I'm starting an app on openshift. I've purchased comodo positive ssl from namecheap and followed the instructions to install on openshift. It works fine on desktop browsers but i get the following "not trusted" error on android browsers. I have not tried IOS.
i uploaded following files to openshift:
stylistcity_com.crt
server.key
Other files i have that were not used include:
Any help would be appreciated.
Thanks to @stenwt from the openshift irc channel, It finally work. Here is what i did.
cat mycert.crt cacert.ca > myapp.pem; rhc alias update-cert appname www.domain.com --certificate myapp.pem --private-key myapp.key --passphrase 'mypass'
You have to add the intermediate certificate(s) (the other *.crt) too, because otherwise the browser is not able to verify the certificate chain up to the builtin trusted CA. The only reason that the verification with the desktop browsers succeed is because you already visited sites which use the same intermediate certificates and the browser cached them. If you would use a fresh browser setup (or a new profile with firefox) verification would there fail too.
Had a bit of trouble with the method that worked for OP. For PositiveSSL, on OpenShift, this worked for me:
cat mydomain_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt
rhc alias update-cert myappname www.mydomain.com --certificate ssl-bundle.crt --private-key mydomain_com.key --passphrase 'mypassphrase'
Replace mydomain_com.crt with your main domain cert from Comodo
Replace myappname with your OpenShift app name
Replace www.mydomain.com with your domain alias (the one on OpenShift for your app)
Replace mydomain_com.key with the filename for your private key
Replace mypassphrase with your SSL passphrase
I've opened certificate.ca.crt and certificate.crt, with conTEXT editor, I copied the contents of certificate.crt and have pasted to the principle of certificate.ca.crt and have saved as certificate.pem, after I've uploaded to OpenShift web console, in SSL certificate *, the first box. Fixed !!
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/vqgQi.png', '推荐 疯言疯语 的文章《https security certificate not trusted error on mo》','https://www.manongdao.com/article-744097.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}