comodo 证书命名格式一般如上,
apache 证书合并
cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt >> bundle.crt
SSLEngine on
SSLCertificateFile "/ssl/STAR_originecn_com_cn.crt"
SSLCertificateKeyFile "/ssl/*your_private_key*.key"
SSLCACertificateFile "/ssl/bundle.crt"
nginx 证书的配置
cat STAR_originecn_com_cn.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/ssl/example_com/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/example_com/example_com.key;
# side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ...
}
Restart nginx.