nginx and godaddy ssl cert. How to?
Michael Shadle
mike503 at gmail.com
Fri Jul 16 06:28:14 MSD 2010
I have sites that get crawled and analyzed by mcafee secure. They consider the site to be out of compliance without it.
On Jul 15, 2010, at 6:04 PM, Alexandr Sergeyev <asergeyev at dyn.com> wrote:
>> It is very easy to follow; bravo!
>> It appears that nginx does not like my key.
>
> Try to use only crt file for ssl_certificate directive. You may append godaddy's CA later.
>
> (to read fields of the certificates you may use something like "openssl x509 -text < yourfile.crt | less")
>
> If nginx (openssl technically) would reject your key, ask godaddy to reissue cert (not sure if they would charge you a fee).
>
> If you'll do that - generate new CSR again (do not agree to use old one) and make sure you saved right key.
>
>
> BTW, Michael, Unless you're using banking site or something that requires 256 bit security I'd not bother to crank ciphers to ALL. Choose carefully... (Google uses RC4-SHA1 everywhere and it's fastest 128bit one at the moment)
>
>
> Alex.
>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list