Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For Nginx web server it is recommended to have server certificate and intermediate certificates bundled in file configured by "ssl_certificate" directive:
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificateThis is recommended setup verified by users

Example of setting of correct certificate path in nginx files:

Code Block
# Example of configuring recommended path to complete chain
grep 'ssl_certificate /' /etc/nginx/sites-available/*
sed -i 's#ssl_certificate /.*#ssl_certificate /data/ssl/chain.crt#' /etc/nginx/sites-available/*

grep 'ssl_certificate /' /etc/nginx/sites-available/*

This is recommended setup verified by users:

Code Block
# Preparing hook:
mkdir -p /data/ssl/hooks/
touch /data/ssl/hooks/nginx.sh
chmod +x /data/ssl/hooks/nginx.sh
echo "'#!/bin/sh
cat /data/ssl/server.crt > /data/ssl/chain.crt
cat /data/ssl/ca-bundle.crt >> /data/ssl/chain.crt
systemctl restart nginx
"' > /data/ssl/hooks/nginx.sh
cat /data/ssl/hooks/nginx.sh

 # Finally executing the hook to verify that it works
/data/ssl/hooks/nginx.sh

...