1

I'm using a newly issued Gandi.net SSL Certificate and while it works fine most places I get a warning/error in Google Chrome:

https://skitch.com/timharding/f2jjf/google-chrome

I've tested that the chaining is working:

http://www.sslshopper.com/ssl-checker.html#hostname=www.submitten.com

My SSL configuration looks like this:

    SSLCertificateFile    /etc/ssl/certs/submitten.com.2011.crt
    SSLCertificateKeyFile /etc/ssl/certs/submitten.com.2011.key
    SSLCACertificateFile /etc/apache2/ssl.crt/GandiStandardSSLCA.pem
    SSLVerifyClient None

As per their recommendations.

Why is Chrome flagging this problem?

Thanks.

Tim Harding
  • 195
  • 6

1 Answers1

-2

This will be because Gandi.net is not a recognised certification authority in Chrome, unfortunately there's not much you can do with that except wait and hope google accept them as a valid authority and add them to their browser. Alternatively, if you know all your users and you know which use chrome, you could manually install the certificate.

<-- edit -->

After googling a little it appears that gandi advertise Chrome support. Unless they've been revoked or they were lying about it it shouldn't be an issue, your best move is to contact gandi support and ask them about it.

Alex Berry
  • 2,307
  • 13
  • 23
  • I've put in a request with their support people and yes, they do claim Chrome compatibility. Also, there's no warning that pops up, you have to dig into the SSL information to find the error/warning. – Tim Harding Sep 12 '11 at 15:53
  • How weird, on Chrome 13.0.782.220 on windows I have no such issue, I've had a dig and can't see any errors with the certificate at all. Have you tried from a different mac? – Alex Berry Sep 12 '11 at 16:24
  • 1
    Running the same version on Mac, I get no such certificate error, either. – cjc Sep 12 '11 at 17:11