Intermediate SSL Certificates

Apache allows setting the intermediate SSL certificate using the SSLCertificateChainFile directive but nginx serves certificates configurable using only the keys:

        ssl_certificate /etc/nginx/ssl/certificate.crt;
        ssl_certificate_key /etc/nginx/ssl/private.key;

in order to create the certificate, the individual certificates:

  1. the site certificate
  2. the intermediate certificate
  3. the root certificate

have to be concatenated, in that order to a separate file chain.pem:

cat site.crt intermediate.crt root.crt > chain.pem

that will then be referenced in the nginx configuration file:

        ssl_certificate /etc/nginx/ssl/chain.pem;
        ssl_certificate_key /etc/nginx/ssl/private.key;

Note that some certificates do not include newlines at the end of the file such that you may have to edit the certificate manually such that all blocks follow each other:

-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

fuss/nginx.txt ยท Last modified: 2017/07/01 18:04 by office

Access website using Tor Access website using i2p


For the copyright, license, warranty and privacy terms for the usage of this website please see the license, privacy and plagiarism pages.