PositiveSSL certificate keeps giving the untrusted issuer warnings in browser

Since I’m working on a Facebook app, the self-signed certificate I
created for SSL access to my admin area is no longer useful.

I grabbed a PositiveSSL cert from Comodo, but after following the
instructions here ( Using Namecheap’s Free SSL with Nginx » KBeezie ) but
still get the untrusted or self-signed warnings.

This page
(http://www.digicert.com/ssl-certificate-installation-nginx.htm) seems
to suggest I have to concatenate several crt files together.

This is what Comodo sent me:

AddTrustExternalCARoot.crt
PositiveSSLCA.crt
UTNAddTrustServerCA.crt and
www_example_com.crt

Do I need to concatenate all of these?

Also, just curious why do some example sites I’ve seen say Ngix needs a
pem file and others say a crt?

Thanks!

On 04/09/2011 7:46 PM, Ian E. wrote:

Since I’m working on a Facebook app, the self-signed certificate I
created for SSL access to my admin area is no longer useful.

I grabbed a PositiveSSL cert from Comodo, but after following the
instructions here ( Using Namecheap’s Free SSL with Nginx » KBeezie ) but
still get the untrusted or self-signed warnings.

Upon further testing I see that it’s still using the old cert despite
issuing a kill -HUP.

How do I get nginx to start using the new cert?

On 04/09/2011 8:04 PM, Ian E. wrote:

Upon further testing I see that it’s still using the old cert despite
issuing a kill -HUP.

Sigh…okay, never mind. Seems I had one typo in the conf change so the
kill -HUP was still using the old conf. So it’s working okay now.

Still curious why some examples use pem and others use crt.

Also any best usage additions I should add to the ssl section?

On Sun, Sep 04, 2011 at 09:06:07PM -0400, Ian E. wrote:

On 04/09/2011 8:04 PM, Ian E. wrote:

Upon further testing I see that it’s still using the old cert despite
issuing a kill -HUP.

Sigh…okay, never mind. Seems I had one typo in the conf change so the
kill -HUP was still using the old conf. So it’s working okay now.

Still curious why some examples use pem and others use crt.

This is just a file extention. Both use the same PEM formay inside.

Also any best usage additions I should add to the ssl section?

Please read this:
http://nginx.org/en/docs/http/configuring_https_servers.html


Igor S.