Welcome to WebmasterWorld Guest from

Forum Moderators: buckworks

Message Too Old, No Replies

Direct relationship between SSL certificate & PEM file?



6:05 pm on Jun 11, 2007 (gmt 0)

5+ Year Member

Hi Guys.
We're wrapping up an ecommerce site. We have our SSL certificate with Comodo and we're using LinkPoint as our gateway. We've been running test orders and they've been going through successfully. Suddenly, however, our test orders are now failing.

Also, we're now seeing the popup in IE saying that the page contains both secure and nonsecure items... And, in Firefox it's showing the lock icon with an "x".

So, I'm not sure if this is a Comodo issue (ie. ssl cert) or a Linkpoint issue (ie. pem file).

The only thing we did recently was getting American Express activated on our gateway account. I did download the new PEM file from LinkPoint and uploaded to our server, but to no avail.

What I'd like to know...is there a direct relationship between the SSL certificate and the PEM file? In other words, is there anything in the SSL certificate that points to the PEM file from the gateway? So, if we update our PEM file, or change its location, do we need to do anything with our SSL certificate?

Also, does this sound likes it's an issue with our gateway?

BTW...is there a way to search the forums by keyword?



3:31 am on Jun 12, 2007 (gmt 0)

10+ Year Member

The ssl warning in your browser is caused either by a problem with the ssl certificate or you have content in the page, tracking images, codes, etc which do not come from a secure server (https). This has nothing at all to do with your linkpoint pem. That's another issue. If there is a problem with that you will not be permitted to connect to linkpoint's server to conduct the transaction. Since this is done behind the scenes, it will not cause any type of error in the browser.


3:37 am on Jun 12, 2007 (gmt 0)

10+ Year Member

both secure and nonsecure items

run a search on your code for "http", make sure all images, css files, etc. are called via https.


9:58 am on Jun 12, 2007 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

^ ^ Full URL links are not necessary. If you call the linked stuff relatively, all of the images should resolve to secure items.

It's easier to find the non-https cuplrits by selecting Tools-> Page Info in FireFox, click the media tab. One I always overlook is linking to the secure version of Analytics (doh) - these will not show up in Page Info.

But the real problem, it seems, is related to something else if it just cropped up on it's own:

Suddenly, however, our test orders are now failing.

The digital signature in the PEM is sent to the linkpoint gateway when it opens the connection, if it does not match it will reject the transaction. But this should not affect your SSL cert. The inverse, however, can - if the cert fails somehow, linkpoint won't complete a connection with a non-secure request.

Tell me, have you opened the lock icon and examined the details in the cert? (also in Tools->Page Info, Security tab) Have you made changes to your Linkpoint account, specifically any alterations to your company name? It is one of the elements used to create the digital signature in the PEM, if it doesn't match L.P. will reject the connection. If you've changed the company name you registered with LinkPoint you'll need to generate a new PEM.

Additionally, there's a bunch of other stuff (that I don't understand) that can disable a cert, this I pass off to my admin.


4:30 pm on Jun 12, 2007 (gmt 0)

5+ Year Member

Hi Guys.
I just wanted to thank you for your great responses and for all the information. You were all a great help.

I already had all my image & css links as relative links. But, it turned out that my Google Analytics code was not the right code for a secure site. So, I updated the code and it looks like everything is working correctly.

Thanks again!


6:23 pm on Jun 12, 2007 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

So . . . why were the orders failing? The non-secure version of Analytics shouldn't have done that . . .

Featured Threads

Hot Threads This Week

Hot Threads This Month