SSL Intermediate EV certificates

Igor Sysoev is at rambler-co.ru
Wed Aug 13 10:44:55 MSD 2008


On Tue, Aug 12, 2008 at 11:40:42PM -0400, Paul wrote:

> I did this already expecting it to work I put it in the .pem file
> ssl_certificate         /usr/local/nginx/conf/blah.pem
> in the config, but it doesn't work.. :/
> The pem file has the certificate at the top and the two EV certs below 
> it  so 3 total in the file.

Do you see any cetificate error on startup time ?
Or browsers do not want to accept the certificate ?

I think the order of cetificates in file should be:

1) your site sertificate
2) intermidiate CA cetificate signed by next certificate
3) intermidiate CA cetificate signed by some root CA builtin in browser

Could you post Issuer and Subject of two last certificates if they are public ?

You can do it using
openssl x509 -noout -text -in <cert>


BTW, have you tried to disable SSL sessions in proxied HTTPS as I suggested ?

> Gabriel Ramuglia wrote:
> >Append the textual content of your intermediate certificate files onto
> >the end of the files for your regular cert and it should work
> >automatically.
> >
> >On Tue, Aug 12, 2008 at 8:08 PM, Paul <paul at gtcomm.net> wrote:
> >  
> >>We have a cert, a key and an intermediate cert file with two certs 
> >>inside..
> >>Where do these go?  I don't see any place for intermediate extended
> >>validation certs..


-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list