[Cpanel Blog] Incomplete SSL Chain problem in Firefox June,2012

I've just rebuild my server after a disk failure and mostly things have gone smoothly.

When I installed the SSL cert for one of my domains, I used the same procedure as with every other SSL cert I've installed. The server auto-detected the key and the CA bundle just fine and in all browsers except firefox, the cert loads without error.

For this one site, Firefox reports an invalid certificate chain, and the SSL test at https://www.ssllabs.com/ssltest/index.html reports incomplete chain.

I've gone to comodo and downloaded their full CA bundle and installed it. I've checked the apache config files and it is serving the CA bundle I expect and I've checked and the CA bundle is identical to other domains on the server with certs from the same provider.

The only difference I can find is the QUALYS SSL Labs reports the chain length for a site without this problem is 3 (3788 bytes) and for the site with this problem as 1 (1318 bytes)

What I can't figure out is - where/how is this chain length being specified?
Did I just get a bum cert and it needs to be re-issued, or is there some other problem here.
Incomplete SSL Chain problem in Firefox
[Cpanel Blog] Apache security May,2012

Related Post