SymptomsThe SSL certificate signed by intermediate CA and installed in the Web Space of NG Web Hosting is not trusted by browsers, although the corresponding CA certificate is installed. The certificate is not trusted because no issuer chain was provided (the CA certificate was not sent to the client).
CauseThe Apache SSL engine is not properly configured with the CA certificate.
Apply the following actions on each web server of the Shared Hosting NG cluster:
- Log in as the root via SSH to the web server.
Execute the following commands:
# touch /etc/httpd/conf.d/proxy_ajp.conf
# touch /etc/httpd/conf.d/welcome.conf
# touch /etc/httpd/conf.d/ssl.conf
Update the httpd and mod_ssl RPM packages.
# yum update httpd mod_ssl --disablerepo=\* --enablerepo=cloudlinux\*
Restart Apache service:
# /etc/init.d/httpd restart