SSL certificate chain
lists-nginx at swsystem.co.uk
Mon Sep 2 11:12:52 UTC 2013
On 2013-09-02 11:59, Daniel Lundqvist wrote:
> I have, it just says only 1 certificate is provided. Here are the test
I note that you're using startcom for the certificate, I recall that the
intermediate certificate they say to use isn't actually the one provided
and had to complete the certificate chain myself.
To build up my pem I started with the crt and key, then running "openssl
x509 -in cert.pem -noout -text" I was then able to download the correct
intermediate using the "CA Issuers - URI" provided in the certificate.
Appending this to the pem and retesting. Repeating the process for each
certificate until it became valid.
Authority Information Access:
OCSP - URI:http://ocsp.startssl.com/sub/class1/server/ca
CA Issuers -
It might be worth checking if your intermediate matches the above
More information about the nginx