Briggs Softworks

Hi all, I purchased a cert last year using the FAQ article on this site. I ended up with a PositiveSSL cert, but after that it's a bit confusing. I am not sure if the reseller was Commodo or Sectigo? I see all three names on my original invoices/purchase order. So, it's a bit confusing whom to renew this cert through.

I have been getting reminders directly from PositiveSSL, and no one else. So I processed one and the cheapest yearly option I could find at PositiveSSL was $75. But I only paid $16.95 originally for the cert.

Has anyone renewed a cert that they purchased by following the directions on this site? I'm confused as to what route I should take, and why I am only getting a renewal notice directly from PositiveSSL. I am not looking to pay $75 USD for a renewal.

Commodo is now calling themselves Sectigo. First check to see when your current SSL cert actually expires. Connect to your site using Chrome and then click the little padlock icon next to the URL. Click Certificate and then look at the "Valid to" date. You can get an SSL cert for under $9/year. I link to one here:

http://www.briggsoft.com/docs/pmavens/Utilities.htm#ssl

Thanks. I did the renewal with a new CSR and a new key file. I validated after purchase and have received my new cert, but I can't get it to work in PM.

I changed the settings to point to the new key and cert file, but left root certificate the same as previous. I did not receive a bundle file like when I originally purchased the cert last year. But when I try to load the cert, I get:

Could not load certificate. error:0906D06C: PEM routines:PEM_read_bio:n start line.

Any suggestions, perhaps?


Thank you.

When I try to double click the .cer file that I received, I get an error stating the file is invalid for use as the following: Security Certificate.

I chose IIS 5.x or later for cert type. Was that incorrect? When viewing the cert as a text file, it starts as a PKCS7 file..if that's important.

naked_eskimo wrote:Could not load certificate. error:0906D06C: PEM routines:PEM_read_bio:n start line.

Often they'll give you cert files with Linux line terminators whereas OpenSSL expects Windows line terminators (which includes both a carriage return and a line feed character). You can convert them using NotePad++ (a freeware text editor):

https://notepad-plus-plus.org/

Edit -> EOL Conversion -> Windows

Thank you for the response.

The EOL option for Windows is greyed out. I'm assuming because it's already in the right format?

naked_eskimo wrote:The EOL option for Windows is greyed out. I'm assuming because it's already in the right format?

You can email me your files and I'll look at them.

Thank you.

Email sent.

Your cert was in P7b/PKCS7 format and Poker Mavens (via OpenSSL) requires PEM format. But you can easily make the conversion at this web site:

https://www.sslshopper.com/ssl-converter.html

You may still need to do the Windows EOL conversion on it (using NotePad++) after the conversion.

Thank you, Kent.

The cert is now useable.