ssl problem with hiawatha

[ibuxxi]

Hallo

i install comodo PositiveSSL  but not works  only Error: Disconnected

why

how to install it works ?

Code: [Select]

sh /script/sysinfo

A. Kloxo-MR: 7.0.0.b-2014112003

B. OS: CentOS release 6.6 (Final) i686

C. Apps:
   1. MySQL: mysql55-5.5.40-1.ius.el6.i686
   2. PHP: php54-5.4.34-1.ius.el6.i686
   3. Httpd: httpd-2.2.29-1.mr.el6.i386
   4. Lighttpd: --uninstalled--
   5. Hiawatha: hiawatha-9.8.0-f.2.mr.el6.i386
   6. Nginx: --uninstalled--
   7. Cache: --uninstalled--
   8. Dns: bind-9.9.5-1.el6.i686
   9. Qmail: qmail-toaster-1.03-1.3.38.mr.el6.i386
      - with: courier-imap-toaster-4.1.2-1.3.17.mr.el6.i386

D. Php-type (for Httpd/proxy): php-fpm_event

E. Memory:
                total       used       free     shared    buffers     cached
   Mem:          1893        737       1155         47         55        386
   -/+ buffers/cache:        296       1597
   Swap:         2047          0       2047



[GentZu]

same problem

[ibuxxi]

combine .key and .crt to .pem   and works  manuell per ssh

[GentZu]

combine .key and .crt to .pem   and works  manuell per ssh

please give me details of the tutorial, I really like Hiawatha

[GentZu]

on Kloxo mr v 7 the files already joined

[ibuxxi]

look in bash   only *.pem is for hiawatha

[GentZu]

I do not understand.
instead of the key and crt files automatically created kloxomr?
and both have been joined, the first line of the .key, and the second row of the .crt

[ibuxxi]

Hello

Ok
1. create new cert in kloxo-mr 7  "SSL Certificate"
2. copy  CSR
3. make new cert in comodo
4. important you must have  domain.ca-bundle
5. set  in bash  domain.com.pem

Code: [Select]

-----BEGIN RSA PRIVATE KEY-----
[webserver private key]
-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----
comodo [webserver certificate]
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
ca-bundle [optional intermediate CA certificate]
-----END CERTIFICATE-----
reboot
check in https://www.ssllabs.com/ssltest/
and domain is A+

[GentZu]

what do you like this?
SSLcertFile = /home/admin/ssl/domain.net.pem
#RequiredCA = /home/admin/ssl/domain.net.ca

what are the results if a check here https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp
if there is no problem? my domain display error like this:
Could not Determine the primary certificate for the web server.

but if it is opened through the browser chrome and mozilla no problem

[ibuxxi]

only SSLcertFile = /home/account/ssl/domain.net.pem

https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp
Yes = Could not Determine the primary certificate for the web server.

like other  Root certificate unknown

https://www.ssllabs.com/ssltest/  say all ok

i write a support mail to comodo

[ibuxxi]

Comodo say all OK

Code: [Select]

We have done an SSL analysis with the server "mydomain.com" and found there is no trust issues with the Certificate. Please refer the following link to verify the Certificate Details.
https://sslanalyzer.comodoca.com/?url=mydomail.com

It will show as follows:
-----------------------------------------------
Trusted by Microsoft? Yes
Trusted by Mozilla? Yes
-----------------------------------------------

Please make sure that you have combined the Key and the Certificate for "SSLcertFile" in the following order.

1) Private Key
2) mydomain_com.crt
3) COMODORSADomainValidationSecureServerCA.crt
4) COMODORSAAddTrustCA.crt
5) AddTrustExternalCARoot.crt

Please let us know if you need any further assistance.


[GentZu]

same result here
but when switch to ngixproxy/lighttpdproxy symatec ssl checker display error linke this http://postimg.org/image/4ccyvw9ex/, if switch to apache only no error...
but if select hiawatha/hiawatha proxy with default config, ssl not work

[ibuxxi]

if the visitors of a site will notice nothing like this should indeed be indifferent

[GentZu]

please Mr Mustafa, need update to fix this bugs...