything was as it  
was... 'kinda' working (IE is OK, Firefox does not recognize the CA).

I know that is is not a root cert, but there is not much I can do  
about that, I just need to find how to make it work at this point.

Any suggestions?

Thanks.
John Sikes
<<

John

Why don't you just install the intermediate certs from the GUI  and  
let it add the  lines to the correct conf file automatically for you.

----
Ken Marcus
Ecommerce Web Hosting by
Precision Web Hosting, Inc.
http://www.precisionweb.net

<<
Thanks for the response Ken.
That was the first thing I tried to do.
The stand alone intermediate cert file gives an error trying to import  
stating that the certificate does not contain the private key.

I contacted goDaddy directly and that is when I started to try to find  
the manual way to install the ssl.  They state that the intermediate  
file is contained in the gd_bundle.crt.  This file contains 2 certs  
and BQ didn't like it either.  My call to tech support ended with a  
polite "sorry, we can't help you".

If you have successfully used one of their SSL's and have instructions  
on installing, I would appreciate it.

John Sikes

15832_2.html (attatchment)(tag is disabled)