Because the root certificate of the free startssl is not being trusted anymore by some browsers, i got myself a cheap comodo certificate for my seafile server, however sinds i installed this certificate yesterday. website works fine, but (windows) seafile client doesn’t.
When i disable “verify server certificate” in the client.
Seafile starts syncing again, so the client doesn’t seem to be happy about my comodo certificate, but hey i can’t affort a 130 dollar certificate for my freebee family & foundation users
Anybody any idea how can solve this on the server side FOR ALL my clients.
Anybody any idea WHY my comodo certificate is not accepted as a good solution by my clients?
Here you can get a free valid certificate: Let’s Encrypt
I also think Let’s Encrypt solution is a good one.
We are now using it with no problems with the seafile server on an ubuntu 14 under apache.
Take a look here https://letsencrypt.org/getting-started/
As they say, you will need to automate the process through certbot
There are other solutions for the automation but this is well documented and looks quite stable
may I ask a single stupid question? EDIT: Okay, two!
Where is your server located and from where do you try to connect your client?
We had the situation, that a self hosted seafile server which was running on the clients site worked fine for everybody using it from remote locations using the url https://seafile.client.domain but not for the customer.
When I looked at the client configuration it was pretty clear. They entered the IP address of the server like https://192.168.x.x because they knew the local network address - which is why the certificate did not work, since it is bound to a domain name.
Also I had a situation where Windows kept information about the old certificate.
Uninstalling and reinstalling seafile client did the trick in that case.
Hope to be of help.
Here’s the solution guys ( and dolls)
I forgot to install the intermediate certificates.
Here’s how to do this in linux if your provider does not provide a proper bundle file:
Doing so solved the problem
Please note this topic solved.