cancel
Showing results for 
Search instead for 
Did you mean: 

SSL Peer's Certificate not Trusted

Hello, all

 

Back on March 9th, 2020, our website stopped being able to process credit cards.  An error message of "[curl] 60: Peer's certificate issuer has been marked as not trusted by the user. [url] https://secure2.authorize.net/gateway/transact.dll" was given.  Because our business was put on pause due to Covid, we are only now addressing it-- about a year later.  I think, but not 100% positive, the reason is because of what is noted on this page (https://support.authorize.net/s/article/Authorize-Net-Network-Change-FAQ) under Phase 4b. 

 

I followed links to this page (https://support.authorize.net/s/article/How-do-I-obtain-Authorize-Nets-SSL-Certificate-for-my-host-s...) and, frankly, don't know what to do next. 

 

Our website has an SSL through Entrust yet we still get the error message noted above.  I really don't know what to do next.  While I have done some research into this, I'm at a loss as to what the next steps are.  All the background and underpinnings of SSLs and certificates are still quite foreign to me even though I'd like to think I have a 'basic' level of understanding. 

 

Any input, guidance, or assistance with this would be greatly, greatly appreciated.  Thanks a bunch, Joe.

 

mrblah15
Member
1 REPLY 1

Hello,

 

 You can use this command to view the certificates that your web server is serving:

openssl s_client -connect your_domain.com:443

 All the certificates (including Intermediates) should be displayed.

 

If you are receiving an error that the private key doesn't match the certificate or that a certificate that you installed to a site is not trusted, try one of the following commands ...

 

Check the MD5 hash of the public key to ensure that it matches with what is in a CSR or private key:

openssl x509 -noout -modulus -in certificate.crt | openssl md5
openssl rsa -noout -modulus -in privateKey.key | openssl md5
openssl req -noout -modulus -in CSR.csr | openssl md5

 You also could check your site using SSL Checker and if a problem exists, it can be fixed it by adding the required certificates.

 

The hostname in the certificate must match the site that you are requesting. For example, if you request a page from your_domain.com, but your certificate is only for www. your_domain.com, the certificate check would fail.

Powered by NexWebSites.com -
Certified Authorize.net developers
NexusSoftware
Trusted Contributor