tag:support.appharbor.com,2010-11-23:/discussions/problems/518-problems-with-sslAppHarbor: Discussion 2011-05-11T18:57:10Ztag:support.appharbor.com,2010-11-23:Comment/71099352011-05-10T05:21:33Z2011-05-10T05:21:33ZProblems with SSL<div><p>Hi Kevin,</p>
<p>That sounds interesting. It may be related to SNI SSL not being
supported by your browser and/or operating system. Since you
experience it in multiple browser I wonder if you may be running
Windows XP?</p>
<p>Otherwise please let me know which application it is and we'll
take a closer look at it.</p>
<p>Best,<br>
Rune</p></div>runetag:support.appharbor.com,2010-11-23:Comment/71099352011-05-10T07:23:10Z2011-05-10T07:23:10ZProblems with SSL<div><p>Hi Rune</p>
<p>I've been testing this with an XP and windows 7 PC</p>
<p>Thanks<br>
Kevin</p></div>kevin.turnbulltag:support.appharbor.com,2010-11-23:Comment/71099352011-05-10T23:28:28Z2011-05-10T23:28:28ZProblems with SSL<div><p>SNI SSL has very limited support for Windows XP, but it should
work in most browser on Windows 7. Could you give me the
application name so I can take a look at it?</p>
<p>Thanks,<br>
Rune</p></div>runetag:support.appharbor.com,2010-11-23:Comment/71099352011-05-11T08:44:33Z2011-05-11T08:44:33ZProblems with SSL<div><p>the application it loot, site <a href=
"http://www.loot2012rentals.com">www.loot2012rentals.com</a></p>
<p>thanks<br>
Kevin</p></div>kevin.turnbulltag:support.appharbor.com,2010-11-23:Comment/71099352011-05-11T18:57:08Z2011-05-11T18:57:08ZProblems with SSL<div><p>Chrome redirected me to the non-https site without any warnings,
but I can see the same issue as you're having in Firefox. I think
it's related to the issuer of your certificate not being recognized
by the browser - and I can see that other's have had issues with
"Comodo CA Limited" in the past (<a href=
"http://stackoverflow.com/questions/275878/firefox-and-ssl-sec-error-unknown-issuer">http://stackoverflow.com/questions/275878/firefox-and-ssl-sec-error...</a>).
Perhaps the solution suggested there works?</p>
<p>They're suggesting chaining certificates among other things. To
do that you can simply insert the certificate from your CA (that
you probably received when you got the certificate) and insert that
above your own certificate in the "Public Key" field when creating
a certificate.</p>
<p>Also, the issue where you got the <em>.apphb.com certificate in
IE is related to that version of IE (or because it's running on XP)
not supporting SNI - this means that it falls back to the default
certificate, which on our load balancers are the</em> .apphb.com
certificates. You can use that for piggyback ssl if you'd like
:-)</p></div>rune