none
Does someone experienced problems (not working in old IE versions, in latest Opera and not validating in some SSL validators) with SSL certificates which was ordered using CSRs generated by new SSL module?

    Pregunta

  • Hello,

    Does someone experienced problems (not working in old IE versions, in latest Opera and not validating in some SSL validators) with SSL certificates which was ordered using CSRs generated by new SSL module? I had few issues where SSL certificates which was orderd using CSR generated by WSP SSL module where somehow broken and then worked correctly under latest IE, Chrome and Firefox but not worked in Opera and part of SSL validators where returning errors. Additional when I tried to use w3c validator on secured by this certificates website w3c validator form was returning 500 SSL Negotiation Failed. When I've reissued the same certificate using the same data which was provided to generate CSR from WSP but this time I used IIS Manager to generate CSR certificate was working correctly. This situation happend to me about 5 times and everytime solution for problem was the same (generating CSR from IIS Manager instead of WSP). This is very weird issue and I would like to confirm if someone experienced similar problem.

    Regards

    jueves, 29 de septiembre de 2011 19:56

Todas las respuestas

  • This is an issue with the SSL module in websitepanel. Has to be, there is too much proof to go against it.

    We have complaints almost daily. We have had no choice but to disable the SSL feature. No point, gives the users headaches, this is just sad. And of coarse the WSP team is non existent so I doubt this will be fixed.

    I have changed between 32 and 64bit, it makes no difference.

    Tested a blank fresh installation locally, no difference. The SSL manager in WSP simply does not allow for the SSL 3.0, 2.0+ and TLS 1.1 / 1.2 protocols to work.

    • Editado echoDreamz sábado, 08 de octubre de 2011 4:45
    sábado, 08 de octubre de 2011 4:41
  • Also tested Plesk. Its SSL manager generates proper CSR requests etc. that allow SSL 3.0 and TLS 1.1 and higher to work.
    lunes, 10 de octubre de 2011 16:06