Unable to get local issuer certificate. <20>

Discussion in 'Parallels Remote Application Server' started by omonnig, Dec 30, 2008.

  1. omonnig

    omonnig Guest

    We just renewed our wildcard ssl cert with GoDaddy, now our clients get “Unable to get local issuer certificate. <20>” error message.

    Unsuccessful:
    - adding the intermediate ca cert to the trusted.pem file on my client, restart client, got [01/00000009] error
    - adding both the intermediate cert and my cert to trusted.pem, 2x was unable to find the farm
    - adding my cert only, got Unable to get local issuer certificate. <20> error

    Solution:
    Finally, I copied both the root and intermediate certs from the Godaddy CA into the trusted.pem file on the client, restarted the 2x client and it worked.

    Please add GoDaddy to your default trusted CA list. Failure to do this cost our staff and clients many hours of sheer frustration.

    Question:
    How do I deploy an updated trusted.pem to my 300+ clients located in another state over 1000 miles away?
     
  2. Any update

    Otto,
    Did you ever hear anything from 2X about this issue?
    Thanks,
    Matt
     
  3. gs

    gs Guest

    Hi there,

    it means the certificate path or chain is broken and you are missing certificate files. In most cases the intermediate cert is the path or chain that is affected.

    Please check this out:

    - http://www.openssl.org/docs/apps/verify.html
    (20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate
    the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.)

    - http://www.herongyang.com/crypto/openssl_verify.html

    Kind regards,
     

Share This Page