Thawte SSL with 3 certificates

ajfisher nginx-forum at nginx.us
Sun Jun 5 11:12:36 MSD 2011


Hi all,

After much googling, lots of hair pulling and still no result I'm hoping
someone here has seen this particular issue or else can help point me in
a direction that may help resolve it.

For a site I'm building I need to have SSL enabled - it's ecom. I've
configured SSL on nginx before without too many problems though did get
caught out with a Thawte renewal which required the domain certificate
and the Thawte CA intermediate. Concatenating them into the same file
resolved the issue and all the sites I've had to do that with are
working fine. Until now that is...

On this latest file, Thawte has supplied not one intermediate CA
certificate but two - a primary and a secondary which need to be
included.

I started off in the same vein - creating a file with mine first, then
the two supplied by thawte - I have tried all the combinations of the
three certificates and can reliably make it break by moving the domain
cert out of first position but no combination of the other two appears
to work - including removal of one or the other.

Has anyone come across this issue at all with other certificate
authorities or even Thawte specifically? I'm literally a week from
launching the site so need to resolve this as certainly in browsers like
chrome you get the "this website is not secure" error message...

Weirdly the domain certificate information is available when you enquire
it in the browser however there's no chaining information available when
you show the hierarchy. It show's the domain cert as the root
certificate and it appears like this is where the error is coming from.

Any ideas what might be causing this effect? 

Kind regards
ajfisher

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,204035,204035#msg-204035




More information about the nginx mailing list