10 messages in ru.sysoev.nginxRe: SSL cert vendors for use with nginx?
FromSent OnAttachments
Geoffrey GrosenbachJun 4, 2007 5:22 pm 
Wayne E. SeguinJun 4, 2007 5:30 pm 
Geoffrey GrosenbachJun 4, 2007 6:00 pm 
Wayne E. SeguinJun 4, 2007 6:34 pm 
Geoffrey GrosenbachJun 4, 2007 6:42 pm 
Wayne E. SeguinJun 4, 2007 7:10 pm 
Geoffrey GrosenbachJun 4, 2007 8:07 pm 
Cliff WellsJun 6, 2007 11:40 am 
Wayne E. SeguinJun 6, 2007 11:47 am 
Igor SysoevJun 6, 2007 12:13 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: SSL cert vendors for use with nginx?Actions...
From:Wayne E. Seguin (wayn@public.gmane.org)
Date:Jun 4, 2007 5:30:20 pm
List:ru.sysoev.nginx

On Jun 04, 2007, at 20:22 , Geoffrey Grosenbach wrote:

I'm setting up my nginx server to run with ssl. I bought a cert from GoDaddy and installed it with the following config snippet, but none of the intermediate client certificate bundles seem to validate with the major browsers (they all say that the cert was not issued from a known authority).

Has anyone successfully used GoDaddy ssl certs with nginx? Which intermediate client certificate bundle did you use?

Or do I need to just buy an overpriced cert from one of the major vendors like Verisign or Thawte?

server { listen 443;

ssl on; ssl_client_certificate /mysite/keys/gd_intermediate.crt; ssl_certificate /mysite/keys/domain.com.crt; ssl_certificate_key /mysite/keys/domain.com.key;

...

}

In use at: https://peepcode.com

Geoffrey Grosenbach ........................ Blog | http://nubyonrails.com Podcast | http://podcast.rubyonrails.com Screencast | http://peepcode.com

Geoffrey,

Try appending the domain cert after the intermediate cert in a single file and and give it a ".pem" extension, then include it:

ssl_certificate /mysite/keys/domain.com.pem

Let me know if this helps.

-- Wayne E. Seguin Sr. Systems Architect & Systems Admin wayn@public.gmane.org