Skip to content

Jackie Chen's IT Workshop

We are all apprentices in a craft where no one ever becomes a master.

BLOG
CONTACT
DEVOPS
LEARNING
PROJECTS
TSM
VIDEO

Incomplete certificate chain

Jackie Chen Security, WWW October 9, 2014October 13, 2014 1 Minute

There are 3 methods to test the incomplete certificate chain:

1) https://www.ssllabs.com/ssltest/analyze.html?d=example.com
The error is:
Chain issues Incomplete

2) curl -v -o /dev/null https://example.com
The error is:
* NSS error -8179 (SEC_ERROR_UNKNOWN_ISSUER)
* Peer’s Certificate issuer is not recognized.

3) openssl s_client -showcerts -verify 10 -connect example.com:443
The error is:
Verify return code: 21 (unable to verify the first certificate)

Reference:
http://en.wikipedia.org/wiki/Intermediate_certificate_authorities
https://degreesofzero.com/article/how-to-fix-missing-intermediate-ssl-certificate-errors-in-apache.html
http://curl.haxx.se/docs/sslcerts.html

Advertisement

Like this:

Like Loading...

Related

Tagged
Akamai
Security

Published by Jackie Chen

View all posts by Jackie Chen

Published October 9, 2014October 13, 2014

Post navigation

Previous Post Puppet – Configuring Storeconfigs for MySQL

Next Post Puppet push Nagios

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

Notify me of new comments via email.

Notify me of new posts via email.

Δ

Translate

Search

Search for:

Archives

Archives

Email Address:

Tags

AD Akamai Apache API Atlassian Automation AWS Backup Exec bamboo Bash Batch Script CentOS Challenge ChatOps Cisco Cloud Cluster Codebuild Confluence DAG DevOps docker Elastic Beanstalk ELB ePO EVA Exchange Fedora Foreman Git Hubot Hyper-V IAM Java Jira Kubernetes Lambda Linux Lync Nagios Nginx Nodejs OpenShift Outlook PCI PowerShell Puppet Python RDS RHEL S3 S60 V3 SAN SCOM SCVMM Security SharePoint Slack SQL Server SSM StorWize Sumologic troubleshooting Trusted Advisor TSM tsung Ubuntu vCO VCOPS VMware VPN Windows Wireless XenApp Xymon

Categories

Atlassian (73)
Bookmarks (8)
Chanllenges (3)
Citrix (12)
Cloud (164)
Linux (134)
Microsoft (96)
Mobile (7)
Monitoring (39)
Network (51)
Others (14)
Scripting (139)
Security (63)
Storage (81)
Virtualization (135)
WWW (18)

Top Posts & Pages

Nginx Sample Config of HTTP and LDAPS Reverse Proxy
Ansible example - get dictionary value
When KMS key grant is created for Lambda execution role?
TSM
ESXi Purple Screen: Two filesystems with the same UUID have been detected
Check Confluence team calendar via script
Updates to Exposed Access Keys check in Trusted Advisor
Share encrypted AMI across AWS accounts
Understanding docker directory structure
TSM for VE: FMM16014I The Return Code is 2

Recent Comments

	Use ChatGPT to check… on Why you need CodeGuru?
	AWS Config Advanced… on AWS Config Advance Queries aga…
	Gene on Fail to quiesce a virtual mach…
	Elisa Caldwell on TSM
	John on Ansible example – get di…
	RJI on Fail to quiesce a virtual mach…
	Serverless Ingress S… on Two Examples of using AWS Netw…
	Automate VPN failove… on Automate VPN connection and it…
	AWS IAM Roles Anywhe… on Setup AWS “Instance Prof…
	AWS Cost Anomaly Det… on Why QuickSight increases Cloud…

Website Powered by WordPress.com.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Follow Following
- Jackie Chen's IT Workshop
- Already have a WordPress.com account? Log in now.

%d bloggers like this: