SSL certificate chain

Steve Holdoway steve at greengecko.co.nz
Sun Sep 1 11:25:42 UTC 2013


Make sure the server cert it first in the file, followed by the ca certs.

Steve

On 1/09/2013, at 11:11 PM, Daniel Lundqvist <daniel at malarhojden.nu> wrote:

> Hi,
> 
> I am trying to configure nginx 1.4.1 (using OpenSSL 1.0.1e) with a PEM encoded certificate file that contains the whole chain, 3 including Root CA. But I can not get it to work. I have followed documentation at http://nginx.org/en/docs/http/configuring_https_servers.html#chains and http://www.startssl.com/?app=42, but no matter what I do it seems I can not get nginx to deliver more than one certificate. I have used both http://portecle.sourceforge.net and https://www.ssllabs.com/ssltest/ to verify. Other services (e.g. dovecot IMAP server) on the same host using same version of OpenSSL and same intermediate certificate and Root CA works works fine. How can I troubleshoot what is going wrong with nginx?
> 
> Thanks in advance.
> -- 
> daniel
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx



More information about the nginx mailing list