tag:help.cashboardapp.com,2012-10-23:/discussions/api-discussion/84-ssl-certificate-is-not-trustedCashboard: Discussion 2018-10-19T08:13:04Ztag:help.cashboardapp.com,2012-10-23:Comment/308624492014-01-01T20:11:16Z2014-01-01T20:11:16ZSSL Certificate is not trusted<div><p>Hey Sean, sorry about that.</p>
<p>We recently changed webservers from Apache to Nginx. To us it
looked like things were working properly, but maybe not?</p>
<p>Anyhow, we tweaked the SSL certificate to include the chained
RapidSSL bundle. Give it another try and let us know if the error
went away?</p></div>Seth Btag:help.cashboardapp.com,2012-10-23:Comment/308624492014-01-02T16:19:37Z2014-01-02T16:19:37ZSSL Certificate is not trusted<div><p>hmmmm - it now looks good when I look at something like
digicert.com... but I am still getting the following error:</p>
<p>sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target</p></div>Sean Fieldingtag:help.cashboardapp.com,2012-10-23:Comment/308624492014-01-02T18:26:29Z2014-01-02T18:26:29ZSSL Certificate is not trusted<div><p>Sean,</p>
<p>Perhaps try installing the RapidSSL CA cert bundle on your
server. I'm out of ideas here, and it seems to be working on
browsers and elsewhere so far.</p>
<p>I will keep my eye on this to see if any other customers mention
it.</p>
<p>— Seth</p></div>Seth Btag:help.cashboardapp.com,2012-10-23:Comment/308624492014-01-03T00:11:36Z2014-01-03T00:11:36ZSSL Certificate is not trusted<div><p>Hi -</p>
<p>I think there are still issues with the certification chaining.
I'm seeing issues with the intermediate certificate.</p>
<p>openssl s_client -showcerts -connect
api.cashboardapp.com:443</p>
<p>CONNECTED(00000003)<br>
depth=0
/serialNumber=GIMXRamR-Qwm0Wom/trhbVbORgFA7Zoz/OU=GT22542577/OU=See
www.<br>
rapidssl.com/resources/cps (c)13/OU=Domain Control Validated -
RapidSSL(R)/CN=*.<br>
cashboardapp.com<br>
verify error:num=20:unable to get local issuer certificate<br>
verify return:1<br>
depth=0
/serialNumber=GIMXRamR-Qwm0Wom/trhbVbORgFA7Zoz/OU=GT22542577/OU=See
www.<br>
rapidssl.com/resources/cps (c)13/OU=Domain Control Validated -
RapidSSL(R)/CN=*.<br>
cashboardapp.com<br>
verify error:num=27:certificate not trusted<br>
verify return:1<br>
depth=0
/serialNumber=GIMXRamR-Qwm0Wom/trhbVbORgFA7Zoz/OU=GT22542577/OU=See
www.<br>
rapidssl.com/resources/cps (c)13/OU=Domain Control Validated -
RapidSSL(R)/CN=*.<br>
cashboardapp.com<br>
verify error:num=21:unable to verify the first certificate<br>
verify return:1</p></div>Sean Fieldingtag:help.cashboardapp.com,2012-10-23:Comment/308624492014-01-03T00:12:24Z2014-01-03T00:12:24ZSSL Certificate is not trusted<div><p>Same issue with looking at the certification on GeoTrust.</p>
<p><a href=
"https://ssltools.geotrust.com/checker/views/certCheck.jsp">https://ssltools.geotrust.com/checker/views/certCheck.jsp</a></p></div>Sean Fieldingtag:help.cashboardapp.com,2012-10-23:Comment/308624492014-01-03T01:56:52Z2014-01-03T01:57:07ZSSL Certificate is not trusted<div><p>Just checked the URL you provided, looks to be working now.
Please confirm.</p></div>Seth Btag:help.cashboardapp.com,2012-10-23:Comment/308624492014-01-03T04:43:40Z2014-01-03T04:43:40ZSSL Certificate is not trusted<div><p>Yahoo! Everything seems to be working now. Thank you for your
help.</p></div>Sean Fieldingtag:help.cashboardapp.com,2012-10-23:Comment/308624492014-01-03T05:21:38Z2014-01-03T05:21:38ZSSL Certificate is not trusted<div><p>On Thursday, January 2, 2014, Sean Fielding wrote:</p></div>Seth Btag:help.cashboardapp.com,2012-10-23:Comment/308624492014-06-30T18:46:47Z2014-06-30T19:07:13ZSSL Certificate is not trusted<div><p>Did the cert expire? Our calls from Salesforce to Cashboard are
failing due to cert issues.</p>
<p>echo | openssl s_client -connect api.cashboardapp.com:443
2>/dev/null | openssl x509 -noout -issuer -subject -dates</p>
<p>It looks like the cert expired on the 27th of June.</p></div>Brian Walshtag:help.cashboardapp.com,2012-10-23:Comment/308624492014-06-30T18:52:24Z2014-06-30T18:52:24ZSSL Certificate is not trusted<div><p>No. Our certificate expires June 11 of next year.</p></div>Seth Btag:help.cashboardapp.com,2012-10-23:Comment/308624492014-06-30T18:56:53Z2014-06-30T18:56:53ZSSL Certificate is not trusted<div><p>Also - Sean RE your other thread...this is the last time we
actually changed anything with the certificate.</p></div>Seth Btag:help.cashboardapp.com,2012-10-23:Comment/308624492014-06-30T19:12:51Z2014-06-30T19:12:51ZSSL Certificate is not trusted<div><p>Using the ssl client command: echo | openssl s_client -connect
-showcerts api.cashboardapp.com:443 2>/dev/null | openssl x509
-noout -dates</p>
<p>We receive:<br>
notBefore=Mar 24 10:20:38 2013 GMT<br>
notAfter=Jun 27 02:32:25 2014 GMT</p></div>Aaron Pettitt