Selasa, 15 Mei 2018

Install Comodo Certificate Haproxy solved error chain issues incomplete

  Tidak ada komentar
Install Comodo Certificate Haproxy solved error chain issues incomplete contain anchor

When we buy certificate from comodo, we will get 4 files on zip
  • Root CA Certificate - AddTrustExternalCARoot.crt
  • Intermediate CA Certificate - COMODORSAAddTrustCA.crt
  • Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
  • Your PositiveSSL Certificate - www_example_com.crt (or the subdomain you gave them)
Private key you get when you generate the csr for buy certificate from comodo
here is how to generate csr :

openssl req -new -newkey rsa:2048 -nodes -keyout example_com.key -out example_com.csr

Merge all certificate except Add Trus External, because it provided on browser by default

cat private.key www_example_com.crt COMODORSADomainValidationSecureServerCA.crt  COMODORSAAddTrustCA.crt  > domain.pem

Mapping the certificate on haproxy 

Run config test to make sure the certificate is valid

haproxy -c -V -f /etc/haproxy/haproxy.cfg



Before exclude add trust external certificate

After exclude add trust external certificate

Tidak ada komentar :

Posting Komentar