We have a cert, a key and an intermediate cert file with two certs
inside…
Where do these go? I don’t see any place for intermediate extended
validation certs…
Thanks
Append the textual content of your intermediate certificate files onto
the end of the files for your regular cert and it should work
automatically.
I did this already expecting it to work I put it in the .pem file
ssl_certificate /usr/local/nginx/conf/blah.pem
in the config, but it doesn’t work… 
The pem file has the certificate at the top and the two EV certs below
it so 3 total in the file.
On Tue, Aug 12, 2008 at 11:40:42PM -0400, Paul wrote:
I did this already expecting it to work I put it in the .pem file
ssl_certificate /usr/local/nginx/conf/blah.pem
in the config, but it doesn’t work…
The pem file has the certificate at the top and the two EV certs below
it so 3 total in the file.
Do you see any cetificate error on startup time ?
Or browsers do not want to accept the certificate ?
I think the order of cetificates in file should be:
- your site sertificate
- intermidiate CA cetificate signed by next certificate
- intermidiate CA cetificate signed by some root CA builtin in browser
Could you post Issuer and Subject of two last certificates if they are
public ?
You can do it using
openssl x509 -noout -text -in
BTW, have you tried to disable SSL sessions in proxied HTTPS as I
suggested ?
Thanks Igor. Just following up here(info is in your e-mail) so the list
can see it, the regular seems to work but the customer says intermediate
cert isn’t working although the
web site works fine and says it’s secure and there’s no issues with the
browsers and no errors.
Paul