Welcome! Log In Create A New Profile

Advanced

Re: Multi certificate support returns Letsencrypt Intermediate Certificate twice

Maxim Dounin
May 31, 2016 09:20AM
Hello!

On Tue, May 31, 2016 at 07:12:20AM -0400, mastercan wrote:

> Hello folks,
>
> I have the following setup:
> Nginx 1.11.0
> Libressl 2.3.4
>
> 1 Letsencrypt RSA 2048 certificate
> 1 Letsencrypt ECDSA p256 certificate
>
> The certificate files are both chained. Both have the Letsencrypt RSA 2048
> X3 intermediate certificate at the end of the file.
>
> The problem is:
> Nginx returns this intermediate certificate twice when connecting via https.
> Regardless whether you connect via RSA client or ECDSA client.
>
> Is this a bug? Or a configuration issue?

Only OpenSSL 1.0.2 and higher support separate chains for
different certificates. With older versions (including LibreSSL)
there is only one chain for all certificates, and all chained
certificates will be added to it. That is, if chains are the same
you have to leave only one of them.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Multi certificate support returns Letsencrypt Intermediate Certificate twice

mastercan May 31, 2016 07:12AM

Re: Multi certificate support returns Letsencrypt Intermediate Certificate twice

Maxim Dounin May 31, 2016 09:20AM

Re: Multi certificate support returns Letsencrypt Intermediate Certificate twice

mastercan May 31, 2016 11:03AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 103
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready