SSL Intermediate EV certificates
Paul
paul at gtcomm.net
Wed Aug 13 19:46:36 MSD 2008
Thanks Igor. Just following up here(info is in your e-mail) so the list
can see it, the regular seems to work but the customer says intermediate
cert isn't working although the
web site works fine and says it's secure and there's no issues with the
browsers and no errors.
Paul
Igor Sysoev wrote:
> On Tue, Aug 12, 2008 at 11:40:42PM -0400, Paul wrote:
>
>
>> I did this already expecting it to work I put it in the .pem file
>> ssl_certificate /usr/local/nginx/conf/blah.pem
>> in the config, but it doesn't work.. :/
>> The pem file has the certificate at the top and the two EV certs below
>> it so 3 total in the file.
>>
>
> Do you see any cetificate error on startup time ?
> Or browsers do not want to accept the certificate ?
>
> I think the order of cetificates in file should be:
>
> 1) your site sertificate
> 2) intermidiate CA cetificate signed by next certificate
> 3) intermidiate CA cetificate signed by some root CA builtin in browser
>
> Could you post Issuer and Subject of two last certificates if they are public ?
>
> You can do it using
> openssl x509 -noout -text -in <cert>
>
>
> BTW, have you tried to disable SSL sessions in proxied HTTPS as I suggested ?
>
>
>> Gabriel Ramuglia wrote:
>>
>>> Append the textual content of your intermediate certificate files onto
>>> the end of the files for your regular cert and it should work
>>> automatically.
>>>
>>> On Tue, Aug 12, 2008 at 8:08 PM, Paul <paul at gtcomm.net> wrote:
>>>
>>>
>>>> We have a cert, a key and an intermediate cert file with two certs
>>>> inside..
>>>> Where do these go? I don't see any place for intermediate extended
>>>> validation certs..
>>>>
>
>
>
More information about the nginx
mailing list