On Mon, Nov 14, 2022 at 9:33 PM Lukas Tribus <lu...@ltri.eu> wrote: > On Mon, 14 Nov 2022 at 21:33, James Read <jamesread5...@gmail.com> wrote: > >> For nginx you need the base64 encoding, which is: > >> > >> https://ssl-ccp.secureserver.net/repository/sfig2.crt.pem > >> > > > > I tried adding that certificate but sudo nginx -t now returns the > following error: > > > > nginx: [emerg] SSL_CTX_use_PrivateKey("/etc/ssl/private/wottot.com.key") > failed (SSL: error:0B080074:x509 certificate > routines:X509_check_private_key:key values mismatch) > > nginx: configuration file /etc/nginx/nginx.conf test failed > > The intermediate certificate does not replace your own certificate. It > replaces the unrelated root certificates. > > http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate > > > the primary certificate comes first, then the intermediate certificates > > So the file needs to contain first your certificate and then the > intermediate one. >
OK. Thanks. I rearranged the file and deleted some certificates. Now sslabs is reporting no chain issues for Certificate #1: RSA 2048 bits (SHA256withRSA) but for Certificate #2: RSA 2048 bits (SHA256withRSA) it is reporting Chain issues *Incomplete, Extra certs, Contains anchor* Any ideas? James Read > > > Lukas > _______________________________________________ > nginx mailing list -- nginx@nginx.org > To unsubscribe send an email to nginx-le...@nginx.org >
_______________________________________________ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
