some (nginx) SSL Questions

Discussion in 'Server Operation' started by avalox, Feb 28, 2011.

  1. avalox

    avalox New Member

    Hi,

    my name is Sebastian, i am from Germany and i am new on howtoforge.com.

    I now would like to ask for some help.

    Some of my friends gave me a new SSL Cert for his Domain.

    The are 4 files in the Archive he gave me:

    UTNaddTrustServerCA.crt
    AddtrustExternalCARoot.crt
    domain.crt
    domain.key

    normaly i only have 2 files. The Cert and the Key file. Is it possible to merge the 3 crt files into 1 file to use it in my nginx Loadbalancer?

    I tried to just copy / paste all 3 files into one, but that gave me an nginx error:

    [emerg]: SSL_CTX_use_PrivateKey_file("/etc/nginx/ssl/domain.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)

    Second question:

    let us say i have one virtual host with servername = test.example.com and serveralias = bla.example.com. Is it possible to configure one ssl cert for test.example.com and different one for bla.example.com in one virtual host?

    i would say no.

    Thanks and best regards
    Sebastian
     
  2. falko

    falko Super Moderator

    Generally yes. There's an example on http://nginx.groups.wuyasea.com/articles/how-to-setup-godaddy-ssl-certificate-on-nginx/2

    The problem is that you need one IP address per SSL vhost, so you cannot do this in one virtual host.
     
  3. avalox

    avalox New Member

    thanks for your answer. i will try it.

    best regards
     

Share This Page