On 07/10/2013 20:26, Yehuda Katz wrote:
OpenSSL supports each of the options you need (one at a time).
http://www.cyberciti.biz/faq/test-ssl-certificates-diagnosis-ssl-certificate/
Just add the server to the hosts file.
- Y
......
thanks for the above, certainly bits of my setup are OK, but now the dns has
gone live and various checkers are saying that the chain is broken.
I used the instructions for GlobalSign Extended, but I'm not sure how to make
use of three certs from them; ie I don't know what to do with the cross
certificate. See
https://support.globalsign.com/customer/portal/articles/1223443-intermediate-certificate---extendedssl
where it says
"As an ExtendedSSL customer you must install your end entity ExtendedSSL
Certificate (received by email) and both the ExtendedSSL CA - G2 Intermediate
Certificate and the GlobalSign Cross Certificate to your web server."
So I have my cert the GS root cert and the intermediate cert pointed at by the
apache conf like this
SSLCertificateFile /xxxx/etc/certs/myhost.com.crt
SSLCertificateKeyFile /xxxx/etc/certs/myhost.key
SSLCACertificateFile /xxxx/etc/certs/globalsign-root-ca-rc2.crt
SSLCertificateChainFile /xxxx/etc/certs/globalsign-intermediate-extended.crt
but where / how do I inject the 'cross' certificate?
--
Robin Becker
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
