Estoy intentando instalar un certificado Thawte SSL123 en OS X 10.8.5, pero tengo una dificultad. Si bien el certificado y los intermedios parecen estar instalados sin ningún error, la ejecución del informe Qualys SSL Labs genera un mensaje "Cadena de problemas que contiene el ancla". Ejecutando openssl s_client -showcerts -connect externalcortex.com:443 el comando muestra un duplicado (ver más abajo)
Cualquier ayuda sería muy apreciada!
CONNECTED(00000003)
depth=3 /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected]
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/OU=Go to https://www.thawte.com/repository/index.html/OU=Thawte SSL123 certificate/OU=Domain Validated/CN=externalcortex.com
i:/C=US/O=Thawte, Inc./OU=Domain Validated SSL/CN=Thawte DV SSL CA
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
1 s:/OU=Go to https://www.thawte.com/repository/index.html/OU=Thawte SSL123 certificate/OU=Domain Validated/CN=externalcortex.com
i:/C=US/O=Thawte, Inc./OU=Domain Validated SSL/CN=Thawte DV SSL CA
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
2 s:/C=US/O=Thawte, Inc./OU=Domain Validated SSL/CN=Thawte DV SSL CA
i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
3 s:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
i:/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected]
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
4 s:/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected]
i:/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected]
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
---
Server certificate
subject=/OU=Go to https://www.thawte.com/repository/index.html/OU=Thawte SSL123 certificate/OU=Domain Validated/CN=externalcortex.com
issuer=/C=US/O=Thawte, Inc./OU=Domain Validated SSL/CN=Thawte DV SSL CA
---
No client certificate CA names sent
---
SSL handshake has read 6318 bytes and written 328 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: C88DB986D7A10D5FB17737D335153FF382E61A8564348235746A23B484E5630A
Session-ID-ctx:
Master-Key: CDA9E6D3FC8E8E5D7CCA7D3240FCA8E4BECFF3381064AFFE130B2E9DC2E0B471CC01D3C41E22792 5CB8197349606E047
Key-Arg : None
Start Time: 1381459203
Timeout : 300 (sec)
Verify return code: 0 (ok)
---