I'm getting a similar error. I tried connecting with openssl (1.0.1c)
and it gave me errors. Any chance the certification might be
incorrectly chained?
$ openssl s_client -showcerts -connect mckenzie-and-
sons9821.myshopify.com:443
CONNECTED(00000003)
depth=0 serialNumber = inVwoUGzj3duFEUBdzDQrbS2kO1qx0Vr, C = CA, ST =
Ontario, L = Ottawa, O = Jaded Pixel Technologies Inc., CN =
*.
myshopify.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 serialNumber = inVwoUGzj3duFEUBdzDQrbS2kO1qx0Vr, C = CA, ST =
Ontario, L = Ottawa, O = Jaded Pixel Technologies Inc., CN =
*.
myshopify.com
verify error:num=27:certificate not trusted
verify return:1
depth=0 serialNumber = inVwoUGzj3duFEUBdzDQrbS2kO1qx0Vr, C = CA, ST =
Ontario, L = Ottawa, O = Jaded Pixel Technologies Inc., CN =
*.
myshopify.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/serialNumber=inVwoUGzj3duFEUBdzDQrbS2kO1qx0Vr/C=CA/ST=Ontario/
L=Ottawa/O=Jaded Pixel Technologies Inc./CN=*.
myshopify.com
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
-----BEGIN CERTIFICATE-----
MIIDwjCCAyugAwIBAgIDEtBsMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTAwNTEwMjIyMzA4WhcNMTUwODEyMTkxNzE0
WjCBnTEpMCcGA1UEBRMgaW5Wd29VR3pqM2R1RkVVQmR6RFFyYlMya08xcXgwVnIx
CzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2Ex
JjAkBgNVBAoTHUphZGVkIFBpeGVsIFRlY2hub2xvZ2llcyBJbmMuMRgwFgYDVQQD
DA8qLm15c2hvcGlmeS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC37opsWtBSAKa3VLA5xeGBjc6ZnWNg+hsEdr6HcA/FbYaSnZzYcwC61m3X8qPD
9n6j5RbFDW3Cf4DbBis7R30/N6T4txgleOvqaV6Sx6nXCWxjfHO97eTGkWaMiffx
nCNH6nKATp29NM7qs11rIu24pup6XhJldKotFmIzK+whLkubrQ+ZkwswXROTOiAM
r9gHzfbd01c25GBuQeHyXVBoLPMan2IIcsXhFeS8uqwQ/SBsIkQYS4ZmcMb9/rVl
Pmblsba6C2tKcxwYXyZXXgI9Lc4tlSLuMrU1TaaDNbyI2z8ou/XiwYv4cl0+8j/W
yv0G3r2QBpIsMmOWMaBnvaVFAgMBAAGjgdkwgdYwHwYDVR0jBBgwFoAUSOZo+SvS
spXXR9gjIBBPM5iQn9QwDgYDVR0PAQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjApBgNVHREEIjAggg8qLm15c2hvcGlmeS5jb22CDW15c2hv
cGlmeS5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5j
b20vY3Jscy9zZWN1cmVjYS5jcmwwHQYDVR0OBBYEFOn0W86dD+1VEylPstfFZ4bJ
DQfeMA0GCSqGSIb3DQEBBQUAA4GBAFe9MCJfpPd11uSN/NqaEhq/PM1QWNxXqrBL
SgeIguboHhhvCFKrzq/a74iFHnRLmnpwg8Z+RkBP05cjK71om886I3CrNI+xhJWw
0TIaKCFnSReiWyb67pYPomCCsYF35W5ik6Srr+wEsGz6qtwnV4QSzPFRkEAw1BYL
uvjDOa4b
-----END CERTIFICATE-----
---
Server certificate
subject=/serialNumber=inVwoUGzj3duFEUBdzDQrbS2kO1qx0Vr/C=CA/ST=Ontario/
L=Ottawa/O=Jaded Pixel Technologies Inc./CN=*.
myshopify.com
issuer=/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
No client certificate CA names sent
---
SSL handshake has read 1116 bytes and written 542 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-SHA
Session-ID:
175276BE0DE130302A5F9E21B853D28C94364DB82A51A440D2040B91136A6FF2
Session-ID-ctx:
Master-Key:
4C9602799CA8CF6B120D0D07668C36BEA2874FC45C5A6DE866153F2C81813A445D58DB61013118C314A1643D5C945E96
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1336906426
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
DONE
On May 9, 9:03 am, David Underwood <
david.underw...@jadedpixel.com>
wrote: