Setting up a PositiveSSL Wildcard Certificate from Comodo for Apache with Trusted by Microsoft and Firefox
This gist was greatly helped by the direction in this gist:
https://gist.github.com/bradmontgomery/6487319
- Click on the padlock
- Click Connection
- Click Certificate Information
- Click Details
- Inspect the "Certificate Hierarchy"
- Work from the bottom up of the hierarchy to construct your cat command - e.g.
- *.yourdomain.com
- PositiveSSL CA 2
- AddTrust External CA Root
- UTN DATACorp SGC Root CA
You should have PositiveSSLCA2.crt and AddTrustExternalCARoot.crt in the ZIP file that was mailed to you from Comodo. Get utnaddtrustsgcca.crt from Comodo support website or here: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/897/0/intermediate-2-utnaddtrustsgcca
cat STAR_yourdomain_com.crt PositiveSSLCA2.crt AddTrustExternalCARoot.crt utnaddtrustsgcca.crt > ssl-bundle.crt
SSLEngine on
SSLCertificateFile /etc/ssl/STAR_yourdomain_com.crt
SSLCertificateKeyFile /etc/ssl/yourdomain_com.key
SSLCertificateChainFile /etc/ssl/ssl-bundle.crt
Restart apache
https://sslanalyzer.comodoca.com/?url=yourdomain.com
SSL Analyzer should now report trusted by Microsoft and Firefox correctly:
- Trusted by Microsoft? Yes
- Trusted by Firefox? Yes