Welcome! Log In Create A New Profile

Re: SSL Certificate confusion.

Forum List Message List New Topic Print View

Scott Larson

October 17, 2014 01:52PM

The CA will never provide a key, if this was a simple renewal of the
existing certificate the key already in place would be the one to reuse.
One thing to note however is that SHA1 is being aggressively phased out now
due the the Google policy change with Chrome. If that matters to you,
you'll want to check that your cert chain is the new SHA256.

*__________________Scott LarsonSystems AdministratorWiredrive/LA310 823
8238 ext. 1106310 943 2078 faxwww.wiredrive.com
http://www.wiredrive.com/www.twitter.com/wiredrive
http://www.twitter.com/wiredrivewww.facebook.com/wiredrive
http://www.wiredrive.com/facebook*

On Fri, Oct 17, 2014 at 9:19 AM, Ian <ian@ianhobson.co.uk> wrote:

> Hi All,
>
> My client's SSL certificates are about to run out, and we have gone
> through the process of
> getting the replacements from Godaddy. However their instructions as to
> how to use them
> are useless.
>
> I expected a .crt and possibly a .key file, and I expected to simply
> replace the existing files
> with the new, and restart nginx.
>
> However I have been given two .crt files! One contains a single
> certificate and the other three certificates!
>
> Is the reason there is no .key file because that is the private key and
> would not be sent out of our control. The old will continue to work fine.
>
> Does anyone know what the group of certificates is for, and how I should I
> introduce them to nginx?
>
> Nginx is a compiled version :-
> ian@ianhobson~ $ nginx -V
> nginx version: nginx/1.6.0
> built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5)
> TLS SNI support enabled
> configure arguments: --sbin-path=/usr/sbin --conf-path=/etc/nginx/nginx.conf
> --pid-path=/usr/local/nginx/nginx.pid --with-http_ssl_module
> --add-module=../nginx_tcp_proxy_module_v0.4.5 --add-module=../nginx_http_
> push_module-0.712
>
> Many thanks
>
> Ian
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
SSL Certificate confusion.	hobson42	October 17, 2014 12:20PM
Re: SSL Certificate confusion.	Maxim Dounin	October 17, 2014 12:36PM
Re: SSL Certificate confusion.	Scott Larson	October 17, 2014 01:52PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 284

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018