Are you sure they have the same root certificate? About a month ago, I ran in some problems because I got a new certificate from RapidSSL which had been signed by their new-ish SHA256 certificate but older clients (~3 years old browsers) had only RapidSSLs old root certificate installed.
Thanks for answering. I'm not sure, but wouldn't this be a widespread issue, given the popularity (read free as in beer) of StartCom certificates? I'm pretty sure I'm doing something wrong.
If you are using Firefox: click on the padlock icon -> "more information" -> "view certificate" and then on the "details" tab. If you check "certificate signature algorithm" for each of the 3 certificates, you'll see that the root certificate as well as your own one are using SHA256 but that the intermediate certificate is using SHA1. You need to bundle the right intermediate certificate which you can find, together with additional information, on https://shaaaaaaaaaaaaa.com/
Thanks a lot! I will look into tha. As far as I can tell StartCom didn't give me a choice in that regar. Thanks for pointing me to that site. (I'd say it beats Slashdot in difficulty when you have to pass it on verbally!)
