RapidSSL nginx Certificate issuer is me

Question

I have baught the SSL certificate from RapidSSL. I have concatenated the chain files of RapidSSL CA and GeoTrust Global CA But when I check it on http://www.sslshopper.com/ I have this :

The certificate is self-signed. Users will receive a warning when accessing this site unless the certificate is manually added as a trusted certificate to their web browser. You can fix this error by buying a trusted SSL certificate

Nginx configuration :

server {
    listen 443;
    server_name domain.com www.domain.com;

    root /usr/share/nginx/www/domain.com;
    index index.php;

    ssl on;
    ssl_certificate /usr/share/nginx/www/domain.com/domain.com.crt;
    ssl_client_certificate /etc/nginx/www/domain.com.ca;
    ssl_certificate_key /etc/ssl/private/domain.com.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
    ssl_prefer_server_ciphers on;

    location / {
        try_files $uri $uri/ =404;
    }

Please Help me

score 0 · Answer 1 · answered Oct 15 '13 at 05:41

0

are you sure you want to use ssl_client_certificate?

the usual way to use multiple ssl-certs in a chain in nginx is to use the right order (server-cert FIRST): cat domain.com.crt rapidssl.ca geotrust.ca > domain.cert.combined and the use

ssl_certificate /usr/share/nginx/www/domain.com/domain.cert.combined

;

answered Oct 15 '13 at 05:41

that guy from over there

1,355
10
11

that file was empty anyway, removing it doesn't add anything – Aymane Shuichi Oct 15 '13 at 11:28

RapidSSL nginx Certificate issuer is me

1 Answers1