Install Comodo Certificate Haproxy solved error chain issues incomplete
When we buy certificate from comodo, we will get 4 files on zip
- Root CA Certificate - AddTrustExternalCARoot.crt
- Intermediate CA Certificate - COMODORSAAddTrustCA.crt
- Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
- Your PositiveSSL Certificate - www_example_com.crt (or the subdomain you gave them)
Private key you get when you generate the csr for buy certificate from comodo
here is how to generate csr :
openssl req -new -newkey rsa:2048 -nodes -keyout example_com.key -out example_com.csr
Merge all certificate except Add Trus External, because it provided on browser by default
cat private.key www_example_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt > domain.pem
Mapping the certificate on haproxy
Run config test to make sure the certificate is valid
haproxy -c -V -f /etc/haproxy/haproxy.cfg
Before exclude add trust external certificate
After exclude add trust external certificate
Tidak ada komentar :
Posting Komentar