httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robin Becker <>
Subject Re: [users@httpd] ssl setup checking
Date Wed, 09 Oct 2013 11:41:56 GMT
On 07/10/2013 20:26, Yehuda Katz wrote:
> OpenSSL supports each of the options you need (one at a time).
> Just add the server to the hosts file.
> - Y
thanks for the above, certainly bits of my setup are OK, but now the dns has 
gone live and various checkers are saying that the chain is broken.

I used the instructions for GlobalSign Extended, but I'm not sure how to make 
use of three certs from them; ie I don't know what to do with the cross 
certificate. See

where it says

"As an ExtendedSSL customer you must install your end entity ExtendedSSL 
Certificate (received by email) and both the ExtendedSSL CA - G2 Intermediate 
Certificate and the GlobalSign Cross Certificate to your web server."

So I have my cert the GS root cert and the intermediate cert pointed at by the 
apache conf like this

> SSLCertificateFile /xxxx/etc/certs/
> SSLCertificateKeyFile /xxxx/etc/certs/myhost.key
> SSLCACertificateFile /xxxx/etc/certs/globalsign-root-ca-rc2.crt
> SSLCertificateChainFile /xxxx/etc/certs/globalsign-intermediate-extended.crt

but where / how do I inject the 'cross' certificate?

Robin Becker

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message