Erica's FF encounters an "invalid certificate" warning when accessing rpstourney.com

[karlmdavis]

Looks like her FF doesn't have Gandi's SSL cert in its root store.

[karlmdavis]

A ctrl+F5 refresh of the site seems to have cleared up all of the errors there. Based on the messages being displayed prior to that, though, I think some of the external resources' SSL had been borked.

Nonetheless, some SSL testing via https://www.ssllabs.com/ssltest/analyze.html?d=rpstourney.com revealed some minor problems:

1. The certificate chain was incomplete.
2. The RC4 ciphers are enabled.

I fixed the chain issues by converting the intermediate cert from binary PEM to ASCII PEM format (no idea why that helped).

I was unable to disable RC4, though, as the following Apache directive seems to break SNI (which this server relies on):

SSLCipherSuite HIGH:!aNULL:!MD5

No idea why, but doesn't seem worth fixing at this time.