Bug 1462716 - Intermediate certificate missing on https://docs.openshift.org
Intermediate certificate missing on https://docs.openshift.org
Status: NEW
Product: OpenShift Origin
Classification: Red Hat
Component: Documentation (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Vikram Goyal
Vikram Goyal
Depends On:
  Show dependency treegraph
Reported: 2017-06-19 08:02 EDT by Daniel Werner
Modified: 2017-06-19 09:19 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Output of openssl -connect (4.63 KB, text/plain)
2017-06-19 08:02 EDT, Daniel Werner
no flags Details

  None (edit)
Description Daniel Werner 2017-06-19 08:02:40 EDT
Created attachment 1289071 [details]
Output of openssl -connect

Description of problem:
When accessing https://docs.openshift.org I get SSL connection errors (i.e. using curl: "SSL certificate problem: unable to get local issuer certificate"). 
This makes it impossible to access the documentation from behind a proxy which only allows connections to trusted web sites.

Version-Release number of selected component (if applicable):
Current documentation web site

How reproducible:
openssl s_client -connect docs.openshift.org:443 -showcerts -servername docs.openshift.org

Steps to Reproduce:
1. Using openssl: openssl s_client -connect docs.openshift.org:443 -showcerts -servername docs.openshift.org
2. Using curl: curl -verbose https://docs.openshift.org

Actual results:
1. Openssl:     Verify return code: 21 (unable to verify the first certificate)
2. Curl: (60) SSL certificate problem: unable to get local issuer certificate

Expected results:
No errors should occur. The server should deliver the certificate chain including all intermediate certificates.  

Additional info:
Output of openssl attached

Note You need to log in before you can comment on or make changes to this bug.