SSL certificate chain
Daniel Lundqvist
daniel at malarhojden.nu
Sun Sep 1 12:55:10 UTC 2013
Hi,
They are. I get no errors from nginx whatsoever, just that no certificate after the first is never sent. If I change order I get error about key not matching, which is to be expected.
--
daniel
On 1 sep 2013, at 19:25, Steve Holdoway <steve at greengecko.co.nz> wrote:
> Make sure the server cert it first in the file, followed by the ca certs.
>
> Steve
>
> On 1/09/2013, at 11:11 PM, Daniel Lundqvist <daniel at malarhojden.nu> wrote:
>
>> Hi,
>>
>> I am trying to configure nginx 1.4.1 (using OpenSSL 1.0.1e) with a PEM encoded certificate file that contains the whole chain, 3 including Root CA. But I can not get it to work. I have followed documentation at http://nginx.org/en/docs/http/configuring_https_servers.html#chains and http://www.startssl.com/?app=42, but no matter what I do it seems I can not get nginx to deliver more than one certificate. I have used both http://portecle.sourceforge.net and https://www.ssllabs.com/ssltest/ to verify. Other services (e.g. dovecot IMAP server) on the same host using same version of OpenSSL and same intermediate certificate and Root CA works works fine. How can I troubleshoot what is going wrong with nginx?
>>
>> Thanks in advance.
>> --
>> daniel
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4145 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130901/8868560c/attachment.bin>
More information about the nginx
mailing list