Android, SSL, and FoxyCart

sparkwebsparkweb Member, Integration Developer, FoxyShop, Order Desk
in Bugs & Feature Requests edited August 2011
I've been getting some reports that some builds of Android are griping about connecting to my custom subdomain certificate checkout.gofishmedia.net. It's a RapidSSL CA Common Name with a GeoTrust, Inc. Organization.

The error is "security warning, this certificate is not from a trusted authority."

Is this just a case of an older Android build that doesn't have the most modern intermediate certificates installed? That's going to be kind of a tough pill to swallow - especially since the error comes up on the main homepage of the site since it's pinging the foxycart domain for cart contents.
Comments
  • lukeluke FoxyCart Team
    That's the first report we've had of this issue, but we'll look into it and get back to you early next week. A quick Google search shows some other systems have experienced similar issues.
  • fredfred FoxyCart Team
    Hey there, sorry for the delay in my reply. It looks like RapidSSL, whose certificates we use for custom subdomains, has recently shifted its root certificates and not all Android builds contain the correct intermediate certificates.

    I added the "cross root" certificate they provide to your store's subdomain; can you please give that a try and let me know if you still see the warning on Android phones? Thanks!
  • sparkwebsparkweb Member, Integration Developer, FoxyShop, Order Desk
    edited August 2011
    Fred, it looks like that solved this issue. Thank you....
  • fredfred FoxyCart Team
    Excellent, glad to hear! I'm working on revising our SSL processes now so that this doesn't happen again for you or anyone else.
Sign In or Register to comment.