ssl_trusted_certificate usage with parallel ECDSA / RSA certificates ?
Sergey Kandaurov
pluknet at nginx.com
Thu Aug 11 13:24:41 UTC 2016
> On 11 Aug 2016, at 16:03, lists at ssl-mail.com wrote:
>
> I've created 2 LetsEncrypt SSL certs -- an EC & and RSA.
>
> Following
>
> Support for parallel ECDSA / RSA certificates
> https://trac.nginx.org/nginx/ticket/814
>
ssl_trusted_certificate is orthogonal to multiple certificates support.
[..]
> nginx: [emerg] "ssl_trusted_certificate" directive is duplicate in /etc/nginx/sites-enabled/example.com.conf:50
> nginx: configuration file /etc/nginx/nginx.conf test failed
>
> Commenting out one of the 2 ssl_trusted_cert stanzas
>
> ssl_trusted_certificate "/etc/letsencrypt/live/example.com/chain.ec.pem";
> # ssl_trusted_certificate "/etc/letsencrypt/live/example.com/chain.rsa.pem";
>
> and rerunning the check, it passes.
>
> In ‘parallel’ SSL mode, what’s the correct usage for ‘ssl_trusted_certificate'?
>
The directive specifies a file with trusted CA certificates.
See for details:
http://nginx.org/r/ssl_trusted_certificate.
--
Sergey Kandaurov
More information about the nginx
mailing list