Error validating server certificate for unknown certificate issuer
The following warnings are presented by web browsers when you access a site that has a security certificate installed (for SSL/TLS data encryption) that cannot be verified by the browser.Internet Explorer: "The security certificate presented by this website was not issued by a trusted certificate authority." Firefox 3: " an invalid security certificate.
Is there still a problem validating the server's certificates? Edit: I snipped the "Acceptable client certificate CA names" because the spam detector didn't like them.
$ openssl s_client -connect otessl.verisign-grs.com:700 -key /home/ubuntu/-cert /home/ubuntu/-CAfile /home/ubuntu/-CApath /etc/ssl/certs CONNECTED(00000003) depth=3 C = US, O = "Veri Sign, Inc.", OU = Class 3 Public Primary Certification Authority verify return:1 depth=2 C = US, O = "Veri Sign, Inc.", OU = Veri Sign Trust Network, OU = "(c) 2006 Veri Sign, Inc.
Self-signed certificates aren't trusted by browsers because they are generated by your server, not by a CA.
You can tell if a certificate is self-signed if a CA is not listed in the issuer field in our SSL Certificate tester.
Please check your client certificate against the list of acceptable CAs, make sure it is not revoked and maybe do a tcpdump/wireshark to verify, that it gets actually sent to the server.