我剛剛安裝了由Thawtes提供的中間證書,併爲我們的網絡中安裝了SSL證書的網站位於我們的網絡後面,這些網站位於一系列防火牆之後。該組織的證書已被撤銷
dns查找只是一個內部查詢。
我已經在本地運行了由Thawte提供的測試驗證服務,它的響應成功。
尚未嘗試通過https://訪問該網站,說該組織的證書已被吊銷。
如果我禁用Firefox中的在線證書狀態協議,我可以查看我的網站,但顯然這不是一個選項。
有沒有人遇到過這個問題? 這是由於我完全內部並且SSL提供商無法看到我的網站嗎?
需要幫助瞭解發生了什麼問題。
這是從檢驗器的輸出:
test.elife.co.uk成功通過SSL證書保護。以下證書已正確安裝:
------Certificate 1------
--Issued To--
Organization: test.elife.co.uk
Organizational Unit: Domain Validated
Organizational Unit 2: Thawte SSL123 certificate
Organizational Unit 3: Go to https://www.thawte.com/repository/index.html
Common Name: test.elife.co.uk
--Issued By-- Organization: Thawte,, Inc.
Organizational Unit: Domain Validated SSL
Common Name: Thawte DV SSL CA
Country: US
Valid from Thu Sep 23 01:00:00 BST 2010 to Sat Sep 24 00:59:59 BST 2011
Serial Number (hex): a6e84e4a3e7ed5b61d26c2667384cec
-------------------------
------Certificate 2------
--Issued To-- Organization: Thawte,, Inc.
Organizational Unit: Domain Validated SSL
Common Name: Thawte DV SSL CA
Country: US
--Issued By--
Organization: thawte,, Inc.
Organizational Unit: (c) 2006 thawte,, Inc. - For authorized use only
Organizational Unit 2: Certification Services Division
Common Name: thawte Primary Root CA
Country: US
Valid from Thu Feb 18 00:00:00 GMT 2010 to Mon Feb 17 23:59:59 GMT 2020
Serial Number (hex): 7610128a17b682bb3a1f9d1a9a35c092
-------------------------
------Certificate 3------
--Issued To--
Organization: thawte,, Inc.
Organizational Unit: (c) 2006 thawte,, Inc. - For authorized use only
Organizational Unit 2: Certification Services Division
Common Name: thawte Primary Root CA
Country: US
--Issued By--
Organization: Thawte Consulting cc
Organizational Unit: Certification Services Division
Common Name: Thawte Premium Server CA
Locale: Cape Town, Western Cape
Country: ZA
Valid from Fri Nov 17 00:00:00 GMT 2006 to Wed Dec 30 23:59:59 GMT 2020
Serial Number (hex): 3365500879ad73e230b9e01d0d7fac91
-------------------------
在此先感謝。
但這些都是新證書?? !!所以這是證書的問題,而不是設置? – jimplode 2010-09-27 14:54:01
如果OCSP服務器說,證書已被吊銷,則證書或服務器存在問題,但安裝不成功。所以我建議你聯繫thawte支持 - 他們應該知道更好,鏈中的哪個證書有問題,爲什麼。 – 2010-09-27 15:19:52