No, in that case I get ERR_SSL_PROTOCOL_ERROR
2010/9/1 Vsevolod Dyomkin vseloved@gmail.com
Hi Semion,
you can put all your certificates in one file, first root, then intermediate, then your site. It should work that way
Best regargs, Vsevolod
On Wed, Sep 1, 2010 at 2:58 PM, Semion Prihodko semion.ababo@gmail.comwrote:
The code is very simple.
;; begin of new code (cl+ssl:reload) (cl+ssl:use-certificate-chain-file "mysite.cer") ; my site (cl+ssl:use-certificate-chain-file "geotrust.cer") ; intermediate (cl+ssl:use-certificate-chain-file "geotrust+.cer") ; root ;; end of new code
(make-instance 'ssl-acceptor :ssl-certificate-file (car ssl-security) :ssl-privatekey-file (cdr ssl-security) :port (get-config-value :website-port))
2010/9/1 Hans Hübner hans.huebner@gmail.com
Semion,
can you please supply us with a minimal test case and pointers to the certificate files that you have tried?
Thanks, Hans
On Wed, Sep 1, 2010 at 12:40, Semion Prihodko semion.ababo@gmail.com wrote:
Hi guys, I built a website which runs on Hunchentoot. Now it's time to buy ssl-certificate. When I downloaded QuickSSL Trial cert I found out that
not
all the browsers accept it. After a little research I found out that
there
is another certificate must be installed. This means it's a "chain root certificate", not a "single root". But it seems Hunchentoot has no capability to work with chained certificates. CL+SSL has an interesting function called USE-CERTIFICATE-CHAIN-FILE, but when I use it before creation of my ssl-acceptor the second doesn't respond to browsers.
What can
I do in order to fix this issue? Thanks in advance. _______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel