Question about using SSL with Trellis. I got a SSL certificate for the site I am working on, and I have the certificate files. The issuer gave me 2 files, the certificate itself and an intermediate certificate that needs to be on the server to prevent TLS errors. I took a look at the Wiki and it says to put the paths to the certificate file and your key in the dict file for the site so the playbook will configure the SSL for me, but what do I do about the intermediate certificate? I need to make sure that’s included so the SSL works correctly. Thanks!
You need to paste the intermediate certificate content into the certificate file, just after the certificate itself.
You can test if it’s working correctly with: https://www.ssllabs.com/ssltest/
It will report if there is certificates missing in the chain of trust.
4 Likes
Just out of curiosity on this for my own process, Godaddy provides 2 certs and I only used 1 of them resulting in a B grade on the SSL check. If I combined these into the single mywebsite.com.crt. things still work?
I got from Godaddy
- my-cert1.crt
- gd_bundle-g2-g1.crt
I should be able to combine these into a single cert?
When I do a test on SSLabs I won’t still get the Chain Issue - Incomplete Additional Certificates (if supplied) warning?
Paste the content of the gd_bundle-g2-g1.crt at the end of the my-cert1.crt file. Reload your Nginx. The bundle is the chain of certificates from the Godaddy root certificate to your certificate.
1 Like
Thx, it sounded like this was the case but figured a little more clarity never hurt.