Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Certificate chain is incomplete
#3
(11-23-2022, 06:30 PM)MJS@mjs.us Wrote: Thanks for this MJS, as you say this is for http.sys so I do not think it works for SA in the same way.  I was able to sort out the cipher issue by adding a limited number of ciphers into the servercontroller->cipherlist and this got rid of the SSL lab weak cipher warning but I still have the B rating.

With your Sectigo cert, did you have to install the intermediate certificate into Windows? as I think this is what I am missing and why I get "Certificate Chain incomplete" so hoping that someone knows if it is possible in SA and how to do it.  I donlt know if it is maybe simply a case of me installing it into Windows and it will work with SA, doubt it is that eas though :-)

Thanks for your help though, might be an option to go http.sys in future.  I don't know much about it though, so need to read up on it.

David.
Quote:I was just able to get an A+ rating on SSLLabs with my Sectigo cert but I am using http.sys not SA.  If you search this forum for 'cipher' there may be some settings that will get you to A+. 

For anyone using http.sys I disabled RC4, TLS1.0, and TLS1.1 to get the good rating using these PowerShell commands:
Reply


Messages In This Thread
RE: Certificate chain is incomplete - by davidmcevoy@outlook.com - 11-23-2022, 07:04 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)