Partilhar via


PIC: GoDaddy certs... Resolved!

<Update March 3 - (thanks to Jan, Dennis and Jens for pushing to resolve this)>

Customer applied Go Daddy certificate and all 3 partner clouds confirmed working!

<original posting below, choosing to use strike through to avoid folks missing that this now works>

Recent find - GoDaddy certificates won't work with PIC. Turns out the GoDaddy certificate chain is not in the default Authority list on the Microsoft Operating System. So specifically MSN does not support this and I can say from past work I know that AOL will also not import trusted authorities. With PIC all it takes is one cloud to not support something to really make the entire model not support it. Very few customers use 1 or 2 of the 3 possible cloud partners so we will advise a customer to pick certificates that meet all three provider requirements.

A few ways to test this -

Get the certificate and view the details tab in the Certificate MMC. See if the root of the chain is listed with our without a red X, the one challenge with this approach is if you have the root CA because it was included in the certificate you recieved. So my suggestion is that you test it on a web server and have another workstation hit the site. IE will typically alert you to the problem.

I know this will help Brett's customer who has been struggling on this lately, hope it helps you.

TomL OCS Kid

Comments

  • Anonymous
    January 01, 2003
    For those of you that have deployed LCS/OCS and are now working on your PIC (Public Internet Connectivity)