For whatever reason Ubuntu doesn’t include a valid certificate chain for sites using RapidSSL certificates. If your server has read data from a site that uses RapidSSL then you have good chance that you will receive errors stating that the certificate is invalid. To solve this problem you need to perform the following steps:
1) Download the RapidSSL certificate:
wget https://knowledge.rapidssl.com/library/VERISIGN/ALL_OTHER/RapidSSL%20Intermediate/RapidSSL_CA_bundle.pem
2) Copy the certificate to the /usr/share/ca-certificates directory:
sudo cp RapidSSL_CA_bundle.pem /usr/share/ca-certificates/
3) Add the RapidSSL_CA_bundle.pm filename just after the last comment (#) in the /etc/ca-certificates.conf file
sudo nano /etc/ca-certificates.conf
4) Run the update-ca-certificates command. With any luck you will now be able download your
sudo update-ca-certificates
Not sure why the RapidSSL certificates are broken, but updating doesn’t seem to solve this problem. Hopefully ubuntu systems will fix this shortly.
Leave a Reply