Re: ssl setup checking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 07/10/2013 20:26, Yehuda Katz wrote:
OpenSSL supports each of the options you need (one at a time).
http://www.cyberciti.biz/faq/test-ssl-certificates-diagnosis-ssl-certificate/
Just add the server to the hosts file.

- Y
......
thanks for the above, certainly bits of my setup are OK, but now the dns has gone live and various checkers are saying that the chain is broken.

I used the instructions for GlobalSign Extended, but I'm not sure how to make use of three certs from them; ie I don't know what to do with the cross certificate. See

https://support.globalsign.com/customer/portal/articles/1223443-intermediate-certificate---extendedssl

where it says

"As an ExtendedSSL customer you must install your end entity ExtendedSSL Certificate (received by email) and both the ExtendedSSL CA - G2 Intermediate Certificate and the GlobalSign Cross Certificate to your web server."




So I have my cert the GS root cert and the intermediate cert pointed at by the apache conf like this

SSLCertificateFile /xxxx/etc/certs/myhost.com.crt
SSLCertificateKeyFile /xxxx/etc/certs/myhost.key
SSLCACertificateFile /xxxx/etc/certs/globalsign-root-ca-rc2.crt
SSLCertificateChainFile /xxxx/etc/certs/globalsign-intermediate-extended.crt


but where / how do I inject the 'cross' certificate?

--
Robin Becker

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux