4. How to fix StartSSL certificate chain errors

How to fix StartSSL certificate chain errors

  • L

    For Firefox users who get the The certificate is not trusted because no issuer chain was provided error, using a StartSSL certificate, here's a solution.

    Go to System -> Cert Manager -> Certificate Authority Manager
    Give a Descriptive Name (ie: StartSSL)
    Choose Import an existing Certificate Autority

    In the Certificate Data field, paste the text from StartSSL's Class 1 Intermediate Certificate Authority pem file.
    The file is located here: https://www.startssl.com/certs/class1/sha2/pem/sub.class1.server.sha2.ca.pem
    (I d/l it, opened it in Notepad++ and copied the contents)

    Leave the Certificate Private Key blank.
    Set your start serial number and save it.

    That's it.

    In System -> Cert Manager -> Certificate Manager you should see the cert issuer change from external to the CA Friendly name.

    Thanks to Derelict who clued me in here. -> https://forum.pfsense.org/index.php?topic=85508.0

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy