Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
Roma2013-09-02 12:34:55
Android
Roma, 2013-09-02 12:34:55

Android and iOS swear at ssl certificate

Colleagues, help, pliz, figure it out ...

There is a web server based on linux + apache. An ssl certificate (wildcard) signed by RapidSSL CA (upstream GeoTrust Global CA) is attached to this server.

When I go to this server from a computer (firefox, chrome, opera, opera mobile (via the android emulator)), the browser says that everything is fine, the certificate is reliable.

But if I log in with Android (any browser) and iOS, then the browsers say that the certificate was received from an untrusted certificate authority.

What can be here? Where to dig?
Maybe for Apache you need to do some additional settings?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
R
Roma, 2013-09-02
@Angel2S2

Thank you all for your help. I figured it out ... I
had to specify the file in SSLCertificateFile, in which there is only the server certificate that RapidSSL issued to me. And in SSLCACertificateFile - RapidSSLCABundle.crt, which was downloaded from the RapidSSL website (in this file, Rapid and Geotrust certificates).
I had all the certificates in SSLCertificateFile (I merged them into one file) in order - mine, rapid, geotrust. And in SSLCACertificateFile there is a standard /etc/pki/tls/certs/ca-bundle.crt (there is no rapid in it).

Report
R
Roma, 2013-09-02
@Angel2S2

Yes, all 3 certificates. Key-file is also specified.

Report
S
s1dney, 2013-09-02
@s1dney

Perhaps there are other sites on ssl at this address?

Report
K
kostarus61, 2014-09-18
@kostarus61

Angel2S2, exactly the same problem with the same certificate, I have a server with CentOS, VDS dedicated IP, one domain and one site on this IP. You can describe in more detail where to go, in which files and what needs to be registered.

Report
T
talk2me, 2016-09-23
@talk2me

To make it work on android and ios, you need to add:
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/domain.tld/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.tld/privkey.pem
+SSLCertificateChainFile /etc/letsencrypt/live/ domain.tld/chain.pem

Similar questions
I
ipokos2019-01-29 03:53:49
How to connect to MySQL (No suitable driver error)? 3Reply
S
SGorshenin2016-08-17 13:32:24
Is it possible to add In-app after publishing the app as Free? 1Reply
V
Vladimir Abramov2014-08-01 17:57:02
How to maintain order in the resources of an Android project? 2Reply
M
Michael Kim2016-08-18 02:39:38
Do I need to adapt the application for an android tablet? 2Reply
A
Alexander Vasilenko2016-08-18 12:19:52
How to exit to the main screen of the device from an application that first destroys the fragment (leaving a void), after pressing the back button? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question