Rodolfo Bandeira

Rodolfo Bandeira

software, electronics, security, devops, thoughts

StartCom StartSSL in Firefox error sec_error_unknown_issuer

Hi everyone!

sec_error_unknown_issuer

If you’re getting this error in your firefox with a valid ssl certificate, you should put something use the follow instructions to fix it:

From: https://www.startssl.com/?app=21

“First of all you have to load the mod_ssl module. Many distributions and packages have this module shipped by default, otherwise check the documentation of Apache how to do this.

To configure a default SSL/TLS aware virtual server, you should add at least the following lines to your httpd.conf or ssl.conf file:

LoadModule ssl_module modules/mod_ssl.so

Listen 443


DocumentRoot /home/httpd/private
ErrorLog /usr/local/apache/logs/error_log
TransferLog /usr/local/apache/logs/access_log
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

SSLCertificateFile /usr/local/apache/conf/ssl.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key
   SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem
CustomLog /usr/local/apache/logs/ssl_request_log \
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

Download the ca.pem and sub.class1.server.ca.pem for the above configuration. Make sure to change the path according to your apache installation. For windows you need to use something like c:\apache\httpd.

If you have a higher validated server certificate you need to use the class2 or class3 intermediate CA certificate.”

Last modified:

LinkedIn
WhatsApp